11 matches found
Ubuntu: Security Advisory (USN-4171-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4171-6: Apport regression
USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Apport regression (USN-4171-6)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4171-6 advisory. USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the proble...
USN-4171-5: Apport regression
USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root...
Ubuntu: Security Advisory (USN-4171-5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-11481 Apport reads arbitrary files if ~/.config/apport/settings is a symlink
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences...
CVE-2019-11481
CVE-2019-11481 affects Ubuntu Apport: a local attacker could cause Apport to read a configuration file with root privileges by replacing the file with a symbolic link, allowing read access to arbitrary files as root. Root cause is the handling of user-supplied settings during crash-dump/report ge...
Ubuntu 16.04 LTS / 18.04 LTS : Apport regression (USN-4171-3)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4171-3 advisory. USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem. We apologize f...
USN-4171-3: Apport regression
USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user...
Ubuntu: Security Advisory (USN-4171-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : Apport vulnerabilities (USN-4171-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4171-1 advisory. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to...