AppArmor 5.0 is a major new release of the AppArmor that is in development.

Apprmor 5.0 is a bridge release between older AppArmor 4.x policy and the newer AppArmor 5 style policy. While backwards compatible with AppArmor 4.0 policy, AppArmor 5.0 introduces several new features that are not backwards compatible. It is the first release supporting these improvements to policy and as such AppArmor 5.0 will be a short lived release, and will not receive long term support. The following AppArmor 5.1 feature release is planned to be a regular release, please take this into account when including AppArmor 5.0 into a distro release.

TODO

TODO

TODO

TODO

TODO

AppArmor 4.1.7 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

AppArmor 4.1.7 contains an important fix on the parser

• a fix on the emission of the permission table based on the permstable32 version supported by the kernel.

Please see the full release notes for further details.

AppArmor 5.0 is a major new release of the AppArmor that is in development.

Apprmor 5.0 is a bridge release between older AppArmor 4.x policy and the newer AppArmor 5 style policy. While backwards compatible with AppArmor 4.0 policy, AppArmor 5.0 introduces several new features that are not backwards compatible. It is the first release supporting these improvements to policy and as such AppArmor 5.0 will be a short lived release, and will not receive long term support. The following AppArmor 5.1 feature release is planned to be a regular release, please take this into account when including AppArmor 5.0 into a distro release.

See Full release notes for more details

AppArmor 4.1.6 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

AppArmor 4.1.6 contains three important fixes - a fix for a regression in aa-notify in 4.1.5 - a fix for a regression in the init scripts introduced by the fix for disabling the unprivileged user namespace restriction. - a fix for the python utils and library so that they will work on systems with Python 3.14 and newer.

Please see the full release notes for further details.

AppArmor 4.1.5 has an issue in aa-notify, do not use. Use 4.1.6 instead

TODO

AppArmor 5.0 is a major new release of the AppArmor that is in development.

Apprmor 5.0 is a bridge release between older AppArmor 4.x policy and the newer AppArmor 5 style policy. While backwards compatible with AppArmor 4.0 policy, AppArmor 5.0 introduces several new features that are not backwards compatible. It is the first release supporting these improvements to policy and as such AppArmor 5.0 will be a short lived release, and will not receive long term support. The following AppArmor 5.1 feature release is planned to be a regular release, please take this into account when including AppArmor 5.0 into a distro release.

AppArmor 4.1.4 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

AppArmor 4.1.4 contains a fix for a regression in policy size introduced by AppArmor 4.1. Policy built with previous version in the AppArmor 4.1.x series can be anywhere for 2 to 8 times larger than in AppArmor 4.0.x. AppArmor 4.1.4 fixes this so the generated policy is slightly larger than AppArmor 4.0.x policy.

It is recommend that policy caches are rebuilt after installing AppArmor 4.1.4 to ensure that policy is not using excessive memory.

For more information see the Full Release Notes

AppArmor 4.1.3 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

TODO

TODO

TODO

TODO

todo

todo

todo

WARNING this is a beta - NOT a final release

AppArmor 4.1~beta4 was released on 2025-02-11.

Introduction

AppArmor 4.1 is a major new release of the AppArmor that is in development.

Apprmor 4.1 is a long term stable (5 years of support) release for the AppArmor 4.x policy which introduces several new features that are not backwards compatible.

These release notes cover changes from AppArmor-4.1~beta4

AppArmor 4.1 is a major new release of the AppArmor that is in development.

Apprmor 4.1 is a long term stable (5 years of support) release for the AppArmor 4.x policy which introduces several new features that are not backwards compatible.

These release notes cover changes between AppArmor-4.1~beta1 and AppArmor-4.1~beta4 (Note: includes notes for Beta2 and Beta3 which was dropped due to technical issues).

Notes

• This Release contains bug fixes to AppArmor 4.1 beta1, beta2, beta3.
• This release includes new CI E2E testing via the spread frame work. A big thanks to Zygmunt Krynicki for all his work on improving the testing.

Known issues

• profile: unshare has a known issue around profile transitions
• utils do not handle priorities in rules
• utils do not handle leading permissions
• utils crash if they can't parse all files in the profile directory
• mount rules
• control of disconnect mounts is missing
• handling of conflicting mount options is not backwards compatible

AppArmor 4.1 is a major new release of the AppArmor that is in development.

