Package "dh-apport"

Name: dh-apport


debhelper extension for the apport crash report system

Latest version: 2.20.11-0ubuntu82.1
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: apport
Homepage: https://wiki.ubuntu.com/Apport


Download "dh-apport"

Other versions of "dh-apport" in Jammy

Repository Area Version
base universe 2.20.11-0ubuntu82
security universe 2.20.11-0ubuntu82.1


Version: 2.20.11-0ubuntu82.1 2022-05-17 19:06:32 UTC

  apport (2.20.11-0ubuntu82.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Fix multiple security issues
    - data/apport: Fix too many arguments for error_log().
    - data/apport: Use proper argument variable name executable_path.
    - etc/init.d/apport: Set core_pipe_limit to a non-zero value to make
      sure the kernel waits for apport to finish before removing the /proc
    - apport/fileutils.py, data/apport: Search for executable name if one
      wan't provided such as when being called in a container.
    - data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654,
    - data/apport, apport/fileutils.py, test/test_fileutils.py: Validate
      D-Bus socket location. (CVE-2022-28655)
    - apport/fileutils.py, test/test_fileutils.py: Turn off interpolation
      in get_config() to prevent DoS attacks. (CVE-2022-28652)
    - Refactor duplicate code into search_map() function.
    - Switch from chroot to container to validating socket owner.
      (CVE-2022-1242, CVE-2022-28657)
    - data/apport: Clarify error message.
    - apport/fileutils.py: Fix typo in comment.
    - apport/fileutils.py: Do not call str in loop.
    - data/apport, etc/init.d/apport: Switch to using non-positional
      arguments. Get real UID and GID from the kernel and make sure they
      match the process. Also fix executable name space handling in
      argument parsing. (CVE-2022-28658, CVE-2021-3899)

 -- Marc Deslauriers <email address hidden> Tue, 10 May 2022 09:23:35 -0400

CVE-2022-28654 RESERVED
CVE-2022-28656 RESERVED
CVE-2022-28655 RESERVED
CVE-2022-28652 RESERVED
CVE-2022-1242 RESERVED
CVE-2022-28657 RESERVED
CVE-2022-28658 RESERVED
CVE-2021-3899 RESERVED

About   -   Send Feedback to @ubuntu_updates