AppArmor versions

From AppArmor

Jump to: navigation, search

Contents

Released Versions of AppArmor

AppArmor 2.9.1

  • Release Date: 2014-12-15
  • Shipped in:
  • Kernels supported: 3.3 and upwards
  • Release Notes
  • Development target: bug fix only release over 2.9.1

AppArmor 2.9.0

  • Release Date: 2014-10-17
  • Shipped in:
  • Kernels supported: 3.3 and upwards
  • Release Notes
  • Development target: support dbus, unix abstract sockets, ptrace mediation, new python tools

AppArmor 2.8.4

  • Release Date: 2014-10-13
  • Shipped in:
  • Kernels supported: 3.3 and upwards
  • Release Notes
  • Development target: bug fix only release over 2.8.3, add mod_apparmor regression

AppArmor 2.8.3

  • Release Date: 2014-02-16
  • Shipped in:
  • Kernels supported: 3.3 through 3.6
  • Features and Release Notes
  • Development target: bug fix only release over 2.8.2, new apparmor_parser --create-cache-dir command line option


AppArmor 2.8.2

  • Release Date: 2013-08-16
  • Shipped in:
  • Kernels supported: 3.3 through 3.6
  • Features and Release Notes
  • Development target: bug fix only release over 2.8.1


AppArmor 2.8.1

  • Release Date: 2013-01-09
  • Shipped in:
  • Kernels supported: 3.3 through 3.6
  • Features and Release Notes
  • Development target: bug fix only release over 2.8.0

AppArmor 2.8.0

  • Release Date: 2012-05-31
  • Shipped in: Ubuntu 12.10, openSUSE 12.2
  • Kernels supported: 3.3, 3.4
  • Features and Release Notes
  • Development target: incremental improvement over AppArmor 2.7.x, with more code cleanups and bug fixes to the userspace tools. Mount rules, and the start of a new introspection interface in the kernel.

AppArmor 2.7.2

  • Release Date: 2012-01-31
  • Shipped in: Ubuntu 11.10 (Oneiric Ocelot)
  • Kernels supported: 2.6.35 2.6.36 2.6.37 2.6.38 2.6.39 3.0 3.1 3.2
  • Features and Release Notes
  • Development target - Bug Fix release to 2.7.0

AppArmor 2.7.1

  • Not released due to a problem with the generated tarball, superceded by 2.7.2

AppArmor 2.7.0

  • Release Date: 2011-12-15
  • Shipped in: Ubuntu 11.10 (Oneiric Ocelot)
  • Kernels supported: 2.6.35 2.6.36 2.6.37 2.6.38 2.6.39 3.0 3.1 3.2
  • Features and Release Notes
  • Development target - this is an incremental improvement over AppArmor 2.6.x, with more code cleanups and bug fixes to the userspace tools.

AppArmor 2.6.1

  • Release Date: Mar 24, 2011
  • Shipped in: Ubuntu 11.04 (Natty Narwhal)
  • Kernels supported: 2.6.31 (patched), 2.6.32 (patched), 2.6.33 - 2.6.38
  • Release Notes
  • Development target: this is a bug fix release of AppArmor 2.6 with bug fixes and minor improvements to userspace.

AppArmor 2.6.0

  • Release Date: Feb 24. 2011
  • Shipped in: Ubuntu 11.04 (Natty Narwhal)
  • Kernels supported: 2.6.31 (patched), 2.6.32 (patched), 2.6.33 - 2.6.38
  • Features and Release Notes
  • Development target: this is an incremental improvement over AppArmor 2.5.x, with some more invasive cleanups to the userspace tools.

AppArmor 2.5.2

  • Release Date: Mar 7, 2011
  • Shipped in:
  • Kernels supported: 2.6.31 (patched), 2.6.32 (patched), 2.6.33 - 2.6.38
  • Release Notes
  • Development target: this is a bug fix release of AppArmor 2.5 with Kernel module upstreaming changes, bug fixes and minor improvements to userspace.

