UbuntuUpdates.org

Package "dh-apport"

Name: dh-apport

Description:

debhelper extension for the apport crash report system
Latest version: 2.20.11-0ubuntu27.31
Release: focal (20.04)
Level: security
Repository: universe
Head package: apport
Homepage: https://wiki.ubuntu.com/Apport

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "dh-apport"

All arch deb package
APT INSTALL

Other versions of "dh-apport" in Focal

Repository Area Version
base universe 2.20.11-0ubuntu27
updates universe 2.20.11-0ubuntu27.31

Changelog

Version: 2.20.11-0ubuntu27.31 2025-08-04 15:07:05 UTC

  apport (2.20.11-0ubuntu27.31) focal-security; urgency=medium

  * SECURITY REGRESSION: Type error during error handling (LP: #2117236)
    - data/apport: Use correct format specifier during error handling when
      /proc/<pid> is not found.

 -- Octavio Galland <email address hidden> Tue, 29 Jul 2025 12:58:42 -0300
Source diff to previous version
2117236 /usr/share/apport/apport:TypeError:get_pid_info:/usr/share/apport/apport@613:get_pid_info:/usr/share/apport/apport@616

Version: 2.20.11-0ubuntu27.30 2025-07-14 23:09:10 UTC

  apport (2.20.11-0ubuntu27.30) focal-security; urgency=medium

  * SECURITY REGRESSION: exception during core dump handling (LP: #2112466)
    - data/apport: Catch FileNotFoundError when trying to open /proc/<pid>.

 -- Octavio Galland <email address hidden> Tue, 08 Jul 2025 13:15:40 -0300
Source diff to previous version
2112466 /usr/share/apport/apport:FileNotFoundError:/usr/share/apport/apport@600:get_pid_info on /proc/\u003cpid\u003e

Version: 2.20.11-0ubuntu27.29 2025-06-10 21:09:58 UTC

  apport (2.20.11-0ubuntu27.29) focal-security; urgency=medium

  * SECURITY REGRESSION: apport not generating core dumps inside containers
    (LP: #2112272)
    - data/apport: Check the exe mtime within the proc root mount.

 -- Octavio Galland <email address hidden> Wed, 04 Jun 2025 15:49:22 -0300
Source diff to previous version
2112272 Apport refuses to generate core dumps inside containers

Version: 2.20.11-0ubuntu27.28 2025-05-29 18:07:23 UTC

  apport (2.20.11-0ubuntu27.28) focal-security; urgency=medium

  * SECURITY UPDATE: Race condition when forwarding core files to containers
    - data/apport: Do not change report group to report owners primary group.
    - data/apport: Do not override options.pid.
    - data/apport: Open /proc/<pid> as early as possible.
    - data/fileutils.py: Respect proc_pid_fd in get_core_path.
    - test/test_fileutils.py: Respect proc_pid_fd in get_core_path.
    - data/apport: Use opened /proc/<pid> everywhere.
    - data/apport: Do consistency check before forwarding crashes.
    - data/apport: Require --dump-mode to be specified.
    - data/apport: Determine report owner by dump_mode.
    - test/test_signal_crashes.py: Determine report owner by dump_mode.
    - data/apport: Do not forward crash for dump_mode == 2.
    - data/apport: Support pidfd (%F) parameter from kernel.
    - etc/init.d/apport: Support pidfd (%F) parameter from kernel.
    - CVE-2025-5054

 -- Octavio Galland <email address hidden> Thu, 22 May 2025 17:30:20 -0300
Source diff to previous version

Version: 2.20.11-0ubuntu27.26 2023-04-13 23:07:24 UTC

  apport (2.20.11-0ubuntu27.26) focal-security; urgency=medium

  * SECURITY UPDATE: viewing an apport-cli crash with default pager could
    escalate privilege (LP: #2016023)
    - apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
      users environment before execution (using sudo)
    - test/test_ui.py, test/test_user/group.py: Add test cases for new code
    - CVE-2023-1326

 -- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 18:41:51 +0200
CVE-2023-1326 RESERVED


About   -   Send Feedback to @ubuntu_updates