Apprmor 4.1 is a long term stable (5 years of support) release for the AppArmor 4.x policy which introduces several new features that are not backwards compatible.

These release notes cover changes between AppArmor-4.1~beta1 and AppArmor-4.1~beta3 (Note: includes notes for AppArmor-4.1~Beta2 which was dropped due to technical issues).

AppArmor 4.1 is a new release of AppArmor that is in development.

Obtaining the Release

This release can be obtained through gitlab.

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.1.0-beta2

AppArmor 4.1 is a new release of AppArmor that is in development.

Obtaining the Release

This release can be obtained through gitlab.

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.1.0-beta1

AppArmor 4.0.3 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.3

AppArmor 4.0.2 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

AppArmor 4.0.2 does not address interactions between the bwrap_userns_restrict and flatpak profiles. The bwrap profile is not enabled by default, if enabled the flatpak profile needs to be updated.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.2

AppArmor 4.0 is a major new release of the AppArmor that is in development.

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.1

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in beta4 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

This release only contains bug fixes to AppArmor 4.0 beta3

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-beta4

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in beta3 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

This release only contains bug fixes to AppArmor 4.0 beta2

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-beta3

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in beta2 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

This release only contains bug fixes to AppArmor 4.0 beta1

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-beta2

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in beta1 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-beta1

AppArmor 2.13.11 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

AppArmor 3.0.13 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

AppArmor 3.1.7 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in alpha4 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-alpha4

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in alpha3 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-alpha3

AppArmor 4.0 is a major new release of the AppArmor that is in development, these are not complete release notes of everything in alpha2 but just highlighting new or important developments

Apprmor 4.0 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 into a distro release. For questions around compatibility see the compatibility matrix.

Note

• Some features will work with older kernels but many of the features in apparmor 4 with require a development kernel.
• The kernel portion of the project is maintained and pushed separately.
• AppArmor 4.0 contains all bug fixes and policy updates from apparmor 3.1
• Some new features will not be fully supported in some utilities. In these cases it was decided that releasing a new feature earlier had more benefit than delaying it for full utility support. Please see the feature support matrix.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-alpha2

Launchpad

• https://launchpad.net/apparmor/4.0/4.0.0-alpha2/+download/apparmor-4.0.0~alpha2.tar.gz
• sha256sum: 594fcace8fbfb656b2e991b33feb1270ea0fdc09ec3ae517290afd409a57b368
• signature: https://launchpad.net/apparmor/4.0/4.0.0-alpha2/+download/apparmor-4.0.0~alpha2.tar.gz.asc
• signature sha256sum: b10d6d97040dd999e38e90dbeca3f4849b6169d7b1a83033b290e05d92474512

AppArmor 4.0 alpha1 is a major new release of the AppArmor that is in development.

Apprmor 4.0 alpha1 is a bridge release between older AppArmor 3.x policy and the newer AppArmor 4 style policy which introduces several new features that are not backwards compatible. As such AppArmor 4.0 alpha1 will be a short lived release, and will not receive long term support. The following AppArmor 4.1 feature release is planned to be a regular release, please take this into account when including AppArmor 4.0 alpha1 into a distro release.

Some features will work with older kernels but many of the features in AppArmor 4.0 alpha1 with require a development kernel.

The kernel portion of the project is maintained and pushed separately.

AppArmor 4.0 alpha1 contains all bug fixes and policy updates from AppArmor 3.1

Obtaining the Release

This release can be obtained through gitlab.

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-alpha1

AppArmor 3.1.6 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

This release fixes a regression in 3.1.5 introduced by its fix to mount rule generations.

AppArmor 3.0.12 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

This release fixes a regression in 3.0.11 introduced by its fix to mount rule generations.

AppArmor 2.13.10 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

This release fixes a regression in 2.13.9 introduced by its fix to mount rule generations.

AppArmor 3.1.5 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

This release fixes a regression in 3.1.4 introduced by the fix to mount rule generations.

AppArmor 3.0.11 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

This release fixes a regression in 3.0.10 introduced by the fix to mount rule generations.

AppArmor 2.13.9 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Important Note

This release fixes a regression in 2.13.8 introduced by the fix to mount rule generations.

AppArmor 2.13.8 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Important Note

This release fixes CVE-2016-1585. If you are looking at back porting individual patches instead of pulling in the whole release the critical patches were back ported from MR:333, please contact the apparmor mailing list or if communications must be private security@apparmor.net if you need assistance.

