[ubuntu/hirsute-security] apport 2.20.11-0ubuntu65.3 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Sep 14 11:49:25 UTC 2021


apport (2.20.11-0ubuntu65.3) hirsute-security; urgency=medium

  * SECURITY UPDATE: Arbitrary file read (LP: #1934308)
    - data/general-hooks/ubuntu.py: don't attempt to include emacs
      byte-compilation logs, they haven't been generated by the emacs
      packages in a long time.
    - CVE-2021-3709
  * SECURITY UPDATE: Info disclosure via path traversal (LP: #1933832)
    - apport/hookutils.py, test/test_hookutils.py: detect path traversal
      attacks, and directory symlinks.
    - CVE-2021-3710

Date: 2021-08-26 16:36:10.071381+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu65.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Hirsute-changes mailing list