lp:~brian-murray/apport/fix-pkg-cache-traceback
- Get this branch:
- bzr branch lp:~brian-murray/apport/fix-pkg-cache-traceback
Branch merges
- Martin Pitt (community): Approve
-
Diff: 11 lines (+0/-1)1 file modifiedbackends/packaging-apt-dpkg.py (+0/-1)
Branch information
Recent revisions
- 3015. By Brian Murray
-
Resolve Traceback with -dbgsym packages not existing in the cache, but existing in Launchpad.
- 3014. By Martin Pitt
-
* apt/dpkg: Fall back to direct Launchpad ddeb download if we can't find it in the apt cache. Thanks Brian Murray! (LP: #1500557)
- 3013. By Martin Pitt
-
* Consistently intercept "report file already exists" errors in all writers of report files (package_hook, kernel_crashdump, and similar) to avoid unhandled exceptions on those. (LP: #1500450)
- 3012. By Launchpad Translations on behalf of apport-hackers
-
Launchpad automatic translations update.
- 3009. By Martin Pitt
-
* apport: Ignore process restarts from systemd's watchdog. Their traces are usually useless as they don't have any information about the actual reasaon why processes hang (like VM suspends or kernel lockups with bad hardware) (LP: #1433320)
- 3008. By Martin Pitt
-
SECURITY FIX: Fix all writers of report files to open the report file exclusively
Fix package_hook, kernel_crashdump, and similar hooks to fail if the report
already exists. This prevents privilege escalation through symlink attacks.
Note that this will also prevent overwriting previous reports with the same
same.Thanks to halfdog for discovering this!
CVE-2015-1338
LP: #1492570 - 3007. By Martin Pitt
-
kernel_crashdump: Enforce that the log/dmesg files are not a symlink
This prevents normal users from pre-creating a symlink to the predictable
.crash file, and thus triggering a "fill up disk" DoS attack when the .crash
report tries to include itself.Also clean up the code to make this easier to read: Drop the "vmcore_root"
alias, move the vmcore and vmcore.log cleanup into the "no kdump" section,
and replace the buggy os.walk() loop with a glob to only catch direct
timestamp subdirectories of /var/crash/.Thanks to halfdog for discovering this!
CVE-2015-1338
Part of LP #1492570 - 3006. By Launchpad Translations on behalf of apport-hackers
-
Launchpad automatic translations update.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:~apport-hackers/apport/trunk