AppArmor 3.0.10 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Important Note

This release fixes CVE-2016-1585. If you are looking at back porting individual patches instead of pulling in the whole release the critical patches were backported as commit 262fd11359432888292952e5ed29bead5ace16f0 from MR:333, please contact the apparmor mailing list or if communications must be private security@apparmor.net if you need assistance.

AppArmor 3.1.4 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Important Note

This release fixes CVE-2016-1585. If you are looking at back porting individual patches instead of pulling in the whole release the critical patches were backported as commit aff29ef0ee88e18db74a364e7dca1b4c0fa95e47 from MR:333, please contact the apparmor mailing list or if communications must be private security@apparmor.net if you need assistance.

AppArmor 3.0.9 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all currently supported upstream kernels.

The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.9

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.9/+download/apparmor-3.0.9.tar.gz
• sha256sum: fd96dc4a4145fce2b7282a3c19ffab70a4003c0953ed5992cfd7820df7215f02
• signature: https://launchpad.net/apparmor/3.0/3.0.9/+download/apparmor-3.0.9.tar.gz.asc
• sha256sum: bcdd447c12171dc419ff8cb99928a4b166a6805c5d47cb09e759b53f1c3cf16a

AppArmor 3.1.3 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.1.3

Launchpad

• https://launchpad.net/apparmor/3.1/3.1.3/+download/apparmor-3.1.3.tar.gz
• sha256sum: b8ffac45d0b283afe574ddd5542142ba1a62c354df110cff862b99201f29c843
• signature: https://launchpad.net/apparmor/3.1/3.1.3/+download/apparmor-3.1.3.tar.gz.asc
• signature sha256sum: c31ba39f3f7e23b6a3f7f301435fb9fa5958807ab477398a5c803e0d8dd18f67

AppArmor 3.0.8 fixes a couple errors discovered in AppArmor 3.0.7 after release.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.8

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.8/+download/apparmor-3.0.8.tar.gz
• sha256sum: dfa0083d62bb469be7125da590f46ad1a2831e3a7beeffaaeadfc2fee8460e5c
• signature: https://launchpad.net/apparmor/3.0/3.0.8/+download/apparmor-3.0.8.tar.gz.asc

AppArmor 2.13.7 is a maintenance release of the user space components of the AppArmor security project.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs: Differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed: - libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup - the docs for everything but libapparmor have already been built

gitlab release

• https://gitlab.com/apparmor/apparmor/-/releases/v2.13.7

Launchpad Tarball

• https://launchpad.net/apparmor/2.13/2.13.7/+download/apparmor-2.13.7.tar.gz
• sha256sum: 8c6d19ffb8ba13b776f7922a144a7bd7f221592dacec44e51485a784ddd20e09
• signature: https://launchpad.net/apparmor/2.13/2.13.7/+download/apparmor-2.13.7.tar.gz.asc

AppArmor 2.12.4 is the final maintenance release of the 2.12 release of user space components of the AppArmor security project.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs: Differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed: - libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup - the docs for everything but libapparmor have already been built

gitlab release

• https://gitlab.com/apparmor/apparmor/-/releases/v2.12.4

Launchpad Tarball

• https://launchpad.net/apparmor/2.12/2.12.4/+download/apparmor-2.12.4.tar.gz
• sha256sum: 750d94c6ba3ae94a8d6dd2310399218918fe83b0ccd3bef482a23f581b595c27
• signature: https://launchpad.net/apparmor/2.12/2.12.4/+download/apparmor-2.12.4.tar.gz.asc

AppArmor 3.1.2 is a bug fix release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.1.2

Launchpad

• https://launchpad.net/apparmor/3.1/3.1.2/+download/apparmor-3.1.2.tar.gz
• sha256sum: 7cbd0b2f6393abf57acaf25dc2b32b2ae197c0b5b0d661e14be46127df93a5eb
• signature: https://launchpad.net/apparmor/3.1/3.1.2/+download/apparmor-3.1.2.tar.gz.asc
• signature sha256sum: 7cd2a44a695caf906f3328d1b654c65a454737f6

