Change log for ubuntu-core-launcher package in Ubuntu
1 → 35 of 35 results | First • Previous • Next • Last |
Deleted in yakkety-proposed (Reason: (From Debian) [auto-cruft] obsolete source package) |
ubuntu-core-launcher (1.0.30ubuntu1) yakkety; urgency=medium * Fix the Breaks/Replaces, to stop this wreaking havoc on autopkgtest testbed upgrades. -- Martin Pitt <email address hidden> Wed, 22 Jun 2016 23:35:33 +0200
Available diffs
- diff from 1.0.30 to 1.0.30ubuntu1 (595 bytes)
ubuntu-core-launcher (1.0.30) yakkety; urgency=medium [ Zygmunt Krynicki ] * Rename the package and everything else from ubuntu-core-launcher to snap-confine * Allow for graceful migrations from ubuntu-core-launcher to snap-confine by providing both commands as binary packages, with proper dependencies and post-installation scripts that manage apparmor profile changes. * Discard the useless duplicate argument. Now snap-confine is invoked with 'snap-name $SECURITY_TAG $COMMAND...'. Previously, security tag was duplicated. In the future this will change once again, so that security tag is derived from an argument containing $SNAP_NAME and $APP_NAME. * Clean up tests so that shellcheck reports no more errors or warnings * Ensure that shellcheck reports no errors on each build * Add #DEBHELPER# to maintainer scripts (thanks to lintian) * Switch to autotools, build-depend on pkg-config, autotools-dev, autoconf and automake (thanks to ogra for the missing bits). * Use "dh $@ --with autoreconf" to prepare the build system. * Change unreleased version back to 1.0.x after discussion with Michael Vogt. * Don't mark ubuntu-core-launcher as transitional (it isn't yet). * Move rm_conffile to ubuntu-core-launcher.maintscript, remove the now-empty postrm and preinst scripts. * Enable hardening options for snap-confine * Build-depend on udev, use udevlibdir instead of hardcoding /lib/udev * Rename executable to snap-confine, to fit the new execution model. * Update Vcs-Git pointer to point to https://github.com/snapcore/snap-confine * Make ubuntu-core-launcher a symlink to snap-confine * Bump version to 1.0.30 * SRU for Ubuntu (LP: #1593396) [ Steve Langasek ] * Update Standards-Version. * Add lintian override for suid binary. [ Jamie Strandboge ] * debian/usr.bin.snap-confine: allow access to ecryptfs lower files (LP: #1574556, LP: #1592696) * chdir() to '/' before setting up private /tmp so private /tmp works when user is in /tmp (LP: #1592402) -- Michael Vogt <email address hidden> Fri, 17 Jun 2016 09:03:32 +0200
Available diffs
- diff from 1.0.29+2 (in Debian) to 1.0.30 (138.0 KiB)
Deleted in yakkety-release (Reason: Superseded by snap-confine) |
Deleted in yakkety-proposed (Reason: moved to release) |
ubuntu-core-launcher (1.0.29+1ubuntu1) yakkety; urgency=medium * debian/usr.bin.ubuntu-core-launcher: add a couple more workaround rules for ecryptfs (LP: #1592696) -- Jamie Strandboge <email address hidden> Thu, 16 Jun 2016 09:02:53 +0300
Available diffs
