Change log for apport package in Ubuntu

175 of 611 results
Published in yakkety-release on 2016-06-20
Deleted in yakkety-proposed (Reason: moved to release)
apport (2.20.2-0ubuntu1) yakkety; urgency=medium

  [ Brian Murray ]
  * data/general-hooks/ubuntu.py: tag bug reports 'apport-hook-error' if they
    have an attachment from an apport hook which crashed.

  [ Martin Pitt ]
  * New upstream release. Changes since our previous snapshot:
    - Don't ignore OSError in Report.add_gdb_info(), as we do want to fail with an
      useful error message if gdb cannot be called in apport-retrace. Move the
      catching to the UI as not having gdb installed is still fine for reporting
      clients. (LP: #1579949)
    - Show gdb error messages in Report.add_gdb_info() OSError exception when gdb
      fails. (LP: #1579897)
    - hookutils, attach_root_command_outputs(): Return str again, like before
      2.15.2. (LP: #1370259)
    - Stop issuing "set architecture" gdb commands on ARM and Power; these only
      applied to 32 bit platforms and are apparently not needed any more with
      recent gdb versions. (LP: #1585702)
    - Disable report.test_add_gdb_info_abort_libnih test case for now, as libnih
      is broken under current Ubuntu (LP: #1580601)

 -- Martin Pitt <email address hidden>  Sun, 19 Jun 2016 22:17:35 +0200

Available diffs

Published in xenial-updates on 2016-05-26
Deleted in xenial-proposed (Reason: moved to -updates)
apport (2.20.1-0ubuntu2.1) xenial-proposed; urgency=medium

  * data/general-hooks/ubuntu.py: Fix stacktrace when parsing
    DpkgTerminalLog.txt. (LP: #1548421)
  * data/general-hooks/ubuntu.py: Restore starting package problem duplicate
    signatures with the word package, the package name, and its version.
    (LP: #1581682)

 -- Brian Murray <email address hidden>  Mon, 16 May 2016 15:02:01 -0700
Superseded in yakkety-release on 2016-06-20
Deleted in yakkety-proposed on 2016-06-21 (Reason: moved to release)
apport (2.20.1-0ubuntu4) yakkety; urgency=medium

  * data/general-hooks/ubuntu.py: Fix stacktrace when parsing
    DpkgTerminalLog.txt. (LP: #1548421)
  * data/general-hooks/ubuntu.py: Restore starting package problem duplicate
    signatures with the word package, the package name, and its version.
    (LP: #1581682)

 -- Brian Murray <email address hidden>  Mon, 16 May 2016 14:16:15 -0700
Published in trusty-updates on 2016-05-25
Deleted in trusty-proposed (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.21) trusty-proposed; urgency=medium

  * apport-bug: Stop checking the autoreport flag and calling
    whoopsie-upload-all; these two are different tasks, and that breaks bug
    reporting. (LP: #1339663)

 -- Brian Murray <email address hidden>  Mon, 16 May 2016 13:24:02 -0700
Superseded in yakkety-release on 2016-05-17
Deleted in yakkety-proposed on 2016-05-19 (Reason: moved to release)
apport (2.20.1-0ubuntu3) yakkety; urgency=medium

  * debian/control: Adjust Vcs-Bzr: for yakkety branch.
  * Re-enable Launchpad crash reports for yakkety.

 -- Martin Pitt <email address hidden>  Mon, 02 May 2016 12:10:15 -0500

Available diffs

Superseded in yakkety-release on 2016-05-06
Published in xenial-release on 2016-04-14
Deleted in xenial-proposed (Reason: moved to release)
apport (2.20.1-0ubuntu2) xenial; urgency=medium

   * Merge fixes from trunk:
     - problem_report.py: Make assertion of invalid key names more verbose.
     - hookutils.py: Fix generation of valid report key names from arbitrary
       paths in attach_file() and related functions. This will now replace all
       invalid characters with dots, not just a few known invalid ones.
       (LP: #1566975)
     - problem_report.py: Instead of AssertionError, raise a ValueError for
       invalid key names and TypeError for invalid kinds of values. Thanks
       Barry Warsaw.
  * Disable Launchpad crash upload for final Ubuntu 16.04.

 -- Martin Pitt <email address hidden>  Wed, 13 Apr 2016 23:53:46 +0200
Superseded in trusty-updates on 2016-05-25
Superseded in trusty-proposed on 2016-05-18
apport (2.14.1-0ubuntu3.20) trusty-proposed; urgency=medium

  * Disambiguate overly generic Python exceptions in duplicate signature
    computation: dbus-glib's DBusException wraps a "real" server-side
    exception, so add the class of that to disambiguate different crashes;
    for OSError that is not a known subclass like FileNotFoundError, add the
    errno. (LP: #989819)

 -- Martin Pitt <email address hidden>  Fri, 01 Apr 2016 16:27:39 +0200
Superseded in xenial-release on 2016-04-14
Deleted in xenial-proposed on 2016-04-15 (Reason: moved to release)
apport (2.20.1-0ubuntu1) xenial; urgency=medium

  * New upstream release. Changes since our previous snapshot:
    - crash-digger: Untag bugs which cannot be retraced instead of stopping
      crash-digger. This led to too many pointless manual restarts on broken bug
      reports.
    * Disambiguate overly generic Python exceptions in duplicate signature
      computation: dbus-glib's DBusException wraps a "real" server-side
      exception, so add the class of that to disambiguate different crashes;
      for OSError that is not a known subclass like FileNotFoundError, add the
      errno. (LP: #989819)

 -- Martin Pitt <email address hidden>  Thu, 31 Mar 2016 16:16:37 +0200

Available diffs

Superseded in xenial-release on 2016-03-31
Deleted in xenial-proposed on 2016-04-02 (Reason: moved to release)
apport (2.20-0ubuntu3) xenial; urgency=medium

  * Relax report.test_add_gdb_info gdb warning check, as this changed with gdb
    7.10.90.

 -- Martin Pitt <email address hidden>  Tue, 16 Feb 2016 08:41:10 +0100

Available diffs

Superseded in xenial-release on 2016-02-16
Deleted in xenial-proposed on 2016-02-17 (Reason: moved to release)
apport (2.20-0ubuntu2) xenial; urgency=medium

  * Fix signal_crashes.test_modify_after_start test when running as root.

