Package "apport"

  apport (2.20.11-0ubuntu27.29) focal-security; urgency=medium

  * SECURITY REGRESSION: apport not generating core dumps inside containers
    (LP: #2112272)
    - data/apport: Check the exe mtime within the proc root mount.

 -- Octavio Galland <email address hidden> Wed, 04 Jun 2025 15:49:22 -0300

  apport (2.20.11-0ubuntu27.28) focal-security; urgency=medium

  * SECURITY UPDATE: Race condition when forwarding core files to containers
    - data/apport: Do not change report group to report owners primary group.
    - data/apport: Do not override options.pid.
    - data/apport: Open /proc/<pid> as early as possible.
    - data/fileutils.py: Respect proc_pid_fd in get_core_path.
    - test/test_fileutils.py: Respect proc_pid_fd in get_core_path.
    - data/apport: Use opened /proc/<pid> everywhere.
    - data/apport: Do consistency check before forwarding crashes.
    - data/apport: Require --dump-mode to be specified.
    - data/apport: Determine report owner by dump_mode.
    - test/test_signal_crashes.py: Determine report owner by dump_mode.
    - data/apport: Do not forward crash for dump_mode == 2.
    - data/apport: Support pidfd (%F) parameter from kernel.
    - etc/init.d/apport: Support pidfd (%F) parameter from kernel.
    - CVE-2025-5054

 -- Octavio Galland <email address hidden> Thu, 22 May 2025 17:30:20 -0300

  apport (2.20.11-0ubuntu27.26) focal-security; urgency=medium

  * SECURITY UPDATE: viewing an apport-cli crash with default pager could
    escalate privilege (LP: #2016023)
    - apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
      users environment before execution (using sudo)
    - test/test_ui.py, test/test_user/group.py: Add test cases for new code
    - CVE-2023-1326

 -- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 18:41:51 +0200

  apport (2.20.11-0ubuntu27.24) focal-security; urgency=medium

  * SECURITY UPDATE: Fix multiple security issues
    - test/test_report.py: Fix flaky test.
    - data/apport: Fix too many arguments for error_log().
    - data/apport: Use proper argument variable name executable_path.
    - etc/init.d/apport: Set core_pipe_limit to a non-zero value to make
      sure the kernel waits for apport to finish before removing the /proc
      information.
    - apport/fileutils.py, data/apport: Search for executable name if one
      wan't provided such as when being called in a container.
    - data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654,
      CVE-2022-28656)
    - data/apport, apport/fileutils.py, test/test_fileutils.py: Validate
      D-Bus socket location. (CVE-2022-28655)
    - apport/fileutils.py, test/test_fileutils.py: Turn off interpolation
      in get_config() to prevent DoS attacks. (CVE-2022-28652)
    - Refactor duplicate code into search_map() function.
    - Switch from chroot to container to validating socket owner.
      (CVE-2022-1242, CVE-2022-28657)
    - data/apport: Clarify error message.
    - apport/fileutils.py: Fix typo in comment.
    - apport/fileutils.py: Do not call str in loop.
    - data/apport, etc/init.d/apport: Switch to using non-positional
      arguments. Get real UID and GID from the kernel and make sure they
      match the process. Also fix executable name space handling in
      argument parsing. (CVE-2022-28658, CVE-2021-3899)

 -- Marc Deslauriers <email address hidden> Tue, 10 May 2022 09:23:35 -0400

  apport (2.20.11-0ubuntu27.21) focal-security; urgency=medium

  * SECURITY UPDATE: Privilege escalation via core files
    - refactor privilege dropping and create core files in a well-known
      directory in apport/fileutils.py, apport/report.py, data/apport,
      test/test_fileutils.py, test/test_report.py,
      test/test_signal_crashes.py, test/test_ui.py.
    - use systemd-tmpfiles to create and manage the well-known core file
      directory in setup.py, data/systemd/apport.conf,
      debian/apport.install.

 -- Marc Deslauriers <email address hidden> Mon, 18 Oct 2021 07:48:31 -0400