[ubuntu/bionic-security] apport 2.20.9-0ubuntu7.29 (Accepted)
Mark Esler
mark.esler at canonical.com
Thu Apr 13 20:36:14 UTC 2023
apport (2.20.9-0ubuntu7.29) bionic-security; urgency=medium
* SECURITY UPDATE: viewing an apport-cli crash with default pager could
escalate privilege (LP: #2016023)
- apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
users environment before execution (using sudo)
- test/test_ui.py, test/test_user/group.py: Add test cases for new code
- CVE-2023-1326
* backends/packaging-apt-dpkg.py: when downloading packages from Launchpad
do not require them to be authenticated. (LP: #1989467)
Date: 2023-04-13 17:50:16.962223+00:00
Changed-By: Benjamin Drung <bdrung at posteo.de>
Maintainer: Martin Pitt <martin at piware.de>
Signed-By: Mark Esler <mark.esler at canonical.com>
https://launchpad.net/ubuntu/+source/apport/2.20.9-0ubuntu7.29
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list