UbuntuUpdates.org

Package "python3-problem-report"

Name: python3-problem-report

Description:

Python 3 library to handle problem reports
Latest version: 2.14.1-0ubuntu3.29
Release: trusty (14.04)
Level: updates
Repository: main
Head package: apport
Homepage: https://wiki.ubuntu.com/Apport

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "python3-problem-report"

All arch deb package
APT INSTALL

Other versions of "python3-problem-report" in Trusty

Repository Area Version
base main 2.14.1-0ubuntu3
security main 2.14.1-0ubuntu3.29

Changelog

Version: 2.14.1-0ubuntu3.23 2016-12-15 00:07:32 UTC

  apport (2.14.1-0ubuntu3.23) trusty-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: code execution via malicious crash files
    - Use ast.literal_eval in apport/ui.py, added test to test/test_ui.py.
    - No CVE number
    - LP: #1648806
  * SECURITY UPDATE: path traversal vulnerability with hooks execution
    - Clean path in apport/report.py, added test to test/test_ui.py.
    - No CVE number
    - LP: #1648806

  [ Steve Beattie ]
  * SECURITY UPDATE: code execution via malicious crash files
    - Only offer restarting the application when processing a
      crash file in /var/crash in apport/ui.py, gtk/apport-gtk,
      and kde/apport-kde. Add testcases to test/test_ui.py,
      test/test_ui_gtk.py, and test_ui_kde.py.
    - No CVE number
    - LP: #1648806

 -- Marc Deslauriers <email address hidden> Mon, 12 Dec 2016 07:27:21 -0500
Source diff to previous version
1648806 Arbitrary code execution through crafted CrashDB or Package/Source fields in .crash files

Version: 2.14.1-0ubuntu3.21 2016-05-25 19:06:59 UTC

  apport (2.14.1-0ubuntu3.21) trusty-proposed; urgency=medium

  * apport-bug: Stop checking the autoreport flag and calling
    whoopsie-upload-all; these two are different tasks, and that breaks bug
    reporting. (LP: #1339663)

 -- Brian Murray <email address hidden> Mon, 16 May 2016 13:24:02 -0700
Source diff to previous version
1339663 ubuntu-bug fails with \

Version: 2.14.1-0ubuntu3.20 2016-05-18 10:06:42 UTC

  apport (2.14.1-0ubuntu3.20) trusty-proposed; urgency=medium

  * Disambiguate overly generic Python exceptions in duplicate signature
    computation: dbus-glib's DBusException wraps a "real" server-side
    exception, so add the class of that to disambiguate different crashes;
    for OSError that is not a known subclass like FileNotFoundError, add the
    errno. (LP: #989819)

 -- Martin Pitt <email address hidden> Fri, 01 Apr 2016 16:27:39 +0200
Source diff to previous version
989819 Make duplicate signature more specific for DBusException and OSError

Version: 2.14.1-0ubuntu3.19 2015-11-17 01:06:26 UTC

  apport (2.14.1-0ubuntu3.19) trusty-proposed; urgency=medium

  * apport/ui.py: set "_MarkForUpload" field to False for cases where the
    apport report is damaged, about a not installed package, or when an
    error occurred processing the report. (LP: #1512902)

 -- Brian Murray Fri, 06 Nov 2015 07:14:08 -0800
Source diff to previous version
1512902 apport will create .upload files for incomplete or corrupt crash reports

Version: 2.14.1-0ubuntu3.18 2015-10-27 15:06:23 UTC

  apport (2.14.1-0ubuntu3.18) trusty-security; urgency=medium

  * test_backend_apt_dpkg.py: Reset internal apt caches between tests. Avoids
    random test failures due to leaking paths from previous test cases.
  * SECURITY FIX: When determining the path of a Python module for a program
    like "python -m module_name", avoid actually importing and running the
    module; this could lead to local root privilege escalation. Thanks to
    Gabriel Campana for discovering this and the fix!
    (CVE-2015-1341, LP: #1507480)

 -- Martin Pitt Thu, 22 Oct 2015 15:15:37 +0200
1507480 Privilege escalation through Python module imports
CVE-2015-1341 RESERVED


About   -   Send Feedback to @ubuntu_updates