Coming soon.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros and end users only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.1.1
• sha256sums:
• https://gitlab.com/apparmor/apparmor/-/archive/v3.1.1/apparmor-v3.1.1.tar: 9df22709d985f7941b3df9ecdf8de48aa444706bc0d826a71a62ef5b9dc099ab
• https://gitlab.com/apparmor/apparmor/-/archive/v3.1.1/apparmor-v3.1.1.tar.bz2: 1ccb732f2fb2bca7b648fc61c27deebb6b884e647d1837c23096644dce215b57
• https://gitlab.com/apparmor/apparmor/-/archive/v3.1.1/apparmor-v3.1.1.tar.gz: f2e55b1ef826422fa3a44af26305b531031cdd73ecdb9be9187ed7389a3aff91
• https://gitlab.com/apparmor/apparmor/-/archive/v3.1.1/apparmor-v3.1.1.zip:8e12daf7f491f90bdc765aea7af06e0e71e39066e96598f2eed7c959a46fc193

Launchpad

• https://launchpad.net/apparmor/3.1/3.1.1/+download/apparmor-3.1.1.tar.gz
• sha256sum: cd52a5643c115b223c199e96ab03d6d5d7d72c266ac23cf74a08f32f003af9d7
• signature: https://launchpad.net/apparmor/3.1/3.1.1/+download/apparmor-3.1.1.tar.gz.asc

Do not use this release had a broken SO version bump for libapparmor, use the forthcoming 3.1.1 release tarball instead.

AppArmor 3.0.7 fixes a build error in AppArmor 3.0.6. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.7

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.7/+download/apparmor-3.0.7.tar.gz
• sha256sum: f7063637d7523a28a59696f89e878d9942985bf828194d4c4bae594bec57e2d1
• signature: https://launchpad.net/apparmor/3.0/3.0.7/+download/apparmor-3.0.7.tar.gz.asc

AppArmor 3.0.6 fixes a couple errors discovered in AppArmor 3.0.5 after release. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.6

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.6/+download/apparmor-3.0.6.tar.gz
• sha256sum: 0f4c599ee4864e4e412e18133a3b5990f9f81ab6ba75f0f351f024bb722fa368
• signature: https://launchpad.net/apparmor/3.0/3.0.6/+download/apparmor-3.0.6.tar.gz.asc

AppArmor 3.0.5 fixes a build error in AppArmor 3.0.4 that could cause AppArmor builds to fail during tests in some build environments. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.5

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.5/+download/apparmor-3.0.5.tar.gz
• sha256sum:
• signature: https://launchpad.net/apparmor/3.0/3.0.5/+download/apparmor-3.0.5.tar.gz.asc

AppArmor 3.0.4 fixes a build error in AppArmor 3.0.3 that could cause AppArmor builds to fail during tests in some build environments. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Notes

• while Link Time Optimization (LTO) has been fixed for some systems there are still some known issues which may result in build failures on some systems. See https://gitlab.com/apparmor/apparmor/-/issues/214

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad.

Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.4

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.4/+download/apparmor-3.0.4.tar.gz
• sha256sum: 09bf48d7a171f9790c39a1404bad105a788934cfe77b7490c7f5c63c2576b725
• signature: https://launchpad.net/apparmor/3.0/3.0.4/+download/apparmor-3.0.4.tar.gz.asc

AppArmor 3.0.3 fixes a build error in AppArmor 3.0.2 that could cause AppArmor builds to fail during tests in some build environments. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.3

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.3/+download/apparmor-3.0.3.tar.gz
• sha256sum: 153db05d8f491e0596022663c19fb1166806cb473b3c6f0a7279feda2ec25a59
• signature: https://launchpad.net/apparmor/3.0/3.0.3/+download/apparmor-3.0.3.tar.gz.asc

AppArmor 3.0.2 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v3.0.2

Launchpad

• https://launchpad.net/apparmor/3.0/3.0.2/+download/apparmor-3.0.2.tar.gz
• sha256sum: a3512681d7cef05b82f79f75359b77179d45d72ba343383eee20070dc57f683e
• signature: https://launchpad.net/apparmor/3.0/3.0.2/+download/apparmor-3.0.2.tar.gz.asc

AppArmor 2.10.6 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Important Note

• This is the last release in the 2.10 series.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs: Differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed:

• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup

gitlab

• https://gitlab.com/apparmor/apparmor/-/releases/v2.10.6

Launchpad

• https://launchpad.net/apparmor/2.10/2.10.6/+download/apparmor-2.10.6.tar.gz
• sha256sum: 751b8df8f8526167d6f3164c6b6d73f2b1398c96458412e6b87058220789f257
• signature: https://launchpad.net/apparmor/2.0/2.10.6/+download/apparmor-2.10.6.tar.gz.asc

AppArmor 2.13.6 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). And supports features released in the 4.18 kernel and ubuntu 18.04 kernel with the apparmor 3 development patches.

