[ubuntu/impish-proposed] apport 2.20.11-0ubuntu69 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Sep 16 19:37:11 UTC 2021 

apport (2.20.11-0ubuntu69) impish; urgency=medium

  * SECURITY UPDATE: Arbitrary file read (LP: #1934308)
    - data/general-hooks/ubuntu.py: don't attempt to include emacs
      byte-compilation logs, they haven't been generated by the emacs
      packages in a long time.
    - CVE-2021-3709
  * SECURITY UPDATE: Info disclosure via path traversal (LP: #1933832)
    - apport/hookutils.py, test/test_hookutils.py: detect path traversal
      attacks, and directory symlinks.
    - CVE-2021-3710

Date: Thu, 26 Aug 2021 10:55:40 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Brian Murray <brian at ubuntu.com>
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu69
-------------- next part --------------
Format: 1.8
Date: Thu, 26 Aug 2021 10:55:40 -0400
Source: apport
Built-For-Profiles: noudeb
Architecture: source
Version: 2.20.11-0ubuntu69
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Launchpad-Bugs-Fixed: 1933832 1934308
Changes:
 apport (2.20.11-0ubuntu69) impish; urgency=medium
 .
   * SECURITY UPDATE: Arbitrary file read (LP: #1934308)
     - data/general-hooks/ubuntu.py: don't attempt to include emacs
       byte-compilation logs, they haven't been generated by the emacs
       packages in a long time.
     - CVE-2021-3709
   * SECURITY UPDATE: Info disclosure via path traversal (LP: #1933832)
     - apport/hookutils.py, test/test_hookutils.py: detect path traversal
       attacks, and directory symlinks.
     - CVE-2021-3710
Checksums-Sha1:
 cdb725e8ed0206c6de8a885c42b3fcd16f2c9bbf 2621 apport_2.20.11-0ubuntu69.dsc
 5bfc1af193e4b2bf35332f58841af17f30bfcb13 1403932 apport_2.20.11-0ubuntu69.tar.gz
 04fc14cb69b0def06db70bfa3f1549ab97af143d 9679 apport_2.20.11-0ubuntu69_source.buildinfo
Checksums-Sha256:
 da032284e317019370e6e0c3a855588f26826151859de829652140d8a8403910 2621 apport_2.20.11-0ubuntu69.dsc
 c4fe2050ded1c7cc7f2e125c43f0fa1e9d59a812e3dd7c55193e9a8a22d12487 1403932 apport_2.20.11-0ubuntu69.tar.gz
 5e6ba2cc13a74baf10f6077a2464354327f1b0c675fedc085c187e835f881ba4 9679 apport_2.20.11-0ubuntu69_source.buildinfo
Files:
 e39aa2c7ddba0ddb5e7d00749d5762b1 2621 utils optional apport_2.20.11-0ubuntu69.dsc
 ea83c52e18519d1fbd71b64e76cb3bed 1403932 utils optional apport_2.20.11-0ubuntu69.tar.gz
 653fa0e1135b71098b416863db0126a9 9679 utils optional apport_2.20.11-0ubuntu69_source.buildinfo

More information about the impish-changes mailing list