News and announcements

Security bug fix version 2.12.6 released

Written for Apport by Martin Pitt on 2013-10-25

This release fixes an information disclosure for programs which are setuid root and drop their privileges back to the user later on. In those cases, if you run apport and enable core dump files (with ulimit -c), these core dump files previously were owned by the user; they should be owned by root as the program temporarily ran with root privileges and thus might have internal state which is not accessible to the user. This internal state is exposed in the core dump.

Details, links to the trunk and backported patches etc. are in .

Security bug fix version 1.1.1 released

Written for Apport by Martin Pitt on 2009-04-30

This release fixes a race condition in the cleanup cron job. It is not trivially exploitable, but still poses a practical threat. Please update to this version as soon as possible.

If you just need the patch for the vulnerability, you can apply .

1.1.1 (2009-04-30)
Security fix:
- etc/cron.daily/apport: Only attempt to remove files and symlinks, do not
  descend into subdirectories of /var/crash/. Doing so might be exploited by a
  race condition between find traversing a huge directory tree, changing an
  existing subdir into a symlink to e. g. /etc/, and finally getting that piped
  to rm. This also changes the find command to not use GNU extensions. Thanks
  to Stephane Chazelas for discovering this! (LP #357024, CVE-2009-1295)

Bug fixes:
- Send and read Date: field again, reverting r1128; it is useful
  after all. (LP #349139)
- Only add ProcAttrCurrent to reports if it is not "unconfined", to remove some
  noise from reports.
- Detect invalid PIDs in the UI (such as for kernel processes) and give a
  friendly error message instead of silently doing nothing. (LP #360608)
- Always run common hooks, and run source package hooks if we do not have a
  binary package name. (LP #350131)
- Consider socket errors when connecting as transient, so
  that crash-digger doesn't stop completely on them.

12 of 2 results