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs: Differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed: - libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup - the docs for everything but libapparmor have already been built

gitlab release

• https://gitlab.com/apparmor/apparmor/-/releases/v2.13.6

Launchpad Tarball

• https://launchpad.net/apparmor/2.13/2.13.6/+download/apparmor-2.13.6.tar.gz
• sha256sum: 4426b8b73f368889aea69cbc224ae666d4145b9520a2866cc2a915908e87ba8f
• signature: https://launchpad.net/apparmor/2.13/2.13.6/+download/apparmor-2.13.6.tar.gz.asc

# Introduction

AppArmor 3.0.1 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied).

The kernel portion of the project is maintained and pushed separately.

Highlighted fixes or improvements

• Adds support for capability checkpoint_restore for the 5.9 and later kernels

For full release notes see: https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1

AppArmor 2.13.5 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). And supports features released in the 4.18 kernel and ubuntu 18.04 kernel with the apparmor 3 development patches.

Important Note

• gitlab release tarballs: Differ from the launchpad release tarballs. The both start from the same commit (tagged v2.13.5) however the launchpad release tarball has a couple processing steps already performed:
• libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup
• the docs for everything but libapparmor have already been built

Obtaining the Release

There are two ways to obtain this release either through gitlab or a tarball in launchpad. Important note: the gitlab release tarballs: Differ from the launchpad release tarballs. The launchpad release tarball has a couple processing steps already performed: - libapparmor autogen.sh is already done, meaning distros only need to use ./configure in their build setup - the docs for everything but libapparmor have already been built

gitlab release

• https://gitlab.com/apparmor/apparmor/-/releases/v2.13.5

Launchpad Tarball

• https://launchpad.net/apparmor/2.13/2.13.5/+download/apparmor-2.13.5.tar.gz
• sha256sum: 637e2a14d844e53e0f0b31dc8fe8821f7bb36908c709ccc23e29033053caa717
• signature: https://launchpad.net/apparmor/2.13/2.13.5/+download/apparmor-2.13.5.tar.gz.asc

# Introduction

AppArmor 3.0 is a major new release of the AppArmor user space that makes an important change to policy development and support. Its focus is transitioning policy to the new features abi and as such other new features have been limited.

Apprmor 3.0 is a bridge release between older AppArmor 2.x policy and the newer AppArmor 3 style policy which requires the declaration of a features abi. As such AppArmor 3.0 will be a short lived release, and will not receive long term support. The following AppArmor 3.1 feature release is planned to be a regular release, please take this into account when including AppArmor 3.0 into a distro release.

This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). And supports features released in the 4.20 kernel.

The kernel portion of the project is maintained and pushed separately.

Highlighted new features

• Policy now must declare the feature abi it was developed for if it is to use any new features. For further information please see the wiki.
• The use of profile names that are based on pathnames are deprecated. For further information please see the wiki.
• Support for new kernel features (requires appropriate features abi tagging in policy)
• upstream v8 network socket rules
• xattr attachment conditionals
• capabilities PERFMON and BPF
• rewritten aa-status
• supports use in systems/images where python is not available
• supports kill, unconfined and mixed profile modes
• rewritten aa-notify
• move from perl to python 3
• shared backend with other python tools
• support use of aa.CONFDIR instead of hard coded /etc/apparmor
• improved message layout
• improved support for kernels that support LSM stacking
• support profile modes
• enforce (default when no mode flag is supplied)
• kill (experimental)
• unconfined (experimental)
• reference policy updated for 3.0 feature abi
• basic support for systemd v246 early load of apparmor policy.
• new tool aa-features-abi for extracting feature abis from the kernel

Important Notes

• Potentially breaking change: AppArmor will now issue warning about policy that does not specify a feature abi if that policy is not pinned to a specific feature abi. AppArmor will compile such policy using a default feature abi instead of the kernels abi. For more information see the wiki.

• Potentially breaking change: AppArmor no longer loads snapd policy by default. It is expected that snapd users are using the snapd unit file. If this is not the case distros will need to revert 0164fd05 init: stop loading snap policy OR take advantage of systemd v246 early load of apparmor policy.

For full release notes see: https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0