Comment 10 for bug 1854237

This bug was fixed in the package apport - 2.20.9-0ubuntu7.12

---------------
apport (2.20.9-0ubuntu7.12) bionic-security; urgency=medium

  [ Michael Hudson-Doyle ]
  * SECURITY REGRESSION: fix autopkgtest failures since recent security
    update (LP: #1854237)
    - Fix regression in creating report for crashing setuid process by getting
      kernel to tell us the executable path rather than reading
      /proc/[pid]/exe.
    - Fix deletion of partially written core files.
    - Fix test_get_logind_session to use new API.
    - Restore add_proc_info raising ValueError for a dead process.
    - Delete test_lock_symlink, no longer applicable now that the lock is
      created in a directory only root can write to.

  [ Tiago Stürmer Daitx ]
  * SECURITY REGRESSION: 'module' object has no attribute 'O_PATH'
    (LP: #1851806)
    - apport/report.py, apport/ui.py: use file descriptors for /proc/pid
      directory access only when running under python 3; prevent reading /proc
      maps under python 2 as it does not provide a secure way to do so; use
      io.open for better compatibility between python 2 and 3.
  * data/apport: fix number of arguments passed through socks into a container.
  * test/test_apport_valgrind.py: skip test_sandbox_cache_options if system
    has little memory.
  * test/test_report.py: test login session with both pid and proc_pid_fd.

 -- Tiago Stürmer Daitx <email address hidden> Thu, 27 Feb 2020 03:18:45 +0000