UbuntuUpdates.org

Package "python3-apport"

Name: python3-apport

Description:

Python 3 library for Apport crash report handling

Latest version: 2.20.11-0ubuntu27.27
Release: focal (20.04)
Level: updates
Repository: main
Head package: apport
Homepage: https://wiki.ubuntu.com/Apport

Links


Download "python3-apport"


Other versions of "python3-apport" in Focal

Repository Area Version
base main 2.20.11-0ubuntu27
security main 2.20.11-0ubuntu27.26

Changelog

Version: 2.20.11-0ubuntu27.27 2023-05-31 09:25:24 UTC

  apport (2.20.11-0ubuntu27.27) focal; urgency=medium

  * whoopsie-upload-all: Catch zlib.error when decoding CoreDump from
    crash file (LP: #1947800)
  * Fix KeyError: 'CasperMD5json' (LP: #1964828)
  * apport-kde: Fix inverse order of choices (LP: #1967965)
  * apport-unpack: Fix ValueError: ['separator'] has no binary content
    (LP: #1889443)
  * test:
    - Clear environment for test_run_as_real_user_no_sudo
    - Mock add_gdb_info calls in KDE UI tests
    - Fix KDE UI tests if whoopsie.path is disabled
    - Fix race with progress dialog in KDE UI tests
    - Run UI KDE tests again
    - Determine source package dynamically in test_run_crash_kernel
      (LP: #1992172)

 -- Benjamin Drung <email address hidden> Fri, 14 Apr 2023 01:17:21 +0200

Source diff to previous version
1947800 /usr/share/apport/whoopsie-upload-all:zlib.error:/usr/share/apport/whoopsie-upload-all@196:collect_info:process_report:add_gdb_info:gdb_command:write
1964828 /usr/share/apport/general-hooks/ubuntu.py crashed: KeyError: 'CasperMD5json'
1967965 apport-kde: \
1889443 \
1992172 test_run_crash_kernel fails on ppc64el

Version: 2.20.11-0ubuntu27.26 2023-04-19 19:07:09 UTC

  apport (2.20.11-0ubuntu27.26) focal-security; urgency=medium

  * SECURITY UPDATE: viewing an apport-cli crash with default pager could
    escalate privilege (LP: #2016023)
    - apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
      users environment before execution (using sudo)
    - test/test_ui.py, test/test_user/group.py: Add test cases for new code
    - CVE-2023-1326

 -- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 18:41:51 +0200

Source diff to previous version
2016023 viewing an apport-cli crash with default pager could escalate privilege (CVE-2023-1326)
CVE-2023-1326 RESERVED

Version: 2.20.11-0ubuntu27.25 2022-11-23 04:07:18 UTC

  apport (2.20.11-0ubuntu27.25) focal; urgency=medium

  * Point Vcs-* URIs to git
  * whoopsie-upload-all: Catch FileNotFoundError during process_report
    (LP: #1867204)
  * Grab a slice of JournalErrors around the crash time (LP: #1962454)
  * data/apport:
    - Initialize error log as first step (LP: #1989467)
    - Fix PermissionError for setuid programs inside container (LP: #1982487)
    - Fix reading from stdin inside containers (LP: #1982555)
  * Fix autopkgtest test case failures (LP: #1989467):
    - Mark autopkgtest with isolation-container restriction
    - Fix failure if kernel module isofs is not installed
    - Do not check recommended dependencies
    - Skip UI test if kernel thread is not found
    - Fix race in test_crash_system_slice
    - Fix check for not running test executable
    - Use shadow in *_different_binary_source
    - Mock kernel package version in UI test
    - Fix test_kerneloops_nodetails if kernel is not installed
    - Drop broken test_crash_setuid_drop_and_kill
    - Expect linux-signed on arm64/s390x as well
    - Skip SegvAnalysis for non x86 architectures
    - Use unlimited core ulimit for SIGQUIT test
    - Fix race with progress window in GTK UI tests
    - Use sleep instead of yes for tests
    - Fix test_add_gdb_info_script on armhf
    - Fix wrong Ubuntu archive URI on ports
    - Fix KeyError in test_install_packages_unversioned
    - Depend on python3-systemd for container tests
    - Depend on psmisc for killall binary
    - Replace missing oxideqt-codecs
    - Drop broken test_install_packages_from_launchpad
    - Fix test_install_packages_permanent_sandbox* for s390x

 -- Benjamin Drung <email address hidden> Thu, 15 Sep 2022 14:43:39 +0200

Source diff to previous version
1867204 /usr/share/apport/whoopsie-upload-all:FileNotFoundError:/usr/share/apport/whoopsie-upload-all@170:collect_info:process_report
1962454 Oops pages show wrong time window in JournalErrors
1989467 Several autopkgtest failures on Ubuntu 22.04 and older
1982487 apport fails with PermissionError for dump mode 2 in containers
1982555 core dump file empty inside container

Version: 2.20.11-0ubuntu27.24 2022-05-17 19:06:28 UTC

  apport (2.20.11-0ubuntu27.24) focal-security; urgency=medium

  * SECURITY UPDATE: Fix multiple security issues
    - test/test_report.py: Fix flaky test.
    - data/apport: Fix too many arguments for error_log().
    - data/apport: Use proper argument variable name executable_path.
    - etc/init.d/apport: Set core_pipe_limit to a non-zero value to make
      sure the kernel waits for apport to finish before removing the /proc
      information.
    - apport/fileutils.py, data/apport: Search for executable name if one
      wan't provided such as when being called in a container.
    - data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654,
      CVE-2022-28656)
    - data/apport, apport/fileutils.py, test/test_fileutils.py: Validate
      D-Bus socket location. (CVE-2022-28655)
    - apport/fileutils.py, test/test_fileutils.py: Turn off interpolation
      in get_config() to prevent DoS attacks. (CVE-2022-28652)
    - Refactor duplicate code into search_map() function.
    - Switch from chroot to container to validating socket owner.
      (CVE-2022-1242, CVE-2022-28657)
    - data/apport: Clarify error message.
    - apport/fileutils.py: Fix typo in comment.
    - apport/fileutils.py: Do not call str in loop.
    - data/apport, etc/init.d/apport: Switch to using non-positional
      arguments. Get real UID and GID from the kernel and make sure they
      match the process. Also fix executable name space handling in
      argument parsing. (CVE-2022-28658, CVE-2021-3899)

 -- Marc Deslauriers <email address hidden> Tue, 10 May 2022 09:23:35 -0400

Source diff to previous version
CVE-2022-28654 RESERVED
CVE-2022-28656 RESERVED
CVE-2022-28655 RESERVED
CVE-2022-28652 RESERVED
CVE-2022-1242 RESERVED
CVE-2022-28657 RESERVED
CVE-2022-28658 RESERVED
CVE-2021-3899 RESERVED

Version: 2.20.11-0ubuntu27.23 2022-04-12 21:06:22 UTC

  apport (2.20.11-0ubuntu27.23) focal; urgency=medium

  * Fix expanded symlinks from the previous build




About   -   Send Feedback to @ubuntu_updates