lp:~ubuntu-core-dev/ubuntu/utopic/apport/ubuntu
- Get this branch:
- bzr branch lp:~ubuntu-core-dev/ubuntu/utopic/apport/ubuntu
Branch merges
Related bugs
Related blueprints
Branch information
- Owner:
- Ubuntu Core Development Team
- Status:
- Development
Recent revisions
- 2374. By Martin Pitt
-
SECURITY UPDATE: When writing a core dump file for a crashed packaged
program, don't close and reopen the .crash report file but just rewind and
re-read it. This prevents the user from modifying the .crash report file
while "apport" is running to inject data and creating crafted core dump
files. In conjunction with the above vulnerability of writing core dump
files to arbitrary directories this could be exploited to gain root
privileges.
Thanks to Philip Pettersson for discovering this issue!
(CVE-2015-1325, LP: #1453900) - 2373. By Martin Pitt
-
SECURITY UPDATE: When /proc/sys/
fs/suid_ dumpable is enabled, crashing a
program that is suid root or not readable for the user would create
root-owned core files in the current directory of that program. Creating
specially crafted core files in /etc/logrotate.d or similar could then
lead to arbitrary code execution with root privileges. Now core files do
not get written for these kinds of programs, in accordance with the
intention of core(5).
Thanks to Sander Bos for discovering this issue!
(CVE-2015-1324, LP: #1452239) - 2372. By Martin Pitt
-
test_signal_
crashes( ): Drop hardcoded /tmp/ path in do_crash(),
test_nonwritable_cwd() uses a different dir. - 2370. By Martin Pitt
-
* SECURITY UPDATE: insecure /proc/net/unix parsing (LP: #1444518)
- data/apport: temporarily disable container support until it can be
re-written in a secure manner.
- CVE number pending - 2368. By Martin Pitt
-
* SECURITY UPDATE: privilege escalation through namespaces and crafted
chroot (LP: #1438345)
- data/apport: If crash comes from a container, rather than
chrooting into it, detect what LXC container it is and then use the
attach_wait API call to execute apport in the container.
- data/apport: Don't fail when encountering unicode characters.
(Thanks to Martin Pitt)
- test/test_signal_ crashes. py: Test for the unicode fix.
(Thanks to Martin Pitt)
- CVE-2015-1318 - 2366. By Brian Murray
-
apport/ui.py: Only provide a UI to hooks if the crash db will accept the
report. This avoids asking questions if the report is merely sent to
whoopsie for Ubuntu stable releases. (LP: #1084979)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)