diff --git a/helpers/DATA/apparmor/add-extra-abrowser-profile.patch b/helpers/DATA/apparmor/add-extra-abrowser-profile.patch
new file mode 100644
index 0000000..6122296
--- /dev/null
+++ b/helpers/DATA/apparmor/add-extra-abrowser-profile.patch
@@ -0,0 +1,91 @@
+diff --git a/profiles/apparmor/profiles/extras/abrowser b/profiles/apparmor/profiles/extras/abrowser
+index c7b4aa7c..ed8f01c5 100644
+--- a/profiles/apparmor/profiles/extras/abrowser
++++ b/profiles/apparmor/profiles/extras/abrowser
+@@ -14,7 +14,7 @@ abi <abi/4.0>,
+ include <tunables/global>
+ 
+ # Declare some variables to help with variants
+-@{MOZ_APP_NAME}=firefox{,-esr}
++@{MOZ_APP_NAME}=abrowser{,-esr}
+ @{MOZ_LIBDIR}=/usr/lib/@{MOZ_APP_NAME}{,-[0-9]*}
+ @{MOZ_ADDONDIR}=/usr/lib/{@{MOZ_APP_NAME},xulrunner}-addons
+ 
+@@ -22,7 +22,7 @@ include <tunables/global>
+ #  /usr/lib/firefox-4.0b8/firefox
+ # but not:
+ #  /usr/lib/firefox-4.0b8/firefox.sh
+-profile firefox @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
++profile abrowser @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
+   include <abstractions/audio>
+   include <abstractions/cups-client>
+   include <abstractions/dbus-strict>
+@@ -144,8 +144,8 @@ profile firefox @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
+   /etc/wildmidi/wildmidi.cfg r,
+ 
+   # firefox specific
+-  /etc/firefox*/ r,
+-  /etc/firefox*/** r,
++  /etc/abrowser*/ r,
++  /etc/abrowser*/** r,
+   /etc/xul-ext/** r,
+   /etc/xulrunner{,-[0-9]*}/ r,
+   /etc/xulrunner{,-[0-9]*}/** r,
+@@ -234,12 +234,12 @@ profile firefox @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
+   owner @{HOME}/.thumbnails/*/*.png r,
+ 
+   # per-user firefox configuration
+-  owner @{HOME}/.{firefox,mozilla}/ rw,
+-  owner @{HOME}/.{firefox,mozilla}/** rw,
+-  owner @{HOME}/.{firefox,mozilla}/**/*.{db,parentlock,sqlite}* k,
+-  owner @{HOME}/.{firefox,mozilla}/plugins/** rm,
+-  owner @{HOME}/.{firefox,mozilla}/**/plugins/** rm,
+-  owner @{HOME}/.gnome2/firefox* rwk,
++  owner @{HOME}/.{abrowser,mozilla}/ rw,
++  owner @{HOME}/.{abrowser,mozilla}/** rw,
++  owner @{HOME}/.{abrowser,mozilla}/**/*.{db,parentlock,sqlite}* k,
++  owner @{HOME}/.{abrowser,mozilla}/plugins/** rm,
++  owner @{HOME}/.{abrowser,mozilla}/**/plugins/** rm,
++  owner @{HOME}/.gnome2/abrowser* rwk,
+   owner @{HOME}/.cache/mozilla/{,@{MOZ_APP_NAME}/} rw,
+   owner @{HOME}/.cache/mozilla/@{MOZ_APP_NAME}/** rw,
+   owner @{HOME}/.cache/mozilla/@{MOZ_APP_NAME}/**/*.sqlite k,
+@@ -440,7 +440,7 @@ profile firefox @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
+   owner @{HOME}/.mozilla/**/extensions/** mixr,
+ 
+   # Widevine CDM plugin (LP: #1777070)
+-  owner @{HOME}/.mozilla/firefox/*/gmp-widevinecdm/*/libwidevinecdm.so m,
++  owner @{HOME}/.mozilla/abrowser/*/gmp-widevinecdm/*/libwidevinecdm.so m,
+ 
+   deny @{MOZ_LIBDIR}/update.test w,
+   deny /usr/lib/mozilla/extensions/**/ w,
+@@ -458,7 +458,7 @@ profile firefox @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
+ 
+   /usr/bin/lsb_release Pxr -> lsb_release,
+ 
+-  # These should be started outside of Firefox
++  # These should be started outside of abrowser
+   deny /usr/bin/dbus-launch x,
+   deny /usr/bin/speech-dispatcher x,
+ 
+@@ -466,6 +466,6 @@ profile firefox @{MOZ_LIBDIR}/@{MOZ_APP_NAME}{,*[^s][^h]} {
+   include if exists <abstractions/ubuntu-browsers.d/firefox>
+ 
+   # Site-specific additions and overrides. See local/README for details.
+-  include if exists <local/usr.bin.firefox>
+-  include if exists <local/firefox>
++  include if exists <local/usr.bin.abrowser>
++  include if exists <local/abrowser>
+ }
+diff --git a/debian/apparmor-profiles.install b/debian/apparmor-profiles.install
+index d12ab262..a6ea623d 100644
+--- a/debian/apparmor-profiles.install
++++ b/debian/apparmor-profiles.install
+@@ -86,6 +86,7 @@ usr/share/apparmor/extra-profiles/usr.lib.GConf.2.gconfd-2
+ usr/share/apparmor/extra-profiles/usr.lib.RealPlayer10.realplay