Superseded in xenial-proposed on 2016-02-15
apport (2.20-0ubuntu1) xenial; urgency=medium

  * New upstream release.
    - Reimplement forwarding crashes into a container, via activating the new
      apport-forward.socket in the container and handing over the core dump
      fd.  This is a much safer way than the original implementation with
      nsexec.  Thanks Stéphane Graber! (LP: #1445064)
  * Drop long-obsolete sysv-rc dependency.
  * Add python3-systemd recommendation to apport, to make crash report
    generation work in containers.
  * Install new systemd units into apport package.

 -- Martin Pitt <email address hidden>  Sun, 14 Feb 2016 13:41:36 +0100

Available diffs

Superseded in xenial-release on 2016-02-15
Deleted in xenial-proposed on 2016-02-16 (Reason: moved to release)
apport (2.19.4-0ubuntu2) xenial; urgency=medium

  * debian/apport.upstart: Call systemd-detect-virt instead of the
    Ubuntu specific running-in-container wrapper. (LP: #1539016)

 -- Martin Pitt <email address hidden>  Thu, 28 Jan 2016 14:58:06 +0100

Available diffs

Superseded in xenial-release on 2016-02-01
Deleted in xenial-proposed on 2016-02-02 (Reason: moved to release)
apport (2.19.4-0ubuntu1) xenial; urgency=medium

  * New upstream bug fix release:
    - Fix fileutils.test_find_package_desktopfile test for symlinks and other
      unowned files in /usr/share/applications/.
    - Fix ui.test_run_crash_anonymity test case to not fail if the base64
      encoded core dump happens to contain the user name, as that's just by
      chance.  - Fix test_hooks.py for unreleased gcc versions which have a
      different --version format.
    - hookutils.py, attach_hardware(): Stop attaching /var/log/udev. This was
      an upstart-ism, mostly redundant with the udev db and is not being
      written under systemd. (LP: #1537211)
  * etc/apport/crashdb.conf: Enable crash reports on Launchpad for xenial.

 -- Martin Pitt <email address hidden>  Tue, 26 Jan 2016 15:37:44 +0100

Available diffs

Superseded in xenial-release on 2016-01-26
Deleted in xenial-proposed on 2016-01-27 (Reason: moved to release)
apport (2.19.3-0ubuntu3) xenial; urgency=medium

  * data/general-hooks/powerpc.py: Add support to collect more data on
    PowerNV. (LP: #1499226) Thanks to Kamalesh Babulal for the patch.

 -- Brian Murray <email address hidden>  Tue, 12 Jan 2016 17:06:29 -0800

Available diffs

Superseded in xenial-release on 2016-01-13
Deleted in xenial-proposed on 2016-01-14 (Reason: moved to release)
apport (2.19.3-0ubuntu2) xenial; urgency=medium

  * Fix fileutils.test_find_package_desktopfile test for symlinks and other
    unowned files in /usr/share/applications/. (Cherry-picked from trunk.)

 -- Martin Pitt <email address hidden>  Thu, 10 Dec 2015 10:31:19 +0100

Available diffs

Superseded in xenial-release on 2015-12-10
Deleted in xenial-proposed on 2015-12-11 (Reason: moved to release)
apport (2.19.3-0ubuntu1) xenial; urgency=medium

  * New upstream microrelease:
    - apt/dpkg: Fix source record lookup in install_packages. Thanks Brian
      Murray!
    - hookutils.py, attach_gsettings_schema(): Don't replace the schema
      variable; fixes attaching relocatable schemas. Thanks Sébastien Bacher!
    - generic hook: Limit JournalErrors to the 1.000 last lines. This avoids
      long report load times when processes cause massive log spew.
      (LP: #1516947)
    - Add key filtering to ProblemReport.load().
    - Don't read the entire report when determining the CrashCounter. This
      avoids long delays for existing large reports.
    - test_python_crashes.py: Be less sensitive to the precise names of
      gvfs-metadata D-Bus service files.
    - Move backend_apt_dpkg -dbgsym test cases to Ubuntu 15.10.
    - Tests: Move to unittest's builtin "mock" module.

 -- Martin Pitt <email address hidden>  Tue, 08 Dec 2015 09:49:00 +0100

Available diffs

Superseded in xenial-release on 2015-12-09
Deleted in xenial-proposed on 2015-12-10 (Reason: moved to release)
apport (2.19.2-0ubuntu9) xenial; urgency=medium

  * If trimming the DpkgTerminalLog file fails, keep the whole log file in the
    report. (LP: #1522849)

 -- Brian Murray <email address hidden>  Mon, 07 Dec 2015 09:19:37 -0800

Available diffs

Superseded in xenial-release on 2015-12-07
Deleted in xenial-proposed on 2015-12-09 (Reason: moved to release)
apport (2.19.2-0ubuntu8) xenial; urgency=medium

  * No-change rebuild against fixed debhelper.

 -- Martin Pitt <email address hidden>  Wed, 25 Nov 2015 06:21:22 +0100
Superseded in xenial-proposed on 2015-11-25
apport (2.19.2-0ubuntu7) xenial; urgency=medium

  * data/general-hooks/ubuntu.py: resolve Traceback when parsing
    DpkgTerminalError and using python2.

 -- Brian Murray <email address hidden>  Tue, 24 Nov 2015 11:35:10 -0800

Available diffs

Superseded in xenial-release on 2015-11-26
Deleted in xenial-proposed on 2015-11-27 (Reason: moved to release)
apport (2.19.2-0ubuntu6) xenial; urgency=medium

  * Add Conflicts/Replaces/Provides: core-dump-handler, to ensure mutual
    uninstallability with systemd-coredump and corekeeper.

 -- Martin Pitt <email address hidden>  Fri, 13 Nov 2015 11:20:31 +0100

Available diffs

Superseded in xenial-release on 2015-11-13
Deleted in xenial-proposed on 2015-11-15 (Reason: moved to release)
apport (2.19.2-0ubuntu5) xenial; urgency=medium

  * data/general-hooks/ubuntu.py: ensure that dpkg_log_without_error is a
    string.

 -- Brian Murray <email address hidden>  Mon, 09 Nov 2015 09:12:03 -0800

Available diffs

Superseded in xenial-release on 2015-11-09
Deleted in xenial-proposed on 2015-11-11 (Reason: moved to release)
apport (2.19.2-0ubuntu4) xenial; urgency=medium

  * data/general-hooks/ubuntu.py: For package installation failures, build a
    DuplicateSignature from the dpkg terminal log as using the package,
    version, and dpkg ErrorMessage ended up being too generic.

