[ubuntu/precise-security] apport 2.0.1-0ubuntu17.15 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Wed Dec 14 22:00:39 UTC 2016
apport (2.0.1-0ubuntu17.15) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: path traversal vulnerability with hooks execution
- Clean path in apport/report.py, added test to test/test_ui.py.
- No CVE number
- LP: #1648806
[ Steve Beattie ]
* SECURITY UPDATE: code execution via malicious crash files
- Only offer restarting the application when processing a
crash file in /var/crash in apport/ui.py, gtk/apport-gtk,
and kde/apport-kde. Add testcases to test/test_ui.py,
test/test_ui_gtk.py, and test_ui_kde.py.
- No CVE number
- LP: #1648806
Date: 2016-12-13 22:35:12.974607+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Maintainer: Martin Pitt <martin.pitt at ubuntu.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/apport/2.0.1-0ubuntu17.15
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list