Hello community,
here is the log from the commit of package apparmor-profiles
checked in at Fri Nov 17 02:02:07 CET 2006.
--------
--- apparmor-profiles/apparmor-profiles.changes 2006-11-15 00:18:35.000000000 +0100
+++ /mounts/work_src_done/NOARCH/apparmor-profiles/apparmor-profiles.changes 2006-11-17 01:44:27.000000000 +0100
@@ -1,0 +2,7 @@
+Fri Nov 17 01:43:08 CET 2006 - srarnold@suse.de
+
+- Bug 221567 - apparmor causes kernel lockup if there is any audit backlog
+ - remove netstat profile as it will trigger this bug easily
+- Bug 221111 - ntpd needs access to /proc/net/if_inet6
+
+-------------------------------------------------------------------
Old:
----
apparmor-profiles-2.0.1-233.tar.gz
New:
----
apparmor-profiles-2.0.1-240.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apparmor-profiles.spec ++++++
--- /var/tmp/diff_new_pack.a70AWn/_old 2006-11-17 02:01:55.000000000 +0100
+++ /var/tmp/diff_new_pack.a70AWn/_new 2006-11-17 02:01:55.000000000 +0100
@@ -16,9 +16,9 @@
%endif
Summary: AppArmor profiles that are loaded into the apparmor kernel module
Version: 2.0.1
-Release: 5
+Release: 7
Group: Productivity/Security
-Source0: %{name}-%{version}-233.tar.gz
+Source0: %{name}-%{version}-240.tar.gz
License: GNU General Public License (GPL), Other License(s), see package
BuildRoot: %{_tmppath}/%{name}-%{version}-build
URL: http://forge.novell.com/modules/xfmod/project/?apparmor
@@ -77,6 +77,10 @@
%preun
%changelog -n apparmor-profiles
+* Fri Nov 17 2006 - srarnold@suse.de
+- Bug 221567 - apparmor causes kernel lockup if there is any audit backlog
+ - remove netstat profile as it will trigger this bug easily
+- Bug 221111 - ntpd needs access to /proc/net/if_inet6
* Mon Nov 13 2006 - srarnold@suse.de
- Bug 219583 - rejecting w access for syslog-ng
add /var/lib/*/dev/log access for chroot'd applications
++++++ apparmor-profiles-2.0.1-233.tar.gz -> apparmor-profiles-2.0.1-240.tar.gz ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.0.1/common/Make-po.rules new/apparmor-profiles-2.0.1/common/Make-po.rules
--- old/apparmor-profiles-2.0.1/common/Make-po.rules 2006-11-04 22:34:47.000000000 +0100
+++ new/apparmor-profiles-2.0.1/common/Make-po.rules 2006-11-15 10:22:15.000000000 +0100
@@ -1,4 +1,4 @@
-# $Id: Make-po.rules 199 2006-11-04 21:34:47Z steve-beattie $
+# $Id: Make-po.rules 238 2006-11-15 09:22:15Z steve-beattie $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
@@ -20,7 +20,8 @@
# pass in the list of sources in the SOURCES variable
PARENT_SOURCES=$(foreach source, ${SOURCES}, ../${source})
-TARGET_MOS=$(foreach lang, ${LANGS}, ${lang}.mo)
+LANGS=$(patsubst %.po, %, $(wildcard *.po))
+TARGET_MOS=$(foreach lang, $(filter-out $(DISABLED_LANGS),$(LANGS)), ${lang}.mo)
.PHONY: all
all: ${TARGET_MOS}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.0.1/enabled/bin.netstat new/apparmor-profiles-2.0.1/enabled/bin.netstat
--- old/apparmor-profiles-2.0.1/enabled/bin.netstat 2006-08-04 21:13:59.000000000 +0200
+++ new/apparmor-profiles-2.0.1/enabled/bin.netstat 1970-01-01 01:00:00.000000000 +0100
@@ -1,33 +0,0 @@
-# $Id: bin.netstat 90 2006-08-04 19:13:59Z seth_arnold $
-# vim:syntax=apparmor
-# ------------------------------------------------------------------
-#
-# Copyright (C) 2002-2005 Novell/SUSE
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of version 2 of the GNU General Public
-# License published by the Free Software Foundation.
-#
-# ------------------------------------------------------------------
-# evolution, amongst other things, calls this program. I didn't want to
-# give evolution access to significant chunks of /proc
-#
-
-#include