 -- Brian Murray <email address hidden>  Fri, 06 Nov 2015 09:14:29 -0800
Deleted in precise-proposed on 2016-05-12 (Reason: The package was removed due to its SRU bug(s) not being v...)
apport (2.0.1-0ubuntu17.14) precise-proposed; urgency=medium

  * apport/ui.py: set "_MarkForUpload" field to False for cases where the
    apport report is damaged, about a not installed package, or when an
    error occurred processing the report. (LP: #1512902)

 -- Brian Murray <email address hidden>  Fri, 06 Nov 2015 07:30:12 -0800
Superseded in trusty-updates on 2016-05-18
Deleted in trusty-proposed on 2016-05-19 (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.19) trusty-proposed; urgency=medium

  * apport/ui.py: set "_MarkForUpload" field to False for cases where the
    apport report is damaged, about a not installed package, or when an
    error occurred processing the report. (LP: #1512902)

 -- Brian Murray <email address hidden>  Fri, 06 Nov 2015 07:14:08 -0800
Published in vivid-updates on 2015-11-17
Deleted in vivid-proposed (Reason: moved to -updates)
apport (2.17.2-0ubuntu1.8) vivid-proposed; urgency=medium

  * apport/ui.py: set "_MarkForUpload" field to False for cases where the
    apport report is damaged, about a not installed package, or when an
    error occurred processing the report. (LP: #1512902)

 -- Brian Murray <email address hidden>  Thu, 05 Nov 2015 15:27:47 -0800
Superseded in xenial-release on 2015-11-06
Deleted in xenial-proposed on 2015-11-08 (Reason: moved to release)
apport (2.19.2-0ubuntu3) xenial; urgency=medium

  * apport: Fix comparison against SIGQUIT to work for current Python
    versions. (Cherry-picked from upstream).

 -- Martin Pitt <email address hidden>  Wed, 04 Nov 2015 14:06:22 -0600

Available diffs

Published in wily-updates on 2015-11-17
Deleted in wily-proposed (Reason: moved to -updates)
apport (2.19.1-0ubuntu5) wily-proposed; urgency=medium

  * apport/ui.py: set "_MarkForUpload" field to False for cases where the
    apport report is damaged, about a not installed package, or when an
    error occurred processing the report. (LP: #1512902)

 -- Brian Murray <email address hidden>  Wed, 04 Nov 2015 10:00:38 -0800
Superseded in xenial-release on 2015-11-04
Deleted in xenial-proposed on 2015-11-06 (Reason: moved to release)
apport (2.19.2-0ubuntu2) xenial; urgency=medium

  * apport/ui.py: set "_MarkForUpload" field to False for cases where the
    apport report is damaged, about a not installed package, or when an
    error occurred processing the report. (LP: #1512902)

 -- Brian Murray <email address hidden>  Tue, 03 Nov 2015 15:44:18 -0800

Available diffs

Superseded in xenial-release on 2015-11-04
Deleted in xenial-proposed on 2015-11-05 (Reason: moved to release)
apport (2.19.2-0ubuntu1) xenial; urgency=medium

  * New upstream release. Changes since previous snapshot:
    - SECURITY FIX: When determining the path of a Python module for a program
      like "python -m module_name", avoid actually importing and running the
      module; this could lead to local root privilege escalation. Thanks to
      Gabriel Campana for discovering this and the fix!
      (CVE-2015-1341, LP: #1507480)
    - test_backend_apt_dpkg.py: Reset internal apt caches between tests.
      Avoids random test failures due to leaking paths from previous test
      cases.
  * debian/control: Adjust Vcs-Bzr: for xenial branch.
  * debian/control: Drop obsolete XS-Testsuite: header.

 -- Martin Pitt <email address hidden>  Tue, 27 Oct 2015 14:33:28 +0100

Available diffs

Superseded in trusty-updates on 2015-11-17
Published in trusty-security on 2015-10-27
apport (2.14.1-0ubuntu3.18) trusty-security; urgency=medium

  * test_backend_apt_dpkg.py: Reset internal apt caches between tests. Avoids
    random test failures due to leaking paths from previous test cases.
  * SECURITY FIX: When determining the path of a Python module for a program
    like "python -m module_name", avoid actually importing and running the
    module; this could lead to local root privilege escalation. Thanks to
    Gabriel Campana for discovering this and the fix!
    (CVE-2015-1341, LP: #1507480)

 -- Martin Pitt <email address hidden>  Thu, 22 Oct 2015 15:15:37 +0200
Published in precise-updates on 2015-10-27
Published in precise-security on 2015-10-27
apport (2.0.1-0ubuntu17.13) precise-security; urgency=medium

  * SECURITY FIX: When determining the path of a Python module for a program
    like "python -m module_name", avoid actually importing and running the
    module; this could lead to local root privilege escalation. Thanks to
    Gabriel Campana for discovering this and the fix!
    (CVE-2015-1341, LP: #1507480)

 -- Martin Pitt <email address hidden>  Thu, 22 Oct 2015 15:50:47 +0200
Superseded in vivid-updates on 2015-11-17
Published in vivid-security on 2015-10-27
apport (2.17.2-0ubuntu1.7) vivid-security; urgency=medium

  * test_backend_apt_dpkg.py: Reset internal apt caches between tests. Avoids
    random test failures due to leaking paths from previous test cases.
  * SECURITY FIX: When determining the path of a Python module for a program
    like "python -m module_name", avoid actually importing and running the
    module; this could lead to local root privilege escalation. Thanks to
    Gabriel Campana for discovering this and the fix!
    (CVE-2015-1341, LP: #1507480)

 -- Martin Pitt <email address hidden>  Thu, 22 Oct 2015 15:05:43 +0200
Superseded in wily-updates on 2015-11-17
Published in wily-security on 2015-10-27
apport (2.19.1-0ubuntu4) wily-security; urgency=medium

  * test_backend_apt_dpkg.py: Reset internal apt caches between tests. Avoids
    random test failures due to leaking paths from previous test cases.
  * SECURITY FIX: When determining the path of a Python module for a program
    like "python -m module_name", avoid actually importing and running the
    module; this could lead to local root privilege escalation. Thanks to
    Gabriel Campana for discovering this and the fix!
    (CVE-2015-1341, LP: #1507480)

 -- Martin Pitt <email address hidden>  Thu, 22 Oct 2015 14:46:22 +0200
Superseded in xenial-release on 2015-10-28
Published in wily-release on 2015-10-19
Deleted in wily-proposed (Reason: moved to release)
apport (2.19.1-0ubuntu3) wily; urgency=medium

  * Disable Launchpad crash upload for final Ubuntu 15.10.
  * Fix backend_apt_dpkg.test_install_packages_system for recent "Fall back to
    direct Launchpad ddeb download" fix. coreutils-dbgsym should now always be
    available independent of whether the local system has ddeb apt sources.
    (Cherry-picked from trunk).