ubuntu-core-launcher (1.0.29+2) unstable; urgency=medium [ Zygmunt Krynicki ] * Rename the package and everything else from ubuntu-core-launcher to snap-run * Allow for graceful migrations from ubuntu-core-launcher to snap-run by providing both commands as binary packages, with proper dependencies and post-installation scripts that manage apparmor profile changes. * Discard the useless duplicate argument. Now snap-run is invoked with 'snap-name $SECURITY_TAG $COMMAND...'. Previously, security tag was duplicated. In the future this will change once again, so that security tag is derived from an argument containing $SNAP_NAME and $APP_NAME. * Clean up tests so that shellcheck reports no more errors or warnings * Ensure that shellcheck reports no errors on each build * Add #DEBHELPER# to maintainer scripts (thanks to lintian) * Switch to autotools, build-depend on pkg-config, autotools-dev, autoconf and automake (thanks to ogra for the missing bits). * Use "dh $@ --with autoreconf" to prepare the build system. * Rename executable to snap-confine, to fit the new execution model. [ Steve Langasek ] * Update Standards-Version. * Add lintian override for suid binary. [ Zygmunt Krynicki ] * Change unreleased version back to 1.0.x after discussion with Michael Vogt. * Don't mark ubuntu-core-launcher as transitional (it isn't yet). * Move rm_conffile to ubuntu-core-launcher.maintscript, remove the now-empty postrm and preinst scripts. * Enable hardening options for snap-confine * Build-depend on udev, use udevlibdir instead of hardcoding /lib/udev [ Steve Langasek ] * Don't call --enable-rootfs-is-core-snap on Debian. * Build with --disable-confinement for Debian, since Debian apparmor support doesn't meet snap requirements. * Revert package rename temporarily, to avoid a NEW roundtrip in Debian. * Don't ignore errors from maintainer script. -- Steve Langasek <email address hidden> Mon, 13 Jun 2016 22:11:07 +0000
Available diffs
- diff from 1.0.29+1 to 1.0.29+2 (26.1 KiB)
ubuntu-core-launcher (1.0.29+1) unstable; urgency=medium * Initial Debian upload. * Update Standards-Version. * Adjust package description; this is not just for running apps on Ubuntu systems. * Add several lintian overrides. * Include dpkg-buildflags CPPFLAGS, not just CFLAGS, to get libc fortify support. * Update Vcs-Bzr for this source's branch. -- Steve Langasek <email address hidden> Sun, 22 May 2016 06:15:24 +0000
Available diffs
- diff from 1.0.29 (in Ubuntu) to 1.0.29+1 (1.1 KiB)
ubuntu-core-launcher (1.0.29) yakkety; urgency=medium * debian/usr.bin.ubuntu-core-launcher: add workaround rules for ecryptfs until the upcoming kernel fix lands everywhere (LP: #1574556) -- Jamie Strandboge <email address hidden> Tue, 10 May 2016 12:10:35 -0500
Available diffs
- diff from 1.0.28 to 1.0.29 (699 bytes)
ubuntu-core-launcher (1.0.28) yakkety; urgency=medium * SECURITY UPDATE: delayed attack snap data theft and privilege escalation when using Snappy on traditional Ubuntu (classic) systems (LP: #1576699) - src/main.c: remove glob code and hardcode /snap/ubuntu-core/current instead. The glob code both used an improper glob and performed an incorrect check due to a typo which allowed a snap named ubuntu-core-... to be bind mounted into application runtimes instead of the ubuntu-core OS snap. Ubuntu Core removed .<origin> and .sideload from the SNAP path so the glob can simply be dropped. - CVE-2016-1580 * debian/usr.bin.ubuntu-core-launcher: - only allow mounting /snap/ubuntu-core/*/... to safeguard against this in the future - add lib32 and libx32 to match setup_snappy_os_mounts() -- Jamie Strandboge <email address hidden> Fri, 29 Apr 2016 11:17:42 -0500
Available diffs
- diff from 1.0.27 to 1.0.28 (1.4 KiB)
