UbuntuUpdates.org

Package "apport-retrace"

Name: apport-retrace

Description:

tools for reprocessing Apport crash reports

Latest version: 2.0.1-0ubuntu17.16
Release: precise (12.04)
Level: security
Repository: main
Head package: apport
Homepage: https://wiki.ubuntu.com/Apport

Links


Download "apport-retrace"


Other versions of "apport-retrace" in Precise

Repository Area Version
base main 2.0.1-0ubuntu5
updates main 2.0.1-0ubuntu17.16

Changelog

Version: 2.0.1-0ubuntu17.16 2021-05-03 14:07:13 UTC

  apport (2.0.1-0ubuntu17.16) precise-security; urgency=medium

  * Disable apport as it is excluded from ESM.

 -- Brian Murray <email address hidden> Fri, 27 Oct 2017 12:22:21 -0700

Source diff to previous version

Version: 2.0.1-0ubuntu17.15 2016-12-14 23:07:25 UTC

  apport (2.0.1-0ubuntu17.15) precise-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: path traversal vulnerability with hooks execution
    - Clean path in apport/report.py, added test to test/test_ui.py.
    - No CVE number
    - LP: #1648806

  [ Steve Beattie ]
  * SECURITY UPDATE: code execution via malicious crash files
    - Only offer restarting the application when processing a
      crash file in /var/crash in apport/ui.py, gtk/apport-gtk,
      and kde/apport-kde. Add testcases to test/test_ui.py,
      test/test_ui_gtk.py, and test_ui_kde.py.
    - No CVE number
    - LP: #1648806

 -- Marc Deslauriers <email address hidden> Mon, 12 Dec 2016 07:34:52 -0500

Source diff to previous version
1648806 Arbitrary code execution through crafted CrashDB or Package/Source fields in .crash files

Version: 2.0.1-0ubuntu17.13 2015-10-27 13:07:00 UTC

  apport (2.0.1-0ubuntu17.13) precise-security; urgency=medium

  * SECURITY FIX: When determining the path of a Python module for a program
    like "python -m module_name", avoid actually importing and running the
    module; this could lead to local root privilege escalation. Thanks to
    Gabriel Campana for discovering this and the fix!
    (CVE-2015-1341, LP: #1507480)

 -- Martin Pitt Thu, 22 Oct 2015 15:50:47 +0200

Source diff to previous version
1507480 Privilege escalation through Python module imports
CVE-2015-1341 RESERVED

Version: 2.0.1-0ubuntu17.10 2015-09-24 13:06:23 UTC

  apport (2.0.1-0ubuntu17.10) precise-security; urgency=medium

  * SECURITY FIX: kernel_crashdump: Enforce that the log/dmesg files are not a
    symlink.
    This prevents normal users from pre-creating a symlink to the predictable
    .crash file, and thus triggering a "fill up disk" DoS attack when the
    .crash report tries to include itself. Thanks to halfdog for discovering
    this! (CVE-2015-1338, part of LP #1492570)
  * SECURITY FIX: Fix all writers of report files to open the report file
    exclusively.
    Fix package_hook, kernel_crashdump, and similar hooks to fail if the
    report already exists. This prevents privilege escalation through symlink
    attacks. Note that this will also prevent overwriting previous reports
    with the same same. Thanks to halfdog for discovering this!
    (CVE-2015-1338, LP: #1492570)
  * debian/tests/upstream-system: Change directory to /tmp, so that tests
    actually run against the installed package.

 -- Martin Pitt Mon, 21 Sep 2015 11:58:45 +0200

Source diff to previous version
1492570 /usr/share/apport/kernel_crashdump accesses files in insecure manner
CVE-2015-1338 RESERVED

Version: 2.0.1-0ubuntu17.9 2015-05-22 02:44:11 UTC

  apport (2.0.1-0ubuntu17.9) precise-security; urgency=medium

  * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
    program that is suid root or not readable for the user would create
    root-owned core files in the current directory of that program. Creating
    specially crafted core files in /etc/logrotate.d or similar could then
    lead to arbitrary code execution with root privileges. Now core files do
    not get written for these kinds of programs, in accordance with the
    intention of core(5).
    Thanks to Sander Bos for discovering this issue!
    (CVE-2015-1324, LP: #1452239)
  * Add test case to ensure that users cannot inject arbitrary core dump file
    contents (CVE-2015-1325). This version is not affected, but having the
    test will ensure that backported changes don't introduce this
    vulnerability. (LP: #1453900)
  * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(),
    test_nonwritable_cwd() uses a different dir.

 -- Martin Pitt <email address hidden> Wed, 13 May 2015 13:58:17 +0200

1452239 root escalation with fs.suid_dumpable=2
1453900 root escalation via race condition



About   -   Send Feedback to @ubuntu_updates