 -- Martin Pitt <email address hidden>  Mon, 19 Oct 2015 08:48:25 +0200
Deleted in precise-proposed on 2015-11-04 (Reason: moved to -updates)
apport (2.0.1-0ubuntu17.12) precise-proposed; urgency=medium

  * Consistently intercept "report file already exists" errors in all
    writers of report files (package_hook, kernel_crashdump, and similar) to
    avoid unhandled exceptions on those. (LP: #1500450)

 -- Brian Murray <email address hidden>  Fri, 16 Oct 2015 15:32:12 -0700
Deleted in trusty-proposed on 2015-11-04 (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.17) trusty-proposed; urgency=medium

  * Consistently intercept "report file already exists" errors in all writers
    of report files (package_hook, kernel_crashdump, and similar) to avoid
    unhandled exceptions on those. (LP: #1500450)

 -- Brian Murray <email address hidden>  Fri, 16 Oct 2015 15:09:08 -0700
Deleted in vivid-proposed on 2015-11-04 (Reason: moved to -updates)
apport (2.17.2-0ubuntu1.6) vivid-proposed; urgency=medium

  * Consistently intercept "report file already exists" errors in all writers of
    report files (package_hook, kernel_crashdump, and similar) to avoid
    unhandled exceptions on those. (LP: #1500450)

 -- Brian Murray <email address hidden>  Fri, 16 Oct 2015 14:49:37 -0700
Superseded in wily-release on 2015-10-19
Deleted in wily-proposed on 2015-10-20 (Reason: moved to release)
apport (2.19.1-0ubuntu2) wily; urgency=medium

  * apt/dpkg: Don't mark packages downloaded from Launchpad for installation
    by apt. Thanks Brian Murray. (Cherry-picked from trunk.)

Superseded in wily-proposed on 2015-10-08
apport (2.19.1-0ubuntu1) wily; urgency=medium

  [ Martin Pitt ]
  * New upstream release:
    - Consistently intercept "report file already exists" errors in all writers
      of report files (package_hook, kernel_crashdump, and similar) to avoid
      unhandled exceptions on those. (LP: #1500450)
    - apt/dpkg: Fall back to direct Launchpad ddeb download if we can't find it
      in the apt cache. Thanks Brian Murray! (LP: #1500557)
    - doc/data-format.tex: Clarify that key names are being treated as case
      sensitive (unlike RFC822).

  [ Brian Murray ]
  * data/iwlwifi_error_dump: fix add_package call. (LP: #1496268)

  [ Sebastien Bacher ]
  * data/package-hooks/sources_ubiquity.py: Don't try decode() a str
    (LP: #1501773).

 -- Martin Pitt <email address hidden>  Wed, 07 Oct 2015 10:58:13 +0200

Available diffs

Superseded in trusty-updates on 2015-10-27
Deleted in trusty-proposed on 2015-10-28 (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.16) trusty-proposed; urgency=medium

  * Add data/general-hooks/powerpc.py: Collect some PowerPC[64] information.
    Thanks to Thierry FAUCK! (LP: #1336462)

 -- Brian Murray <email address hidden>  Thu, 24 Sep 2015 13:02:09 -0700
Superseded in precise-updates on 2015-10-27
Deleted in precise-proposed on 2015-10-28 (Reason: moved to -updates)
apport (2.0.1-0ubuntu17.11) precise-proposed; urgency=medium

  * report.py, add_package_info(): Add "[origin: unknown]" tag to
    Package/Dependencies fields for a package whose origin cannot
    be determined. (LP: #1148116)

 -- Brian Murray <email address hidden>  Thu, 24 Sep 2015 12:48:19 -0700
Superseded in wily-release on 2015-10-08
Deleted in wily-proposed on 2015-10-09 (Reason: moved to release)
apport (2.19-0ubuntu1) wily; urgency=medium

  * New upstream release:
    - apport: Drop re-nicing. This might decrease the time a user has to wait
      for apport to finish the core dump for a crashed/hanging foreground
      process.  (See LP #1278780)
    - kernel_crashdump: Enforce that the log/dmesg files are not a symlink.
      This prevents normal users from pre-creating a symlink to the
      predictable .crash file, and thus triggering a "fill up disk" DoS attack
      when the .crash report tries to include itself. Thanks to halfdog for
      discovering this!  (CVE-2015-1338, part of LP #1492570)
    - SECURITY FIX: Fix all writers of report files (package_hook,
      kernel_crashdump, and similar) to open the report file exclusively,
      i. e.  fail if they already exist. This prevents privilege escalation
      through symlink attacks. Note that this will also prevent overwriting
      previous reports with the same same. Thanks to halfdog for discovering
      this!  (CVE-2015-1338, LP: #1492570)
    - apport: Ignore process restarts from systemd's watchdog. Their traces
      are usually useless as they don't have any information about the actual
      reasaon why processes hang (like VM suspends or kernel lockups with bad
      hardware) (LP: #1433320)

 -- Martin Pitt <email address hidden>  Thu, 24 Sep 2015 14:41:54 +0200

Available diffs

Superseded in trusty-updates on 2015-10-19
Superseded in trusty-security on 2015-10-27
apport (2.14.1-0ubuntu3.15) trusty-security; urgency=medium

  [ Martin Pitt ]
  * SECURITY FIX: kernel_crashdump: Enforce that the log/dmesg files are not a
    symlink.
    This prevents normal users from pre-creating a symlink to the predictable
    .crash file, and thus triggering a "fill up disk" DoS attack when the
    .crash report tries to include itself. Also clean up the code to make this
    easier to read: Drop the "vmcore_root" alias, move the vmcore and
    vmcore.log cleanup into the "no kdump" section, and replace the buggy
    os.walk() loop with a glob to only catch direct timestamp subdirectories
    of /var/crash/.
    Thanks to halfdog for discovering this!
    (CVE-2015-1338, part of LP #1492570)
  * SECURITY FIX: Fix all writers of report files to open the report file
    exclusively.
    Fix package_hook, kernel_crashdump, and similar hooks to fail if the
    report already exists. This prevents privilege escalation through symlink
    attacks. Note that this will also prevent overwriting previous reports
    with the same same. Thanks to halfdog for discovering this!
    (CVE-2015-1338, LP: #1492570)

  [ Marc Deslauriers ]
  * This package does _not_ contain the changes from 2.14.1-0ubuntu3.14 in
    trusty-proposed.

