USN-7545-3 apport regression

USN-7545-1 fixed vulnerabilities in Apport. The update introduced a regression that raised an error if a crashing process was killed while Apport was analyzing it. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that Apport incorrect...

USN-7545-2: Apport regression

USN-7545-1 fixed a vulnerability in Apport. The update introduced a regression that prevented core dumps from being generated inside containers. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that Apport incorrectly handled metadata...

USN-4171-3 apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user...

UBUNTU-CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...

USN-3480-2 apport regressions

USN-3480-1 fixed vulnerabilities in Apport. The fix for CVE-2017-14177 introduced a regression in the ability to handle crashes for users that configured their systems to use the Upstart init system in Ubuntu 16.04 LTS and Ubuntu 17.04. The fix for CVE-2017-14180 temporarily disabled crash...