UbuntuUpdates.org

Package "python-apport"

Name: python-apport

Description:

Python library for Apport crash report handling

Latest version: 2.20.1-0ubuntu2.30
Release: xenial (16.04)
Level: updates
Repository: main
Head package: apport
Homepage: https://wiki.ubuntu.com/Apport

Links


Download "python-apport"


Other versions of "python-apport" in Xenial

Repository Area Version
base main 2.20.1-0ubuntu2
security main 2.20.1-0ubuntu2.30

Changelog

Version: 2.20.1-0ubuntu2.30 2021-02-02 20:07:50 UTC

  apport (2.20.1-0ubuntu2.30) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple security issues (LP: #1912326)
    - CVE-2021-25682: error parsing /proc/pid/status
    - CVE-2021-25683: error parsing /proc/pid/stat
    - CVE-2021-25684: stuck reading fifo
    - data/apport: make sure existing report is a regular file.
    - apport/fileutils.py: move some logic here to skip over manipulated
      process names and filenames.
    - test/test_fileutils.py: added some parsing tests.

 -- Marc Deslauriers <email address hidden> Tue, 26 Jan 2021 07:21:46 -0500

Source diff to previous version
CVE-2021-25682 RESERVED
CVE-2021-25683 RESERVED
CVE-2021-25684 RESERVED

Version: 2.20.1-0ubuntu2.28 2020-12-14 21:07:09 UTC

  apport (2.20.1-0ubuntu2.28) xenial; urgency=medium

  * data/apport: only drop supplemental groups if the user is root. (LP: #1906565)

 -- Brian Murray <email address hidden> Thu, 03 Dec 2020 10:33:00 -0800

Source diff to previous version
1906565 traceback when running apport as non-root user

Version: 2.20.1-0ubuntu2.27 2020-11-12 16:07:35 UTC

  apport (2.20.1-0ubuntu2.27) xenial-security; urgency=medium

  * Various security hardening fixes (LP: #1903332)
    - apport/fileutils.py: drop privileges in the correct order, limit
      settings file size.
    - apport/apport/report.py: properly drop privileges, limit ignore file
      size.
    - data/apport: drop supplemental groups.

 -- Marc Deslauriers <email address hidden> Tue, 10 Nov 2020 15:03:57 -0500

Source diff to previous version
1903332 Apport get_config incorrectly drops privileges

Version: 2.20.1-0ubuntu2.26 2020-11-05 12:06:16 UTC

  apport (2.20.1-0ubuntu2.26) xenial; urgency=medium

  * data/apport: In the event that the crashing executable does not exist on
    disk any more the path name of the executable (passed by core) is appended
    with '(deleted)' because apport is currently using sys.argv for argument
    parsing there end up being too many arguments and apport crashes. This is
    fixed by adding handling for six arguments. (LP: #1899195)

 -- Brian Murray <email address hidden> Mon, 19 Oct 2020 09:22:56 -0700

Source diff to previous version
1899195 /usr/share/apport/apport:AttributeError:/usr/share/apport/apport@451:parse_arguments:print_usage:_print_message

Version: 2.20.1-0ubuntu2.25 2020-10-07 00:06:18 UTC

  apport (2.20.1-0ubuntu2.25) xenial; urgency=medium

  * data/apport: Introduce support for non-positional arguments so we can
    easily extend core_pattern in the future (LP: #1732962)

 -- Matthieu Clemenceau <email address hidden> Fri, 21 Aug 2020 10:24:13 -0500

1732962 apport uses sys.argv instead of named arguments



About   -   Send Feedback to @ubuntu_updates