Package "apport"

  apport (2.20.11-0ubuntu82.8) jammy-security; urgency=medium

  * SECURITY REGRESSION: apport not generating core dumps inside containers
    (LP: #2112272)
    - data/apport: Check the exe mtime within the proc root mount.

 -- Octavio Galland <email address hidden> Wed, 04 Jun 2025 15:56:45 -0300

  apport (2.20.11-0ubuntu82.7) jammy-security; urgency=medium

  * SECURITY UPDATE: Race condition when forwarding core files to containers
    - data/apport: Do not change report group to report owners primary group.
    - data/apport: Do not override options.pid.
    - data/apport: Open /proc/<pid> as early as possible.
    - data/fileutils.py: Respect proc_pid_fd in get_core_path.
    - test/test_fileutils.py: Respect proc_pid_fd in get_core_path.
    - data/apport: Use opened /proc/<pid> everywhere.
    - data/apport: Do consistency check before forwarding crashes.
    - data/apport: Require --dump-mode to be specified.
    - data/apport: Determine report owner by dump_mode.
    - test/test_signal_crashes.py: Determine report owner by dump_mode.
    - data/apport: Do not forward crash for dump_mode == 2.
    - data/apport: Support pidfd (%F) parameter from kernel.
    - etc/init.d/apport: Support pidfd (%F) parameter from kernel.
    - CVE-2025-5054

 -- Octavio Galland <email address hidden> Thu, 22 May 2025 17:41:12 -0300

  apport (2.20.11-0ubuntu82.6) jammy; urgency=medium

  [ Chris Peterson ]
  * d/package-hooks/subiquity.py: update information collection (LP: #2067775)
    - Collect the ubuntu-desktop-bootstrap details if available
    - Add information about snap update/refresh state
    - Attach logs and change key names to align with the information
      attached by subiquity's self-collection
    - Attach hardware information
    - Ensure bug reports are always private since there may be private
      information in the logs
    - Don't require sudo for logs collection
    - Add journal logs
    - Ensure snap revision is included in both deb and snap collection
      style
    - Handle version information when permission elevation fails.

  [ Benjamin Drung ]
  * Switch source format from 1.0 native to 3.0 (native)
    for betting handling in git

 -- Chris Peterson <email address hidden> Wed, 10 Jul 2024 16:48:53 +0200

  apport (2.20.11-0ubuntu82.5) jammy; urgency=medium

  * apport-gtk: Exclude trailing dot from URL links (LP: #1978301)
  * apport-bug: Add /snap/bin to PATH for Firefox snap on Lubuntu
    (LP: #1973470)
  * test:
    - Clear environment for test_run_as_real_user_no_sudo
    - Fix GTK UI tests if whoopsie.path is disabled
    - tests: Fix GTK UI race condition and reduce timeout again, saving
      five minutes test execution time (LP: #1780767)
    - tests: Fix race in tests for run_report_bug()

 -- Benjamin Drung <email address hidden> Fri, 14 Apr 2023 01:08:26 +0200

  apport (2.20.11-0ubuntu82.4) jammy-security; urgency=medium

  * SECURITY UPDATE: viewing an apport-cli crash with default pager could
    escalate privilege (LP: #2016023)
    - apport/fileutils.py: Add get_process_environ()
    - apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
      users environment before execution
    - test/test_fileutils.py, test/test_ui.py, test/test_user/group.py: Add
      test cases for new code
    - CVE-2023-1326

 -- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 19:00:36 +0200