lp:~alexmurray/apport/apport
- Get this branch:
- bzr branch lp:~alexmurray/apport/apport
Branch merges
- Apport upstream developers: Pending requested
-
Diff: 32 lines (+13/-3)1 file modifiedapport/report.py (+13/-3)
Related bugs
Bug #1830858: TOCTOU vulnerability in _get_ignore_dom (report.py) | Critical | Fix Released |
Related blueprints
Branch information
Recent revisions
- 3254. By Alex Murray
-
apport/report.py: TOCTOU issue allows local user to read arbitrary files (LP: #1830858)
Avoid TOCTOU issue on users ignore file by dropping privileges and then
opening the file both test for access and open the file in a single
operation, instead of using access() before reading the file which could be
abused by a symlink to cause Apport to read and embed an arbitrary file in
the resulting crash dump.CVE-2019-7307
- 3253. By Launchpad Translations on behalf of apport-hackers
-
Launchpad automatic translations update.
- 3252. By Launchpad Translations on behalf of apport-hackers
-
Launchpad automatic translations update.
- 3251. By Brian Murray
-
backends/
packaging- apt-dpkg. py: add in /usr/games and /usr/libexec as paths for executables in the contents mapping. - 3250. By Brian Murray
-
backends/
packaging- apt-dpkg. py: writing the contents mapping pickle file can Traceback on systems with little memory so don't write it. - 3248. By Brian Murray
-
test/test_
backend_ apt_dpkg. py: as of r3211 an error is not raised if the binary is not found - 3247. By Brian Murray
-
bin/apport-unpack, problem_report.py: define unicode as a variable to quiet pyflakes
- 3246. By Brian Murray
-
problem_report.py, bin/apport-unpack: restore some python2 code because the Error Tracker retracers need it.
- 3245. By Launchpad Translations on behalf of apport-hackers
-
Launchpad automatic translations update.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:~apport-hackers/apport/trunk