 -- Marc Deslauriers <email address hidden>  Wed, 23 Sep 2015 11:28:26 -0400
Superseded in vivid-updates on 2015-10-27
Superseded in vivid-security on 2015-10-27
apport (2.17.2-0ubuntu1.5) vivid-security; urgency=medium

  * SECURITY FIX: kernel_crashdump: Enforce that the log/dmesg files are not a
    symlink.
    This prevents normal users from pre-creating a symlink to the predictable
    .crash file, and thus triggering a "fill up disk" DoS attack when the
    .crash report tries to include itself. Also clean up the code to make this
    easier to read: Drop the "vmcore_root" alias, move the vmcore and
    vmcore.log cleanup into the "no kdump" section, and replace the buggy
    os.walk() loop with a glob to only catch direct timestamp subdirectories
    of /var/crash/.
    Thanks to halfdog for discovering this!
    (CVE-2015-1338, part of LP #1492570)
  * SECURITY FIX: Fix all writers of report files to open the report file
    exclusively.
    Fix package_hook, kernel_crashdump, and similar hooks to fail if the
    report already exists. This prevents privilege escalation through symlink
    attacks. Note that this will also prevent overwriting previous reports
    with the same same. Thanks to halfdog for discovering this!
    (CVE-2015-1338, LP: #1492570)

 -- Martin Pitt <email address hidden>  Mon, 21 Sep 2015 10:22:50 +0200
Superseded in precise-updates on 2015-09-29
Superseded in precise-security on 2015-10-27
apport (2.0.1-0ubuntu17.10) precise-security; urgency=medium

  * SECURITY FIX: kernel_crashdump: Enforce that the log/dmesg files are not a
    symlink.
    This prevents normal users from pre-creating a symlink to the predictable
    .crash file, and thus triggering a "fill up disk" DoS attack when the
    .crash report tries to include itself. Thanks to halfdog for discovering
    this! (CVE-2015-1338, part of LP #1492570)
  * SECURITY FIX: Fix all writers of report files to open the report file
    exclusively.
    Fix package_hook, kernel_crashdump, and similar hooks to fail if the
    report already exists. This prevents privilege escalation through symlink
    attacks. Note that this will also prevent overwriting previous reports
    with the same same. Thanks to halfdog for discovering this!
    (CVE-2015-1338, LP: #1492570)
  * debian/tests/upstream-system: Change directory to /tmp, so that tests
    actually run against the installed package.

 -- Martin Pitt <email address hidden>  Mon, 21 Sep 2015 11:58:45 +0200
Deleted in trusty-proposed on 2015-09-24 (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.14) trusty-proposed; urgency=medium

  * Add data/general-hooks/powerpc.py: Collect some PowerPC[64] information.
    Thanks to Thierry FAUCK! (LP: #1336462)

 -- Brian Murray <email address hidden>  Wed, 16 Sep 2015 11:30:47 -0700
Superseded in wily-release on 2015-09-25
Deleted in wily-proposed on 2015-09-26 (Reason: moved to release)
apport (2.18.1-0ubuntu1) wily; urgency=medium

  * New upstream bug fix release. Changes since our previous snapshot:
    - packaging.py: Only consider first word in /etc/os-release's NAME value.
      This works around Debian's inconsistent value. (LP: #1408245)
    - Unify and simplify Package: field generation in kernel_crashdump,
      kernel_oops, and package_hook by using the new Report.add_package()
      method.  (LP: #1485787)
    - sandboxutils.py, make_sandbox(): Make "Cannot find package which ships
      Executable/InterpreterPath" fatal, to save some unnecessary package
      unpack cycles. (LP: #1487174)
  * etc/apport/crashdb.conf: Enable crash reports on Launchpad for wily.
    Really late, sorry about that!

 -- Martin Pitt <email address hidden>  Thu, 10 Sep 2015 11:48:46 +0200

Available diffs

Superseded in wily-release on 2015-09-10
Deleted in wily-proposed on 2015-09-11 (Reason: moved to release)
apport (2.18-0ubuntu9) wily; urgency=medium

  * Revert changes to data/package_hook to include the package version. This
    just hides the problem that somewhere during whoopsie add_package_info()
    is not called. (See LP #1485787)
  * packaging-apt-dpkg.py, is_distro_package(): If there is no origin and
    /etc/system-image/channel.ini exists, assume the package is from a
    read-only system image and accept it as distro package. With this we don't
    need /var/lib/apt/lists/ indexes any more just to confirm the origin.
    (LP: #1489410)
  * Merge fixes from trunk:
    - whoopsie-upload-all: Intercept OSError too (e. g. "No space left on
      device"). (LP: #1476258)
    - apport-retrace: Only consider the file name of a source file, not its
      path; the latter often contains parts like "../" or directories which are
      specific to a build machine. This fixes most broken StacktraceSource
      results.  (LP: #1462491)

 -- Martin Pitt <email address hidden>  Mon, 31 Aug 2015 11:35:54 +0200
Superseded in wily-release on 2015-08-31
Deleted in wily-proposed on 2015-09-01 (Reason: moved to release)
apport (2.18-0ubuntu8) wily; urgency=medium

  * data/package-hooks/source_ubiquity.py: resolve tracebacks parsing syslog
    and adding the debug log file.