ubuntu-core-launcher (1.0.27.1) xenial-security; urgency=medium * SECURITY UPDATE: delayed attack snap data theft and privilege escalation when using Snappy on traditional Ubuntu (classic) systems (LP: #1576699) - src/main.c: remove glob code and hardcode /snap/ubuntu-core/current instead. The glob code both used an improper glob and performed an incorrect check due to a typo which allowed a snap named ubuntu-core-... to be bind mounted into application runtimes instead of the ubuntu-core OS snap. Ubuntu Core removed .<origin> and .sideload from the SNAP path so the glob can simply be dropped. - CVE-2016-1580 * debian/usr.bin.ubuntu-core-launcher: - only allow mounting /snap/ubuntu-core/*/... to safeguard against this in the future - add lib32 and libx32 to match setup_snappy_os_mounts() -- Jamie Strandboge <email address hidden> Fri, 29 Apr 2016 10:06:19 -0500
Available diffs
- diff from 1.0.27 (in Ubuntu) to 1.0.27.1 (1.4 KiB)
Superseded in yakkety-release |
Published in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
ubuntu-core-launcher (1.0.27) xenial; urgency=medium * src/main.c: - don't prepend snap. or snap_ since snapd is doing that for us now (LP: #1571048) - make whitelist_re strictly follow the 16.04 specification and adjust testsuite accordingly * debian/usr.bin.ubuntu-core-launcher: add locale and gconv reads for tr
Available diffs
- diff from 1.0.25.1 to 1.0.27 (2.4 KiB)
ubuntu-core-launcher (1.0.25.1) xenial; urgency=medium * check for both src and dst mount points when doing the ubuntu-core overlay mounts (LP: #1570712) -- Michael Vogt <email address hidden> Fri, 15 Apr 2016 08:43:03 +0200
Available diffs
- diff from 1.0.25 to 1.0.25.1 (751 bytes)
ubuntu-core-launcher (1.0.25) xenial; urgency=medium * update cgroup handling for 16.04 (LP: #1564401): - debian/usr.bin.ubuntu-core-launcher: + allow creating cgroups with snap.* + allow ixr of 'tr' + remove access to /var/lib/apparmor/clicks/ - update README to more fully explain the cgroups implementation - src/80-snappy-assign.rules: append an app-specific tag instead of adding a generic tag and snap-specific property - src/snappy-app-dev: convert the new tag to the directory name - src/main.c: + refactor and simplify control flow to query udev for device assignment instead of searching apparmor policy for a specific string + adjust udev query for app-specific tag + raise real_uid after fork() before calling /lib/udev/snappy-app-dev so non-root app launches work with the device cgroup
Available diffs
- diff from 1.0.23 to 1.0.25 (6.3 KiB)
ubuntu-core-launcher (1.0.24) xenial; urgency=medium [ Michael Vogt ] * ignore non-existing dirs when doing the overlay mount * add /lib32, /libx32 to the overlay mounts [ Jamie Strandboge ] * add back the use of /usr from the ubuntu-core snap instead of the host system (LP: #1570581) * implement @complain as a synonym for @unrestricted since snappy will use @complain to toggle developer mode. This allows snaps to work in developer mode while seccomp logging is being developed (LP: #1570578) -- Jamie Strandboge <email address hidden> Thu, 14 Apr 2016 15:51:20 -0500
Available diffs
- diff from 1.0.23 to 1.0.24 (2.0 KiB)
ubuntu-core-launcher (1.0.23) xenial; urgency=medium [ Jamie Strandboge ] * update README for devpts * add README.syscalls * src/seccomp.c: various cleanups from security team audit (also add additional tests) * don't support obsoleted SNAP_APP_TMPDIR and SNAP_APP_USER_DATA_PATH * preprocess the seccomp file for '@' directives [ Michael Vogt ] * update paths /snaps -> /snap * update seccomp dir to /var/lib/snapd/seccomp/profiles/ -- Michael Vogt <email address hidden> Tue, 12 Apr 2016 01:10:11 +0200
Available diffs
- diff from 1.0.22 to 1.0.23 (9.0 KiB)
