Format: 1.8 Date: Wed, 13 May 2015 11:59:03 +0200 Source: apport Binary: apport python-problem-report python3-problem-report python-apport python3-apport apport-retrace apport-valgrind apport-gtk apport-kde dh-apport apport-noui Architecture: all i386_translations Version: 2.14.7-0ubuntu8.5 Distribution: utopic Urgency: medium Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Martin Pitt Description: apport - automatically generate crash reports for debugging apport-gtk - GTK+ frontend for the apport crash report system apport-kde - KDE frontend for the apport crash report system apport-noui - tools for automatically reporting Apport crash reports apport-retrace - tools for reprocessing Apport crash reports apport-valgrind - valgrind wrapper that first downloads debug symbols dh-apport - debhelper extension for the apport crash report system python-apport - Python library for Apport crash report handling python-problem-report - Python library to handle problem reports python3-apport - Python 3 library for Apport crash report handling python3-problem-report - Python 3 library to handle problem reports Launchpad-Bugs-Fixed: 1452239 1453900 Changes: apport (2.14.7-0ubuntu8.5) utopic-security; urgency=medium . * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a program that is suid root or not readable for the user would create root-owned core files in the current directory of that program. Creating specially crafted core files in /etc/logrotate.d or similar could then lead to arbitrary code execution with root privileges. Now core files do not get written for these kinds of programs, in accordance with the intention of core(5). Thanks to Sander Bos for discovering this issue! (CVE-2015-1324, LP: #1452239) * SECURITY UPDATE: When writing a core dump file for a crashed packaged program, don't close and reopen the .crash report file but just rewind and re-read it. This prevents the user from modifying the .crash report file while "apport" is running to inject data and creating crafted core dump files. In conjunction with the above vulnerability of writing core dump files to arbitrary directories this could be exploited to gain root privileges. Thanks to Philip Pettersson for discovering this issue! (CVE-2015-1325, LP: #1453900) * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(), test_nonwritable_cwd() uses a different dir. Checksums-Sha1: 2fd9a0b6d45e81a5762b5880d10ba032caa818a7 183880 apport_2.14.7-0ubuntu8.5_all.deb cff094ea693df8219ac8934a23825146704b484c 9166 python-problem-report_2.14.7-0ubuntu8.5_all.deb 107b140944b9878d3948ac13992ea250f9553397 9248 python3-problem-report_2.14.7-0ubuntu8.5_all.deb defc9f5ffff577042ee2eff58819e0c6ba9cd04c 75450 python-apport_2.14.7-0ubuntu8.5_all.deb f1c7a65f70353902d9913e8e553eec7638b2a4c6 75568 python3-apport_2.14.7-0ubuntu8.5_all.deb 57639332f0fb270c47151491bba18c25d80f700e 12262 apport-retrace_2.14.7-0ubuntu8.5_all.deb aab073fc2b9cf44faf6c68214f050a7d4c144069 5122 apport-valgrind_2.14.7-0ubuntu8.5_all.deb f7c9cf7f8028148c53b844e3eaefb1f35f688496 9574 apport-gtk_2.14.7-0ubuntu8.5_all.deb a2fffb51b1cd8422c21b4b599f0ad80be0568f92 18910 apport-kde_2.14.7-0ubuntu8.5_all.deb c282f395b3f32bf30fb2a2a8bdaac05be13a154a 6928 dh-apport_2.14.7-0ubuntu8.5_all.deb 3661f39b10f3c4ebc6628495eca5c9f5abb65665 2290 apport-noui_2.14.7-0ubuntu8.5_all.deb 26261fc7401718b0eb7c0c1952f968ffce022741 1181589 apport_2.14.7-0ubuntu8.5_i386_translations.tar.gz Checksums-Sha256: f92f55877e0fa96c2a7bba534df8d33dd0d8ced5b9ad8bc44a22e40badecd7ef 183880 apport_2.14.7-0ubuntu8.5_all.deb 657f9e94eb97727be73af94d9655d6911d7c3edfba6e8a23be02f6634dc888a8 9166 python-problem-report_2.14.7-0ubuntu8.5_all.deb 1476bb8167f61be66f7eb772a3d21d11a961e32c26cd6fb5d6b8dfc1b946c961 9248 python3-problem-report_2.14.7-0ubuntu8.5_all.deb f0f1353dfea4ad7f809bba9fcc700bd2ff58c6227c51826ae02093722f4a27d4 75450 python-apport_2.14.7-0ubuntu8.5_all.deb 4553cfd266303c65b6a0ed8a7660de9a888e1e4cb57e762157f33505260c1693 75568 python3-apport_2.14.7-0ubuntu8.5_all.deb 4fbd53e797e9cecbf564e0089c201daf0a3216f031f366e6c091c2d9478a41f9 12262 apport-retrace_2.14.7-0ubuntu8.5_all.deb e6600ec37f9b500961dc4e285235868caf9e4aa70e53ed4643b6cd444afcffef 5122 apport-valgrind_2.14.7-0ubuntu8.5_all.deb 9b995bb8aabc231e397cfdc96c5a03911af4b8b6f011c9e0c9bf2396bdd9311c 9574 apport-gtk_2.14.7-0ubuntu8.5_all.deb 07ac6c6b2d6cafe14031223142a46087cc017f6f672da184292b6058edb29597 18910 apport-kde_2.14.7-0ubuntu8.5_all.deb 5b1bef6ee085023a06c7ee19284dcbafb8d45be3d17b2319a527a954259c0202 6928 dh-apport_2.14.7-0ubuntu8.5_all.deb d24bf7bc99a5305070449c178f6b994a546e52fc3498bfe2e5584f5d0b77a2f6 2290 apport-noui_2.14.7-0ubuntu8.5_all.deb 497ab90fe0a9eca029289e4bc8df4bdfc4f371ed0abe0189989a0ec65dcd30fa 1181589 apport_2.14.7-0ubuntu8.5_i386_translations.tar.gz Files: 841ba262b5a27ca5132a7c98b8b30688 183880 utils optional apport_2.14.7-0ubuntu8.5_all.deb 973437986b13057c0442f014a30e3253 9166 python optional python-problem-report_2.14.7-0ubuntu8.5_all.deb 367e8de8bb072e4d383825fc7c8d46ff 9248 python optional python3-problem-report_2.14.7-0ubuntu8.5_all.deb 7846bb2056cf7f0bd802f14799341260 75450 python optional python-apport_2.14.7-0ubuntu8.5_all.deb fceecf6582fb41b40f8f846a0e9e0c52 75568 python optional python3-apport_2.14.7-0ubuntu8.5_all.deb fe34c6c88251b4cf50dadd9b0b06aaa4 12262 devel optional apport-retrace_2.14.7-0ubuntu8.5_all.deb 373673f50b39b27bdb9b563f65354c07 5122 devel optional apport-valgrind_2.14.7-0ubuntu8.5_all.deb 10df7ba47e22841ecca8815e973653d3 9574 gnome optional apport-gtk_2.14.7-0ubuntu8.5_all.deb ba9beca73e3d5bb165546789c5eea475 18910 kde optional apport-kde_2.14.7-0ubuntu8.5_all.deb 44a8c0bca32b3691daf28b496f0791fa 6928 devel optional dh-apport_2.14.7-0ubuntu8.5_all.deb 65f913e1837021f1a7a27162c62bd7e2 2290 utils optional apport-noui_2.14.7-0ubuntu8.5_all.deb fa8ab14e9f98f93132c201d29ec289e0 1181589 raw-translations - apport_2.14.7-0ubuntu8.5_i386_translations.tar.gz