 -- Brian Murray <email address hidden>  Fri, 28 Aug 2015 10:03:59 -0700

Available diffs

Superseded in trusty-updates on 2015-09-24
Deleted in trusty-proposed on 2015-09-25 (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.13) trusty-proposed; urgency=medium

  * data/package_hook: when creating the problem report include the version of
    the package. (LP: #1485787)

 -- Brian Murray <email address hidden>  Wed, 26 Aug 2015 16:16:52 -0700
Superseded in vivid-updates on 2015-09-24
Deleted in vivid-proposed on 2015-09-25 (Reason: moved to -updates)
apport (2.17.2-0ubuntu1.4) vivid-proposed; urgency=medium

  * data/package_hook: when creating the problem report include the version of
    the package. (LP: #1485787)

 -- Brian Murray <email address hidden>  Wed, 26 Aug 2015 15:49:41 -0700
Superseded in wily-release on 2015-08-30
Deleted in wily-proposed on 2015-08-31 (Reason: moved to release)
apport (2.18-0ubuntu7) wily; urgency=medium

  * data/package_hook: When creating a Package problem write the version of
    the package to the report. (LP: #1485787)

 -- Brian Murray <email address hidden>  Mon, 17 Aug 2015 15:40:39 -0700

Available diffs

Superseded in trusty-updates on 2015-09-09
Deleted in trusty-proposed on 2015-09-10 (Reason: moved to -updates)
apport (2.14.1-0ubuntu3.12) trusty-proposed; urgency=medium

  * Keep "[origin: ...]" information in Package: and Dependencies: fields
    for native-origins.d/ origins, so that it's possible to retrace them and
    so that bugs are reported about the right project. (LP: #1470572)
  * general-hooks/ubuntu.py: for reports where the ProblemType is Package
    always include information about the apt and dpkg versions.

 -- Brian Murray <email address hidden>  Tue, 11 Aug 2015 12:33:43 -0700
Superseded in vivid-updates on 2015-09-09
Deleted in vivid-proposed on 2015-09-10 (Reason: moved to -updates)
apport (2.17.2-0ubuntu1.3) vivid-proposed; urgency=medium

  * Keep "[origin: ...]" information in Package: and Dependencies: fields
    for native-origins.d/ origins, so that it's possible to retrace them and
    so that bugs are reported about the right project. (LP: #1470572)

 -- Brian Murray <email address hidden>  Tue, 11 Aug 2015 11:51:41 -0700
Superseded in wily-release on 2015-08-18
Deleted in wily-proposed on 2015-08-19 (Reason: moved to release)
apport (2.18-0ubuntu6) wily; urgency=medium

  * Drop apport-noui from test dependencies, as whoopsie interferes with the
    test crashes while the test suite runs. (LP: #1478115)
  * Restore whoopsie dependency of apport-noui.
  * apport-noui.service: Add missing Type=oneshot, to fix restart limits with
    crashes happening in rapid succession.
  * Merge test fixes from trunk.
  * data/package-hooks/source_linux.py: Fix PEP-8 error.

 -- Martin Pitt <email address hidden>  Mon, 10 Aug 2015 11:25:07 +0200

Available diffs

Superseded in vivid-updates on 2015-08-19
Deleted in vivid-proposed on 2015-08-21 (Reason: moved to -updates)
apport (2.17.2-0ubuntu1.2) vivid-proposed; urgency=medium

  * apport-noui.upstart: Utilize watershed to only launch one instance of
    whoopsie-upload-all at a time. (LP: #1473562)
  * apport-noui: Depend on watershed.

 -- Brian Murray <email address hidden>  Fri, 24 Jul 2015 15:27:31 -0700
Superseded in wily-release on 2015-08-10
Deleted in wily-proposed on 2015-08-11 (Reason: moved to release)
apport (2.18-0ubuntu5) wily; urgency=medium

  * apport-noui: Remove the dependency on whoopsie as it causes test failures.

 -- Brian Murray <email address hidden>  Fri, 24 Jul 2015 13:23:03 -0700
Superseded in wily-proposed on 2015-07-24
apport (2.18-0ubuntu4) wily; urgency=medium

  * whoopsie-upload-all: restore import of apport.fileutils which seems to
    resolve some test failures.

 -- Brian Murray <email address hidden>  Thu, 23 Jul 2015 12:17:01 -0700

Available diffs

Superseded in wily-proposed on 2015-07-23
apport (2.18-0ubuntu3) wily; urgency=medium

  * apport-noui: Depend on watershed and whoopsie since whoopsie-upload-all
    requires whoopsie to upload crashes.
  * apport-noui.upstart: Utilize watershed to only launch one instance of
    whoopsie-upload-all.
  * apport-noui.paths: When monitoring /var/crash switch to PathExistsGlob
    since PathChanged will cause whoopsie-upload-all to run more often e.g.
    when .upload and .uploaded files are created.

 -- Brian Murray <email address hidden>  Mon, 20 Jul 2015 14:09:23 -0700

Available diffs

Superseded in wily-release on 2015-07-24
Deleted in wily-proposed on 2015-07-26 (Reason: moved to release)
apport (2.18-0ubuntu2) wily; urgency=medium

  * Fix PEP-8 error in test/test_backend_apt_dpkg.py.

Superseded in wily-proposed on 2015-07-17
apport (2.18-0ubuntu1) wily; urgency=medium

  * New upstream release. Changes since our last merge from trunk:
    - apport-gtk: Use GtkWidget::valign property instead of GtkMisc::yalign
      which is deprecated in GTK 3.16. Thanks Iain Lane.
    - sandboxutils, make_sandbox(): Don't exit with 0 (success) if the
      ExecutablePath does not exist. (LP: #1462469)
    - sandboxutils, make_sandbox(): Fix second round of package installs to go
      into permanent root dir as well.
    - apt/dpkg install_packages(): If a requested package version is not
      available from apt in the given archive, try to download it from
      Launchpad. Thanks to Brian Murray!
    - kerneloops: Fix crash when determining the version of a custom kernel.
      Thanks Brian Murray. (LP: #1468154)
    - apt/dpkg install_packages(): Ignore -dbg packages whose descriptions
      contain "transitional". (LP: #1469635)
    - Keep "[origin: ...]" information in Package: and Dependencies: fields
      for native-origins.d/ origins, so that it's possible to retrace them.
      Thanks Brian Murray! (LP: #1470572)
    - Add support for retracing with discovering and enabling foreign
      Launchpad PPA origins, as specified in reports' Package:/Dependencies:
      fields. Thanks Brian Murray!
    - hookutils.attach_wifi(): Shorten value of CRDA if iw isn't available on
      the system. Thanks Brian Murray.
    - Fix wrong assertion in crashdb.test_check_duplicate() which surfaces
      under Python 3.5. (LP: #1474539)
  * test/test_backend_apt_dpkg.py: Disable new test assertion for
    unity-services-dbgsym, which doesn't currently work in the autopkgtest
    (but works fine in trunk and on the retracers). To be investigated.

