Apport 2.20.4
Milestone information
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- No users assigned to blueprints and bugs.
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- No bugs are targeted to this milestone.
Download files for this release
Release notes
* SECURITY FIX: Restrict a report's CrashDB field to literals.
Use ast.literal_eval() instead of the generic eval(), to prevent arbitrary
code execution from malicious .crash files. A user could be tricked into
opening a crash file whose CrashDB field contains an exec(), open(), or
similar commands; this is fairly easy as we install a MIME handler for
these. Thanks to Donncha O'Cearbhaill for discovering this!
(CVE-2016-9949, LP: #1648806)
* SECURITY FIX: Fix path traversal vulnerability with hooks execution.
Ensure that Package: and SourcePackage: fields loaded from reports do not
contain directories. Until now, an attacker could trick a user into opening a
malicious .crash file containing
Package: ../../.
which would execute /some/dir/foo.py with arbitrary code.
Thanks to Donncha O'Cearbhaill for discovering this!
(CVE-2016-9950, LP: #1648806)
* SECURITY FIX: apport-{gtk,kde}: Only offer "Relaunch" for recent /var/crash
crashes.
It only makes sense to offer relaunching for crashes that just happened and
the apport UI got triggered on those. When opening a .crash file copied from
somewhere else or after the crash happened, this is even actively dangerous
as a malicious crash file can specify any arbitrary command to run.
Thanks to Donncha O'Cearbhaill for discovering this!
(CVE-2016-9951, LP: #1648806)
* test_backend_
now) to 16.04 LTS "xenial".
* packaging-
dpkg status file for get_source_tree(), to work with apt 1.3~pre4.
* packaging-
of "direct". The latter never really worked, but APT did not complain about
it.
* data/iwlwifi_
* hookutils.py, attach_
that actually exists.
* test/test_
glibc 2.24.
* apport-gtk: Specify module version with GI imports to avoid warnings. Thanks
Anatoly Techtonik. (LP: #1502173)
* test/run: Prefer pycodestyle over pep8.
* backends/
search for a file in Contents.gz fails due to a lack of memory. Thanks
Brian Murray.
* bin/apport-retrace: When --core-file is used instead of loading the core
file and adding it to the apport report just pass the file reference to gdb.
Changelog
This release does not have a changelog.
0 blueprints and 0 bugs targeted
There are no feature specifications or bug tasks targeted to this milestone. The project's maintainer, driver, or bug supervisor can target specifications and bug tasks to this milestone to track the things that are expected to be completed for the release.