AppArmor 2.5.1

  • Release Date: Sep 21, 2010
  • Shipped in: Ubuntu 10.10 (Maverick Meerkat)
  • Kernels supported: 2.6.31 (patched), 2.6.32 (patched), 2.6.33 - 2.6.37
  • Release Notes
  • Development target - this is a bug fix release of AppArmor 2.5 with Kernel module upstreaming changes, bug fixes and minor improvements to userspace

AppArmor 2.5

  • Release Date: May 1, 2010
  • Shipped in: Ubuntu 10.04 (Lucid Lynx)
  • Kernels supported: 2.6.31 (patched), 2.6.32 (patched), 2.6.33
  • Features and Release Notes
  • Development target - this will be a slightly updated version of AppArmor 2.4 with Kernel module upstreaming changes, bug fixes and improvements in the parser dfa generation

AppArmor 2.4

  • Release Date: Feb 1, 2010 (generic tarballs made available)
  • Shipped in: opensuse 11.2, Ubuntu 9.10 (Karmic Koala)
  • Kernels supported: 2.6.31, 2.6.32
  • Features and Release Notes

In this version of AppArmor development of new features was largely halted and the kernel module was rewritten to use the new path_permission hooks provided by the LSM. This necessitated some changes to user space as well and some features were lost.

  • Features added
    • Profile names can now contain regular expressions allowing all profile to match against multiple binaries.
    • pux profile transitions so that x transitions can fall back to unconfined if a profile is not present
    • Better support of profile namespaces
  • Features lost
    • The ability for an unconfined process to arbitrarily set a tasks profile
    • chmod, chown mediation
    • xattr mediation

AppArmor 2.3.1

  • Release Date:
  • Shipped in: opensuse 11.1, SLES11, Ubuntu 9.04 (Jaunty Jackalope)
  • kernels supported: 2.6.27 2.6.28
  • Features and Release Notes

AppArmor 2.3

  • Release Date: June 2008
  • Shipped in: openSUSE 11.0, opensuse 11.1, Ubuntu 8.04 (Hardy Haron), Ubuntu 8.10 (Intrepid Ibex)
  • kernels supported: 2.6.24, 2.6.25
  • Features and Release Notes

AppArmor 2.3 builds incrementally one the AppArmor 2.1 release. The main thrust of its development was extending the profile and file rule features.

AppArmor 2.2

AppArmor 2.2 was purposely skipped due to versioning conflicts in the newer version of libapparmor in AppArmor 2.1, which for reasons unknown was given a version of 2.2 instead of 2.1.x

AppArmor 2.1+ (Deprecated)

AppArmor 2.1+ is based on 2.1.1 plus some of the development for 2.3. Specifically it contains kernel and parser support for profile namespaces, link pairs, and file rules conditional upon user. The tools however do not support any of these features so they are of limited use.

AppArmor 2.1 SLES10SP2 release (Deprecated)

This is a back port of AppArmor 2.1 to SLES10SP2. It has the 2.1 feature set + a modified apparmor_parser capable of loading both older 2.0/2.0.1 (pcre based) policy and the newer 2.1 (dfa based) policy.

AppArmor 2.1 (Deprecated)

  • Release Date: September 2007
    • 2.1.1 - bug fix for 2.1
    • 2.1.2 - bug fix for 2.1.1
  • Shipped in: openSUSE 10.3, Mandrivia ???
  • kernels supported: 2.6.23, 2.6.24
  • Features and Release Notes

AppArmor 2.0.1 (Deprecated)

  • shipped in: sles9, opensuse 10.1?, Ubuntu 7.10 (Gutsy Gibbon)

AppArmor 2.0 (Deprecated)

AppArmor versions prior to 2.0 exist only in the linux distro Immunix and are not covered here.

Versions of AppArmor under Development

AppArmor 2.9.2 (In development)

  • Release Date: target 2015.02.01
  • Release Manager: sbeattie
  • Shipped in:
  • Kernels supported:
  • Development target: bug fix release for 2.9.1

AppArmor 3.0

  • Futuristic roadmap version of apparmor (ie. where we would like to be now but it won't happen for a few years).
  • updated applet
  • kde based applet
  • updated audit dbus dispatcher
  • updated tools
  • profile layout and installation improvements
  • improvements to the profile repository
  • extended owner permissions
  • mount rules
  • ptrace rules
  • signal mediation
  • bind based network rules
  • ...

The final feature list will be determined closer to the release date.

Personal tools