ubuntu-core-launcher (1.0.22) xenial; urgency=medium * debian/usr.bin.ubuntu-core-launcher: update unconfined change_profile checks to actually work (LP: #1562989)
Available diffs
- diff from 1.0.20 to 1.0.22 (10.9 KiB)
ubuntu-core-launcher (1.0.20) xenial; urgency=medium * don't set NO_NEW_PRIVS. This requires changing privilege dropping since CAP_SYS_ADMIN is needed with seccomp_load(). This means temporarily dropping until seccomp_load(), then raising before and permanently dropping after the filter is applied. As a result, setuid/setgid is required in all policy (but is still mediated by AppArmor) - LP: #1560211 -- Jamie Strandboge <email address hidden> Mon, 21 Mar 2016 15:24:33 -0500
Available diffs
- diff from 1.0.19 to 1.0.20 (2.1 KiB)
ubuntu-core-launcher (1.0.19) xenial; urgency=medium [Michael Vogt] * remove obsolete prefix check [ Jamie Strandboge ] * src/main.c: don't set the obsoleted SNAPP_APP_TMPDIR (LP: #1550405) -- Michael Vogt <email address hidden> Wed, 09 Mar 2016 08:41:47 +0100
Available diffs
- diff from 1.0.18 to 1.0.19 (818 bytes)
Superseded in xenial-release |
Superseded in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
ubuntu-core-launcher (1.0.18) xenial; urgency=medium * re-enable running all tests on `make` -- Michael Vogt <email address hidden> Thu, 25 Feb 2016 16:01:51 +0100
Available diffs
- diff from 1.0.17 to 1.0.18 (446 bytes)
ubuntu-core-launcher (1.0.17) xenial; urgency=medium * debian/usr.bin.ubuntu-core-launcher: add directory reads needed for creating directories for SNAP_USER_DATA. Also add accesses for shared memory directories for when they are supported. (LP: #1545786) -- Jamie Strandboge <email address hidden> Tue, 16 Feb 2016 11:34:35 -0600
Available diffs
- diff from 1.0.14 to 1.0.17 (5.0 KiB)
- diff from 1.0.16 to 1.0.17 (766 bytes)
ubuntu-core-launcher (1.0.16) xenial; urgency=medium [ Kyle Fazzari ] * Add creation of user data directory. Previously this was only handled within Snappy's binary wrappers, which meant that it wasn't created for services. (LP: #1527612) -- Jamie Strandboge <email address hidden> Wed, 10 Feb 2016 11:35:29 -0600
Available diffs
- diff from 1.0.15 to 1.0.16 (4.0 KiB)
ubuntu-core-launcher (1.0.15) xenial; urgency=medium * fully transition to /snaps as the snap location -- Michael Vogt <email address hidden> Tue, 26 Jan 2016 16:06:10 +0100
Available diffs
- diff from 1.0.14 to 1.0.15 (1.3 KiB)
ubuntu-core-launcher (1.0.14) xenial; urgency=medium * remove unused is_mountpoint() function (thanks Tyler!) * do the mount namespace and MS_REC/MS_SLAVE earlier to avoid that the real /tmp is bind mounted in the main mount namespace (this will also prevent automount daemons from running under the ubuntu-core-launcher) -- Michael Vogt <email address hidden> Thu, 03 Dec 2015 08:12:30 +0100
Available diffs
- diff from 1.0.13 to 1.0.14 (1.6 KiB)
ubuntu-core-launcher (1.0.13) xenial; urgency=medium * fix build failure on 32 bit arches -- Michael Vogt <email address hidden> Tue, 01 Dec 2015 16:41:20 +0100
Available diffs
- diff from 1.0.10 to 1.0.13 (2.1 KiB)
- diff from 1.0.12 to 1.0.13 (495 bytes)
ubuntu-core-launcher (1.0.12) xenial; urgency=medium * update usr.bin.ubuntu-core-launcher apparmor profile for classic environment changes -- Michael Vogt <email address hidden> Tue, 01 Dec 2015 15:28:00 +0100
Available diffs
- diff from 1.0.11 to 1.0.12 (532 bytes)
ubuntu-core-launcher (1.0.11) xenial; urgency=medium * fix running in classic environment -- Michael Vogt <email address hidden> Mon, 30 Nov 2015 16:56:48 +0100
