[ubuntu/jammy-security] apport 2.20.11-0ubuntu82.4 (Accepted)

Mark Esler mark.esler at canonical.com
Thu Apr 13 20:36:08 UTC 2023 

apport (2.20.11-0ubuntu82.4) jammy-security; urgency=medium

  * SECURITY UPDATE: viewing an apport-cli crash with default pager could
    escalate privilege (LP: #2016023)
    - apport/fileutils.py: Add get_process_environ()
    - apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
      users environment before execution
    - test/test_fileutils.py, test/test_ui.py, test/test_user/group.py: Add
      test cases for new code
    - CVE-2023-1326

apport (2.20.11-0ubuntu82.3) jammy; urgency=medium

  * Replace deprecated 'imp' module (LP: #1947425)
  * Fix KeyError: 'CasperMD5json' (LP: #1964828)
  * apport-kde: Fix inverse order of choices (LP: #1967965)
  * apport-unpack: Fix ValueError: ['separator'] has no binary content
    (LP: #1889443)
  * test:
    - Mock add_gdb_info calls in KDE UI tests
    - Fix KDE UI tests if whoopsie.path is disabled
    - Fix race with progress dialog in KDE UI tests
    - Run UI KDE tests again
    - Determine source package dynamically in test_run_crash_kernel
      (LP: #1992172)

apport (2.20.11-0ubuntu82.2) jammy; urgency=medium

  * Point Vcs-* URIs to git
  * Grab a slice of JournalErrors around the crash time (LP: #1962454)
  * data/apport:
    - Initialize error log as first step (LP: #1989467)
    - Fix PermissionError for setuid programs inside container (LP: #1982487)
    - Fix reading from stdin inside containers (LP: #1982555)
  * Fix autopkgtest test case failures (LP: #1989467):
    - Mark autopkgtest with isolation-container restriction
    - Fix failure if kernel module isofs is not installed
    - Do not check recommended dependencies
    - Skip UI test if kernel thread is not found
    - Fix race in test_crash_system_slice
    - Fix check for not running test executable
    - Use shadow in *_different_binary_source
    - Mock kernel package version in UI test
    - Fix test_kerneloops_nodetails if kernel is not installed
    - Drop broken test_crash_setuid_drop_and_kill
    - Expect linux-signed on arm64/s390x as well
    - Skip SegvAnalysis for non x86 architectures
    - Use unlimited core ulimit for SIGQUIT test
    - Fix race with progress window in GTK UI tests
    - Use sleep instead of yes for tests
    - Fix test_add_gdb_info_script on armhf
    - Fix wrong Ubuntu archive URI on ports
    - Fix KeyError in test_install_packages_unversioned
    - Depend on python3-systemd for container tests
    - Depend on psmisc for killall binary
    - Replace missing oxideqt-codecs
    - Drop broken test_install_packages_from_launchpad
    - Fix test_install_packages_permanent_sandbox* for s390x

Date: 2023-04-13 17:50:13.851036+00:00
Changed-By: Benjamin Drung <bdrung at posteo.de>
Signed-By: Mark Esler <mark.esler at canonical.com>
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.4
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list