apport 2.0.1-0ubuntu17.9 source package in Ubuntu

Changelog

apport (2.0.1-0ubuntu17.9) precise-security; urgency=medium

  * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a
    program that is suid root or not readable for the user would create
    root-owned core files in the current directory of that program.  Creating
    specially crafted core files in /etc/logrotate.d or similar could then
    lead to arbitrary code execution with root privileges.  Now core files do
    not get written for these kinds of programs, in accordance with the
    intention of core(5).
    Thanks to Sander Bos for discovering this issue!
    (CVE-2015-1324, LP: #1452239)
  * Add test case to ensure that users cannot inject arbitrary core dump file
    contents (CVE-2015-1325). This version is not affected, but having the
    test will ensure that backported changes don't introduce this
    vulnerability. (LP: #1453900)
  * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(),
    test_nonwritable_cwd() uses a different dir.

 -- Martin Pitt <email address hidden>  Wed, 13 May 2015 13:58:17 +0200

Upload details

Uploaded by:
Martin Pitt on 2015-05-15
Sponsored by:
Marc Deslauriers
Uploaded to:
Precise
Original maintainer:
Martin Pitt
Architectures:
all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Precise: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
apport_2.0.1.orig.tar.gz 650.8 KiB 2020aea997fa35fd72a99d55e228cbd5c0686a7904b61b492d44452f3679ff52
apport_2.0.1-0ubuntu17.9.diff.gz 135.5 KiB ed8aff2c22a34358480024c9939c27e4996512d3bfa3185d69b3e84ac00e287f
apport_2.0.1-0ubuntu17.9.dsc 2.3 KiB 3c59974fa65ac4f86fc729e99418bca8895bb49feb553989584d4d9583184cc6

View changes file

Binary packages built by this source

apport: automatically generate crash reports for debugging

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package also provides a command line frontend for browsing and
 handling the crash reports. For desktops, you should consider
 installing the GTK+ or Qt user interface (apport-gtk or apport-kde).

apport-gtk: GTK+ frontend for the apport crash report system

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package provides a GTK+ frontend for browsing and handling the
 crash reports.

apport-kde: KDE frontend for the apport crash report system

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package provides a KDE frontend for browsing and handling the
 crash reports.

apport-retrace: tools for reprocessing Apport crash reports

 apport-retrace recombines an Apport crash report (either a file or a
 Launchpad bug) and debug symbol packages (.ddebs) into fully symbolic
 stack traces. This can optionally use a sandbox for installing debug symbol
 packages and doing the processing, so that entire process of retracing crashes
 can happen with normal user privileges without changing the system.

dh-apport: debhelper extension for the apport crash report system

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package provides a debhelper extension to make it easier for other
 packages to include apport hooks.

python-apport: apport crash report handling library

 This Python package provides high-level functions for creating and
 handling apport crash reports:
 .
  * Query available and new reports.
  * Add OS, packaging, and process runtime information to a report.
  * Various frontend utility functions.
  * Python hook to generate crash reports when Python scripts fail.

python-problem-report: Python library to handle problem reports

 This Python library provides an interface for creating, modifying,
 and accessing standardized problem reports for program and kernel
 crashes and packaging bugs.
 .
 These problem reports use standard Debian control format syntax
 (RFC822).