Security Team catch-all work for Lucid (medium)

Registered by Jamie Strandboge on 2009-11-30

This is a blueprint for the catch-all medium priority security features for Lucid.

Blueprint information

Status:
Started
Approver:
Robbie Williamson
Priority:
Medium
Drafter:
Jamie Strandboge
Direction:
Approved
Assignee:
Kees Cook
Definition:
Approved
Series goal:
Accepted for lucid
Implementation:
Good progress
Milestone target:
None
Started by
Kees Cook on 2010-01-05

Related branches

Sprints

Whiteboard

Work items:
PIE evince: DONE
PIE firefox (bug 507744): DONE
reply to Debian criticism of fscaps handling: POSTPONED
refactor dpkg fscap handling: POSTPONED
resubmit dpkg fscaps handling to Debian: POSTPONED
merge upstream dosemu and remove mmap_min_addr sysctl.d file: DONE
create debconf question for wine's use of mmap_min_addr: DONE
clean up Wine's old sysctl.d files correctly: DONE
obtain a list of distros a partner vendor supports for a given app to encourage use of fortify, stack protector, etc: DONE
[mvo] provide an early notification of EOL in update-manager: POSTPONED
patch ssh to gain boolean to disable banner (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562048): DONE
deroot auditd: POSTPONE

Work items ubuntu-10.04-beta-1:
[jjohansen] change_profile pam_apparmor: POSTPONED

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.