[ubuntu/trusty-security] apport 2.14.1-0ubuntu3.25 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Tue Jul 18 18:06:02 UTC 2017

apport (2.14.1-0ubuntu3.25) trusty-security; urgency=medium

  * SECURITY UPDATE: code execution through path traversal in
    .crash files (LP: #1700573)
    - apport/report.py, test/test_ui.py: fix traversal issue
      and add a test for that.
    - debian/apport.install, setup.py, xdg-mime/apport.xml: removes
      apport as a file handler for .crash files. Thanks to Brian
      Murray for the patch and Felix Wilhelm for discovering this.
    - CVE-2017-10708

apport (2.14.1-0ubuntu3.24) trusty; urgency=medium

  * data/general/ubuntu.py: Collect a minimal version of /proc/cpuinfo in
    every report. (LP: #1673557)
  * data/general/ubuntu-gnome.py: The GNOME3 PPAs are no longer supported for
    14.04 or 16.04 so set an UnreportableReason in those reports.
    (LP: #1689093)

Date: 2017-07-17 22:24:13.087723+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Martin Pitt <martin.pitt at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list