[ubuntu/trusty-proposed] apport 2.12.6-0ubuntu1 (Accepted)

Martin Pitt martin.pitt at ubuntu.com
Fri Oct 25 04:50:15 UTC 2013 

apport (2.12.6-0ubuntu1) trusty; urgency=low

  * New upstream security/bug fix release:
    - SECURITY FIX: For setuid programs which drop their privileges after
      startup, make the report and core dumps owned by root, to avoid possible
      data disclosure. Also, change core dump files to permissions "0600".
      Thanks to Martin Carpenter for discovering this!
      (CVE-2013-1067, LP: #1242435)
    - sandboxutils.needed_runtime_packages(): Create cache directory for
      Contents.gz if missing. (LP: #933199)
    - apt/dpkg: Recognize options in apt sources.list. (LP: #1238620)
  * Move Vcs-Bzr to trusty branch.

Date: Fri, 25 Oct 2013 06:49:19 +0200
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/apport/2.12.6-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 25 Oct 2013 06:49:19 +0200
Source: apport
Binary: apport python-problem-report python3-problem-report python-apport python3-apport apport-retrace apport-valgrind apport-gtk apport-kde dh-apport apport-noui
Architecture: source
Version: 2.12.6-0ubuntu1
Distribution: trusty
Urgency: low
Maintainer: Martin Pitt <martin.pitt at ubuntu.com>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 apport     - automatically generate crash reports for debugging
 apport-gtk - GTK+ frontend for the apport crash report system
 apport-kde - KDE frontend for the apport crash report system
 apport-noui - tools for automatically reporting Apport crash reports
 apport-retrace - tools for reprocessing Apport crash reports
 apport-valgrind - valgrind wrapper that first downloads debug symbols
 dh-apport  - debhelper extension for the apport crash report system
 python-apport - Python library for Apport crash report handling
 python-problem-report - Python library to handle problem reports
 python3-apport - Python 3 library for Apport crash report handling
 python3-problem-report - Python 3 library to handle problem reports
Launchpad-Bugs-Fixed: 933199 1238620 1242435
Changes: 
 apport (2.12.6-0ubuntu1) trusty; urgency=low
 .
   * New upstream security/bug fix release:
     - SECURITY FIX: For setuid programs which drop their privileges after
       startup, make the report and core dumps owned by root, to avoid possible
       data disclosure. Also, change core dump files to permissions "0600".
       Thanks to Martin Carpenter for discovering this!
       (CVE-2013-1067, LP: #1242435)
     - sandboxutils.needed_runtime_packages(): Create cache directory for
       Contents.gz if missing. (LP: #933199)
     - apt/dpkg: Recognize options in apt sources.list. (LP: #1238620)
   * Move Vcs-Bzr to trusty branch.
Checksums-Sha1: 
 63cf16d4746b979504ebba6efad38d5e7d646e39 2810 apport_2.12.6-0ubuntu1.dsc
 ced41da46d2392f7b4a7927f4c4b6b60a3503c87 920345 apport_2.12.6.orig.tar.gz
 c45db25cfb9c6b638c128b4569ae632269a23bc8 132653 apport_2.12.6-0ubuntu1.diff.gz
Checksums-Sha256: 
 6a143cf72cdc39dc095fbce473102bd26b141621ff21a884922b5d276a5f25e9 2810 apport_2.12.6-0ubuntu1.dsc
 24aac57779f16ce3cb0761328b9c63a08a9847fe39ea7a50cfa821ed14af18ee 920345 apport_2.12.6.orig.tar.gz
 80a5f479c9d34d9714e19c759121efcf857002b32ff29d5b250ca98cf16c4ac8 132653 apport_2.12.6-0ubuntu1.diff.gz
Files: 
 c6720ace71e367a6287d546c726ce3ef 2810 utils optional apport_2.12.6-0ubuntu1.dsc
 ef24f2eb78c6c17dcde6c3c1fe8adbfa 920345 utils optional apport_2.12.6.orig.tar.gz
 0429745bb86f86763a8b049c355cc776 132653 utils optional apport_2.12.6-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCAAGBQJSafhcAAoJENFO8V2v4RNHHGkP/0mnAod9nPE1zRPuu2uLftSd
jOW56PTo7mAhk9/3y2pyIPporjE32jNYbDwfGhtY/CiUljgkXWRWpLoPaBS/OWCx
Ch3IBFYey0T6dcz0JaEEQSMHgcmTxBTvPmgT2CqLsV9vh+X0yuVJdo0CYBEPEUWD
a8oVs4JjdNwRAIcvBYE6KEuhM/ca3SQIWnbgUuSmKx03faHS7yoVzr6dHPzi296j
7JMRbdQRq7eQpnpFo4XF6sYipBfHMFVdq/6BB2N3frYB+FK/FfFuZlpVyhqf3nJI
dAZivy9mWeVcBaE/EuKlq3XWXDOf1VHbU3siy3qIYFqGoixXVuYAsbrutEpo7eyy
WsIj7S1t3c4nKrqlPXqSmuZKslIQW69WtUygYSsGnjOOPVbUIsUswBmTHYgAYH0M
mLIsqQ4vL+582WOWpqudmBIO6/LzHmLcGl3sUNjTDIgQ8Frx7bcRya//j/AygbYf
3gYQLJPBjMEc32nV84S5FQtdCSV+bgNA/Y/YW3SfTLn4qlenqThryczq0AZm1N7b
vehWjxGhZbgXjuljY/sJtjRvFBg2hQKz/2h7qw9Y5F3TOCoyL7aoJE6DrvFySChv
Mkf4eyBfK2+YRsvoafhRQ2fb2z4BJ7vPtjM1zjDJlQDI4MuTJ4O/rTMxL0bd7dTF
do//2GInEazzDtAvvn+2
=RSlo
-----END PGP SIGNATURE-----

More information about the Trusty-changes mailing list