 -- Martin Pitt <email address hidden>  Fri, 17 Jul 2015 11:03:21 +0200

Available diffs

Superseded in wily-release on 2015-07-17
Deleted in wily-proposed on 2015-07-18 (Reason: moved to release)
apport (2.17.3-0ubuntu4) wily; urgency=medium

  * apport-gtk.ui: Use "valign" to align the icon on the crash dialog.
    "yalign" is deprecated with GTK 3.16 and the consequent warning causes a
    testsuite failure. Cherry-pick from upstream MP.

 -- Iain Lane <email address hidden>  Fri, 05 Jun 2015 11:52:04 +0100

Available diffs

Superseded in wily-release on 2015-06-05
Deleted in wily-proposed on 2015-06-06 (Reason: moved to release)
apport (2.17.3-0ubuntu3) wily; urgency=medium

  * Merge from trunk:
    - Fix backend_apt_dpkg.test_install_packages_permanent_sandbox test to
      restore proxy settings at the right time.

 -- Martin Pitt <email address hidden>  Thu, 28 May 2015 16:01:34 +0200
Superseded in wily-proposed on 2015-05-28
apport (2.17.3-0ubuntu2) wily; urgency=medium

  * Merge from trunk:
    - Fix backend_apt_dpkg.test_install_packages_permanent_sandbox test to
      more carefully restore the environment and apt config.
    - Enable suid_dumpable in the init.d script to also get Apport reports
      about suid, unreadable, and otherwise protected binaries. These will be
      "system reports" owned and readable by root only.
    - init.d script: Fix tab usage inconsistencies.

 -- Martin Pitt <email address hidden>  Thu, 28 May 2015 10:05:40 +0200
Superseded in wily-release on 2015-05-28
Deleted in wily-proposed on 2015-05-29 (Reason: moved to release)
apport (2.17.3-0ubuntu1) wily; urgency=medium

  * New upstream release:
    - SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
      program that is suid root or not readable for the user would create
      root-owned core files in the current directory of that program. Creating
      specially crafted core files in /etc/logrotate.d or similar could then
      lead to arbitrary code execution with root privileges.
      Now core files do not get written for these kinds of programs, in
      accordance with the intention of core(5).
      Thanks to Sander Bos for discovering this issue!
      (CVE-2015-1324, LP: #1452239)
    - SECURITY UPDATE: When writing a core dump file for a crashed packaged
      program, don't close and reopen the .crash report file but just rewind
      and re-read it. This prevents the user from modifying the .crash report
      file while "apport" is running to inject data and creating crafted core
      dump files. In conjunction with the above vulnerability of writing core
      dump files to arbitrary directories this could be exploited to gain root
      privileges.
      Thanks to Philip Pettersson for discovering this issue!
      (CVE-2015-1325, LP: #1453900)
    - apportcheckresume: Fix "occured" typo, thanks Matthew Paul Thomas.
      (LP: #1448636)
    - signal_crashes test: Fix test_crash_setuid_* to look at whether
      suid_dumpable was enabled.
    - test/run: Run UI tests under dbus-launch, newer GTK versions require this
      now.

 -- Martin Pitt <email address hidden>  Wed, 20 May 2015 16:58:35 +0200

Available diffs

Superseded in wily-release on 2015-05-22
Deleted in wily-proposed on 2015-05-23 (Reason: moved to release)
apport (2.17.2-0ubuntu2) wily; urgency=medium

  [ Brian Murray ]
  * Update Vcs information in debian/control.
  * general-hooks/ubuntu.py: update checks for corrupt packages.

  [ Martin Pitt ]
  * Disable KDE tests for the time being. apport-kde consistently crashes
    in PyQT5 since vivid (LP #1442512), don't block package migration on this.

 -- Martin Pitt <email address hidden>  Mon, 18 May 2015 08:36:07 +0200
Superseded in vivid-updates on 2015-08-06
Superseded in vivid-security on 2015-09-24
apport (2.17.2-0ubuntu1.1) vivid-security; urgency=medium

  * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
    program that is suid root or not readable for the user would create
    root-owned core files in the current directory of that program.  Creating
    specially crafted core files in /etc/logrotate.d or similar could then
    lead to arbitrary code execution with root privileges.  Now core files do
    not get written for these kinds of programs, in accordance with the
    intention of core(5).
    Thanks to Sander Bos for discovering this issue!
    (CVE-2015-1324, LP: #1452239)
  * SECURITY UPDATE: When writing a core dump file for a crashed packaged
    program, don't close and reopen the .crash report file but just rewind and
    re-read it. This prevents the user from modifying the .crash report file
    while "apport" is running to inject data and creating crafted core dump
    files. In conjunction with the above vulnerability of writing core dump
    files to arbitrary directories this could be exploited to gain root
    privileges.
    Thanks to Philip Pettersson for discovering this issue!
    (CVE-2015-1325, LP: #1453900)
  * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(),
    test_nonwritable_cwd() uses a different dir.
  * signal_crashes test: Fix test_crash_setuid_* to look at whether
    suid_dumpable was enabled.
  * Disable KDE tests for the time being. apport-kde consistently crashes
    in PyQT5 since vivid (LP #1442512), don't block package migration on this.

 -- Martin Pitt <email address hidden>  Wed, 13 May 2015 11:42:59 +0200
Published in utopic-updates on 2015-05-21
Published in utopic-security on 2015-05-21
apport (2.14.7-0ubuntu8.5) utopic-security; urgency=medium

  * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
    program that is suid root or not readable for the user would create
    root-owned core files in the current directory of that program.  Creating
    specially crafted core files in /etc/logrotate.d or similar could then
    lead to arbitrary code execution with root privileges.  Now core files do
    not get written for these kinds of programs, in accordance with the
    intention of core(5).
    Thanks to Sander Bos for discovering this issue!
    (CVE-2015-1324, LP: #1452239)
  * SECURITY UPDATE: When writing a core dump file for a crashed packaged
    program, don't close and reopen the .crash report file but just rewind and
    re-read it. This prevents the user from modifying the .crash report file
    while "apport" is running to inject data and creating crafted core dump
    files. In conjunction with the above vulnerability of writing core dump
    files to arbitrary directories this could be exploited to gain root
    privileges.
    Thanks to Philip Pettersson for discovering this issue!
    (CVE-2015-1325, LP: #1453900)
  * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(),
    test_nonwritable_cwd() uses a different dir.

