[ubuntu/eoan-security] apport 2.20.11-0ubuntu8.6 (Accepted)

Alex Murray alex.murray at canonical.com
Wed Mar 18 01:42:18 UTC 2020 

apport (2.20.11-0ubuntu8.6) eoan-security; urgency=medium

  * SECURITY REGRESSION: 'module' object has no attribute 'O_PATH'
    (LP: #1851806)
    - apport/report.py, apport/ui.py: use file descriptors for /proc/pid
      directory access only when running under python 3; prevent reading /proc
      maps under python 2 as it does not provide a secure way to do so; use
      io.open for better compatibility between python 2 and 3.
  * data/apport: fix number of arguments passed through socks into a container.
  * test/test_report.py: test login session with both pid and proc_pid_fd.

apport (2.20.11-0ubuntu8.5) eoan; urgency=medium

  * data/whoopsie-upload-all: append to the crash report using fdopen and open
    from os to cope with protected_regular being set to 1. (LP: #1848064)

  [ Michael Hudson-Doyle ]
  * Fix autopkgtest failures since recent security update: (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

apport (2.20.11-0ubuntu8.4) eoan; urgency=medium

  * Create additional symlinks to the source_linux.py apport package hook for
    many OEM kernels. Thanks to You-Sheng Yang for the patch. (LP: #1847967)

apport (2.20.11-0ubuntu8.3) eoan; urgency=medium

  * Use an SRU-safe substring when checking for the available version of
    aspell-doc in xenial, since aspell *did* have an SRU. Backported
    from apport 2.20.11-0ubuntu9. (LP: #1851542)

Date: 2020-03-11 10:53:15.431526+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu8.6
-------------- next part --------------
Sorry, changesfile not available.

More information about the Eoan-changes mailing list