+ usr/share/apparmor/extra-profiles/usr.lib.bonobo.bonobo-activation-server
+ usr/share/apparmor/extra-profiles/usr.lib.evolution-data-server.evolution-data-server-1.10
++usr/share/apparmor/extra-profiles/abrowser
+ usr/share/apparmor/extra-profiles/firefox
+ usr/share/apparmor/extra-profiles/firefox.sh
+ usr/share/apparmor/extra-profiles/usr.lib.firefox.mozilla-xremote-client
diff --git a/helpers/DATA/apparmor/add-unconfined-profile-firefox-icedove.patch b/helpers/DATA/apparmor/add-unconfined-profile-firefox-icedove.patch
new file mode 100644
index 0000000..13f0475
--- /dev/null
+++ b/helpers/DATA/apparmor/add-unconfined-profile-firefox-icedove.patch
@@ -0,0 +1,52 @@
+diff --git a/profiles/apparmor.d/abrowser b/profiles/apparmor.d/abrowser
+index c4b6337f..8a3ac9ec 100644
+--- a/profiles/apparmor.d/abrowser
++++ b/profiles/apparmor.d/abrowser
+@@ -4,9 +4,9 @@
+ abi <abi/4.0>,
+ include <tunables/global>
+ 
+-profile firefox /usr/lib/firefox{,-esr,-beta,-devedition,-nightly}/firefox{,-esr,-bin} flags=(unconfined) {
++profile abrowser /usr/lib/abrowser{,-esr,-beta,-devedition,-nightly}/abrowser{,-esr,-bin} flags=(unconfined) {
+   userns,
+ 
+   # Site-specific additions and overrides. See local/README for details.
+-  include if exists <local/firefox>
++  include if exists <local/abrowser>
+ }
+diff --git a/profiles/apparmor.d/icedove b/profiles/apparmor.d/icedove
+index 060eb24d..667b1674 100644
+--- a/profiles/apparmor.d/icedove
++++ b/profiles/apparmor.d/icedove
+@@ -4,9 +4,9 @@
+ abi <abi/4.0>,
+ include <tunables/global>
+ 
+-profile thunderbird /usr/bin/thunderbird flags=(unconfined) {
++profile icedove /usr/bin/icedove flags=(unconfined) {
+   userns,
+ 
+   # Site-specific additions and overrides. See local/README for details.
+-  include if exists <local/thunderbird>
++  include if exists <local/icedove>
+ }
+diff --git a/debian/apparmor.install b/debian/apparmor.install
+index 79c8700e..2971e426 100644
+--- a/debian/apparmor.install
++++ b/debian/apparmor.install
+@@ -68,6 +68,7 @@ etc/apparmor.d/sbuild-update
+ etc/apparmor.d/sbuild-upgrade
+ etc/apparmor.d/slirp4netns
+ etc/apparmor.d/stress-ng
++etc/apparmor.d/icedove
+ etc/apparmor.d/thunderbird
+ etc/apparmor.d/toybox
+ etc/apparmor.d/trinity
+@@ -83,6 +84,7 @@ etc/apparmor.d/1password
+ etc/apparmor.d/Discord
+ etc/apparmor.d/MongoDB_Compass
+ etc/apparmor.d/code
++etc/apparmor.d/abrowser
+ etc/apparmor.d/firefox
+ etc/apparmor.d/github-desktop
+ etc/apparmor.d/obsidian
diff --git a/helpers/DATA/apparmor/update-profile-extra-firefox-sh.patch b/helpers/DATA/apparmor/update-profile-extra-firefox-sh.patch
new file mode 100644
index 0000000..d36f9c3
--- /dev/null
+++ b/helpers/DATA/apparmor/update-profile-extra-firefox-sh.patch
@@ -0,0 +1,27 @@
+diff --git a/profiles/apparmor/profiles/extras/firefox.sh b/profiles/apparmor/profiles/extras/firefox.sh
+index fb75c5b6..83a7404c 100644
+--- a/profiles/apparmor/profiles/extras/firefox.sh
++++ b/profiles/apparmor/profiles/extras/firefox.sh
+@@ -22,3 +22,22 @@ profile firefox.sh /usr/lib/firefox/firefox.sh {
+   # Site-specific additions and overrides. See local/README for details.
+   include if exists <local/firefox.sh>
+ }
++
++profile firefox.sh /usr/lib/abrowser/firefox.sh {
++  include <abstractions/base>
++  include <abstractions/bash>
++  include <abstractions/consoles>
++
++  deny capability sys_ptrace,
++
++  /{usr/,}bin/basename rix,
++  /{usr/,}bin/bash rix,
++  /{usr/,}bin/grep rix,
++  /etc/magic r,
++  /usr/bin/file rix,
++  /usr/lib/abrowser/abrowser px,
++  /usr/share/misc/magic.mgc r,
++
++  # Site-specific additions and overrides. See local/README for details.
++  include if exists <local/firefox.sh>
++}
diff --git a/helpers/make-apparmor b/helpers/make-apparmor
index 974ef68..b5ae03b 100644
--- a/helpers/make-apparmor
+++ b/helpers/make-apparmor
@@ -17,14 +17,29 @@
 #    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
 #
 
