UbuntuUpdates.org

Package "apport"

Name: apport

Description:

automatically generate crash reports for debugging

Latest version: 2.20.9-0ubuntu7.24
Release: bionic (18.04)
Level: updates
Repository: main
Homepage: https://wiki.ubuntu.com/Apport

Links


Download "apport"


Other versions of "apport" in Bionic

Repository Area Version
base main 2.20.9-0ubuntu7
base universe 2.20.9-0ubuntu7
security main 2.20.9-0ubuntu7.24
security universe 2.20.9-0ubuntu7.24
updates universe 2.20.9-0ubuntu7.24

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.20.9-0ubuntu7.24 2021-05-25 18:06:27 UTC

  apport (2.20.9-0ubuntu7.24) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple arbitrary file reads (LP: #1917904)
    - apport/hookutils.py: don't follow symlinks and make sure the file
      isn't a FIFO in read_file().
    - test/test_hookutils.py: added symlink tests.
    - CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
      CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
      CVE-2021-32555
  * SECURITY UPDATE: info disclosure via modified config files spoofing
    (LP: #1917904)
    - backends/packaging-apt-dpkg.py: properly terminate arguments in
      get_modified_conffiles.
    - CVE-2021-32556
  * SECURITY UPDATE: arbitrary file write (LP: #1917904)
    - data/whoopsie-upload-all: don't follow symlinks and make sure the
      file isn't a FIFO in process_report().
    - CVE-2021-32557

 -- Marc Deslauriers <email address hidden> Tue, 18 May 2021 09:15:10 -0400

Source diff to previous version
CVE-2021-32547 RESERVED
CVE-2021-32548 RESERVED
CVE-2021-32549 RESERVED
CVE-2021-32550 RESERVED
CVE-2021-32551 RESERVED
CVE-2021-32552 RESERVED
CVE-2021-32553 RESERVED
CVE-2021-32554 RESERVED
CVE-2021-32555 RESERVED
CVE-2021-32556 RESERVED
CVE-2021-32557 RESERVED

Version: 2.20.9-0ubuntu7.23 2021-02-02 20:07:53 UTC

  apport (2.20.9-0ubuntu7.23) bionic-security; urgency=medium

  * SECURITY UPDATE: multiple security issues (LP: #1912326)
    - CVE-2021-25682: error parsing /proc/pid/status
    - CVE-2021-25683: error parsing /proc/pid/stat
    - CVE-2021-25684: stuck reading fifo
    - data/apport: make sure existing report is a regular file.
    - apport/fileutils.py: move some logic here to skip over manipulated
      process names and filenames.
    - test/test_fileutils.py: added some parsing tests.

 -- Marc Deslauriers <email address hidden> Tue, 26 Jan 2021 07:21:46 -0500

Source diff to previous version
CVE-2021-25682 RESERVED
CVE-2021-25683 RESERVED
CVE-2021-25684 RESERVED

Version: 2.20.9-0ubuntu7.21 2020-12-14 21:07:11 UTC

  apport (2.20.9-0ubuntu7.21) bionic; urgency=medium

  * data/apport: only drop supplemental groups if the user is root. (LP: #1906565)

 -- Brian Murray <email address hidden> Thu, 03 Dec 2020 09:39:34 -0800

Source diff to previous version
1906565 traceback when running apport as non-root user

Version: 2.20.9-0ubuntu7.20 2020-11-12 16:07:39 UTC

  apport (2.20.9-0ubuntu7.20) bionic-security; urgency=medium

  * Various security hardening fixes (LP: #1903332)
    - apport/fileutils.py: drop privileges in the correct order, limit
      settings file size.
    - apport/apport/report.py: properly drop privileges, limit ignore file
      size.
    - data/apport: drop supplemental groups.

 -- Marc Deslauriers <email address hidden> Tue, 10 Nov 2020 15:03:57 -0500

Source diff to previous version
1903332 Apport get_config incorrectly drops privileges

Version: 2.20.9-0ubuntu7.19 2020-11-05 12:06:19 UTC

  apport (2.20.9-0ubuntu7.19) bionic; urgency=medium

  * data/apport: In the event that the crashing executable does not exist on
    disk any more the path name of the executable (passed by core) is appended
    with '(deleted)' because apport is currently using sys.argv for argument
    parsing there end up being too many arguments and apport crashes. This is
    fixed by adding handling for six arguments. (LP: #1899195)

 -- Brian Murray <email address hidden> Fri, 16 Oct 2020 13:34:10 -0700

1899195 /usr/share/apport/apport:AttributeError:/usr/share/apport/apport@451:parse_arguments:print_usage:_print_message



About   -   Send Feedback to @ubuntu_updates