 -- Martin Pitt <email address hidden>  Wed, 13 May 2015 11:59:03 +0200
Superseded in trusty-updates on 2015-08-19
Superseded in trusty-security on 2015-09-24
apport (2.14.1-0ubuntu3.11) trusty-security; urgency=medium

  * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
    program that is suid root or not readable for the user would create
    root-owned core files in the current directory of that program.  Creating
    specially crafted core files in /etc/logrotate.d or similar could then
    lead to arbitrary code execution with root privileges.  Now core files do
    not get written for these kinds of programs, in accordance with the
    intention of core(5).
    Thanks to Sander Bos for discovering this issue!
    (CVE-2015-1324, LP: #1452239)
  * SECURITY UPDATE: When writing a core dump file for a crashed packaged
    program, don't close and reopen the .crash report file but just rewind and
    re-read it. This prevents the user from modifying the .crash report file
    while "apport" is running to inject data and creating crafted core dump
    files. In conjunction with the above vulnerability of writing core dump
    files to arbitrary directories this could be exploited to gain root
    privileges.
    Thanks to Philip Pettersson for discovering this issue!
    (CVE-2015-1325, LP: #1453900)
  * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(),
    test_nonwritable_cwd() uses a different dir.

 -- Martin Pitt <email address hidden>  Wed, 13 May 2015 11:53:18 +0200
Superseded in precise-updates on 2015-09-24
Superseded in precise-security on 2015-09-24
apport (2.0.1-0ubuntu17.9) precise-security; urgency=medium

  * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
    program that is suid root or not readable for the user would create
    root-owned core files in the current directory of that program.  Creating
    specially crafted core files in /etc/logrotate.d or similar could then
    lead to arbitrary code execution with root privileges.  Now core files do
    not get written for these kinds of programs, in accordance with the
    intention of core(5).
    Thanks to Sander Bos for discovering this issue!
    (CVE-2015-1324, LP: #1452239)
  * Add test case to ensure that users cannot inject arbitrary core dump file
    contents (CVE-2015-1325). This version is not affected, but having the
    test will ensure that backported changes don't introduce this
    vulnerability. (LP: #1453900)
  * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(),
    test_nonwritable_cwd() uses a different dir.

 -- Martin Pitt <email address hidden>  Wed, 13 May 2015 13:58:17 +0200
Superseded in wily-release on 2015-05-19
Published in vivid-release on 2015-04-17
Deleted in vivid-proposed (Reason: moved to release)
apport (2.17.2-0ubuntu1) vivid; urgency=medium

  * New upstream bug fix release:
    - SECURITY UPDATE: Disable crash forwarding to containers. The previous
      fix in 2.17.1 was not sufficient against all attack scenarios. By
      binding to specially crafted sockes, a normal user program could forge
      arbitrary entries in /proc/net/unix. We cannot currently rely on a
      kernel-side solution for this; this feature will be re-enabled once it
      gets re-done to be secure. (LP: #1444518)
    - apport-kde: Fix crash when showing byte array values. Thanks Jonathan
      Riddell. (LP: #1443659)
    - Really create a better duplicate signature for recoverable problems,
      using ExecutablePath. Thanks Brian Murray. (LP: #1316763)
  * Disable Launchpad crash upload for final Ubuntu 15.04.
 -- Martin Pitt <email address hidden>   Thu, 16 Apr 2015 17:51:18 -0500
Superseded in trusty-updates on 2015-05-21
Superseded in trusty-security on 2015-05-21
apport (2.14.1-0ubuntu3.10) trusty-security; urgency=medium

  * SECURITY UPDATE: insecure /proc/net/unix parsing (LP: #1444518)
    - data/apport: temporarily disable container support until it can be
      re-written in a secure manner.
    - CVE number pending
 -- Marc Deslauriers <email address hidden>   Thu, 16 Apr 2015 07:56:02 -0400
Superseded in utopic-updates on 2015-05-21
Superseded in utopic-security on 2015-05-21
apport (2.14.7-0ubuntu8.4) utopic-security; urgency=medium

  * SECURITY UPDATE: insecure /proc/net/unix parsing (LP: #1444518)
    - data/apport: temporarily disable container support until it can be
      re-written in a secure manner.
    - CVE number pending
 -- Marc Deslauriers <email address hidden>   Thu, 16 Apr 2015 07:40:49 -0400
Superseded in vivid-release on 2015-04-17
Deleted in vivid-proposed on 2015-04-18 (Reason: moved to release)
apport (2.17.1-0ubuntu2) vivid; urgency=medium

  * Fix crash in kde frontend LP: #1443659
 -- Jonathan Riddell <email address hidden>   Wed, 15 Apr 2015 13:29:04 +0200

Available diffs

Superseded in vivid-release on 2015-04-15
Deleted in vivid-proposed on 2015-04-16 (Reason: moved to release)
apport (2.17.1-0ubuntu1) vivid; urgency=medium

  * New upstream bug fix release:
    - SECURITY UPDATE: Fix root privilege escalation through crash forwarding
      to containers.
      Version 2.13 introduced forwarding a crash to a container's apport. By
      crafting a specific file system structure, entering it as a namespace
      ("container"), and crashing something in it, a local user could access
      arbitrary files on the host system with root privileges.
      Thanks to Stéphane Graber for discovering and fixing this!
      (CVE-2015-1318, LP: #1438758)
    - apport-kde tests: Fix imports to make tests work again.
    - Fix UnicodeDecodeError on parsing non-ASCII environment variables.
    - apport: use the proper pid when calling apport in another PID namespace.
      Thanks Brian Murray. (LP: #1300235)
 -- Martin Pitt <email address hidden>   Tue, 14 Apr 2015 09:10:17 -0500

Available diffs

175 of 611 results