-VERSION=0
+VERSION=1
 
 . ./config
 
 # Apply fix for pipewire on apparmor, see more at:
 # https://bugs.launchpad.net/apparmor/+bug/2003702
-patch --no-backup-if-mismatch -p1 < $DATA/b5a7641dd3502fcfb897d3b96e197628b674ce3c.patch
+patch_p1 $DATA/b5a7641dd3502fcfb897d3b96e197628b674ce3c.patch
 
-changelog "Apply fix LP:2003702 for pidgin like clients."
+# Add custom unconfined profiles for abrowser and icedove, deliberately patch
+# upon an original upstream profile copy to force track original files and
+# update patch accordinlgy, as it's an important security feature starting
+# at upstream 23.10:
+# https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
+
+cp profiles/apparmor.d/{thunderbird,icedove}
+cp profiles/apparmor.d/{firefox,abrowser}
+patch_p1 $DATA/add-unconfined-profile-firefox-icedove.patch
+
+cp profiles/apparmor/profiles/extras/{firefox,abrowser}
+patch_p1 $DATA/add-extra-abrowser-profile.patch
+# Note: look for updates on abrowser.sh profile on each helper/patch change:
+patch_p1 $DATA/update-profile-extra-firefox-sh.patch
+
+changelog "Apply fix LP:2003702 for pidgin like clients. | Add unconfined profiles for firefox and icedove."
 
 package