Available diffs
- diff from 1.0.10 to 1.0.11 (1.8 KiB)
ubuntu-core-launcher (1.0.10) xenial; urgency=medium * debian/usr.bin.ubuntu-core-launcher: - use attach_disconnected (LP: #1471862) - also allow 'mr' for /lib/@{multiarch}/ld-*.so -- Jamie Strandboge <email address hidden> Tue, 27 Oct 2015 08:24:00 -0500
Available diffs
- diff from 1.0.9 to 1.0.10 (665 bytes)
Superseded in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
ubuntu-core-launcher (1.0.9) wily; urgency=medium * debian/usr.bin.ubuntu-core-launcher: add rw for /dev/null, /dev/full and /dev/zero -- Jamie Strandboge <email address hidden> Wed, 19 Aug 2015 08:16:53 -0500
Available diffs
- diff from 1.0.8 to 1.0.9 (484 bytes)
ubuntu-core-launcher (1.0.8) wily; urgency=medium [ John Lenton ] * add libgcc_s to the apparmor profile, for 32 bit platforms. LP: #1470210. -- Michael Vogt <email address hidden> Thu, 02 Jul 2015 09:42:26 +0200
Available diffs
- diff from 1.0.7 to 1.0.8 (489 bytes)
ubuntu-core-launcher (1.0.7) wily; urgency=medium * debian/usr.bin.ubuntu-core-launcher: - libseccomp.so moved to /lib (LP: #1466311) -- Michael Vogt <email address hidden> Thu, 18 Jun 2015 17:23:43 +0200
Available diffs
- diff from 1.0.6 to 1.0.7 (462 bytes)
ubuntu-core-launcher (1.0.6) wily; urgency=low [ Michael Vogt ] * add librt.so to apparmor profile [ John Lenton ] * lp:~chipaca/ubuntu-core-launcher/drop-spurious-newlines: - fix spurious newlines -- Michael Vogt <email address hidden> Thu, 11 Jun 2015 16:46:20 +0200
Available diffs
- diff from 1.0.5 to 1.0.6 (1.0 KiB)
ubuntu-core-launcher (1.0.5) wily; urgency=low * simplify TMPDIR handling by providing a private /tmp for each snap and set TMPDIR, TEMPDIR, SNAP_APP_TMPDIR, SNAPP_APP_TMPDIR to it -- Michael Vogt <email address hidden> Mon, 08 Jun 2015 10:41:07 +0200
Available diffs
- diff from 1.0.4 to 1.0.5 (2.0 KiB)
ubuntu-core-launcher (1.0.4) wily; urgency=medium * Allow writing to all forms of TMPDIR (LP: #1460517) -- Sergio Schvezov <email address hidden> Fri, 05 Jun 2015 13:45:35 -0300
Available diffs
- diff from 1.0.3 to 1.0.4 (502 bytes)
ubuntu-core-launcher (1.0.3) wily; urgency=low [ Michael Terry ] * lp:~mterry/ubuntu-core-launcher/tmpdir: - Fix propagation of TMPDIR from the launcher to the command being run LP: #1457183 * lp:~mterry/ubuntu-core-launcher/fix-tests: - re-enable tests -- Michael Vogt <email address hidden> Thu, 04 Jun 2015 23:36:04 +0200
Available diffs
- diff from 1.0.2 to 1.0.3 (1.6 KiB)
ubuntu-core-launcher (1.0.2) wily; urgency=low [ John Lenton ] * lp:~chipaca/ubuntu-core-launcher/unshare: - Set up a private mount namespace for /tmp. * lp:~chipaca/ubuntu-core-launcher/mktmpdir: - Make a best-effort attempt at creating the old TMPDIR. [ Sergio Schvezov ] * Allow executing from /frameworks. -- Michael Vogt <email address hidden> Mon, 01 Jun 2015 08:17:40 +0200
Available diffs
- diff from 1.0.1 to 1.0.2 (3.0 KiB)
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
ubuntu-core-launcher (1.0.1) vivid; urgency=low * fix typo in udev rule * add COPYING/copyright headers * fix incorrect Vcs-Bzr link -- Michael Vogt <email address hidden> Thu, 23 Apr 2015 16:08:26 +0200
Available diffs
- diff from 1.0 to 1.0.1 (13.2 KiB)
ubuntu-core-launcher (1.0) vivid; urgency=low * 15.04 upload to the archive -- Michael Vogt <email address hidden> Thu, 23 Apr 2015 11:05:01 +0200
1 → 35 of 35 results | First • Previous • Next • Last |