Ubuntu

Security Team catch-all work for Lucid (essential)

Registered by Jamie Strandboge on 2009-11-30

This is a blueprint for the catch-all essential security features for Lucid.

Blueprint information

Status:: Complete

Approver:: Robbie Williamson

Priority:: Essential

Drafter:: Kees Cook

Direction:: Approved

Assignee:: Kees Cook

Definition:: Approved

Series goal:: Accepted for lucid

Implementation:: Implemented

Milestone target:: None

Started by: Kees Cook on 2009-12-14

Completed by: Jamie Strandboge on 2010-03-05

Related branches

Related bugs

Sprints

Whiteboard

Feeback jdstrand: removed enabling the firefox profile by default and added to security-lucid-catchall-high. See security-lucid-catchall-high for details.

Work items:
remove apparmor from initramfs: DONE
split apparmor profile loading to separate packages: DONE
give list of executable stacks in Partner to Brian: DONE
[jdstrand] get security update added to MOTU membership process: DONE
[jdstrand] update all firefox bzr branches to ship apparmor profile: DONE
[kees] fix workitems.py escaping (https://code.launchpad.net/~kees/launchpad-work-items-tracker/fix-escaping/+merge/15625): DONE
patch ssh to gain -Wl,-z,now: DONE
patch samba to gain -Wl,-z,now: DONE
mmap_min back into procps for reset-when-wine-or-dosemu-goes-away: DONE
write test for per-package regressions in ELF hardening (PIE, BIND_NOW): DONE

Work items (lucid-beta-1):
[jdstrand] push clamav from -backports to -security (EOL is April 15): DONE

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

Ubuntu Security Team