[ubuntu/precise-security] apport 2.0.1-0ubuntu17.15 (Accepted)

Steve Beattie Wed, 14 Dec 2016 14:02:24 -0800

apport (2.0.1-0ubuntu17.15) precise-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: path traversal vulnerability with hooks execution
    - Clean path in apport/report.py, added test to test/test_ui.py.
    - No CVE number
    - LP: #1648806


  [ Steve Beattie ]
  * SECURITY UPDATE: code execution via malicious crash files
    - Only offer restarting the application when processing a
      crash file in /var/crash in apport/ui.py, gtk/apport-gtk,
      and kde/apport-kde. Add testcases to test/test_ui.py,
      test/test_ui_gtk.py, and test_ui_kde.py.
    - No CVE number
    - LP: #1648806

Date: 2016-12-13 22:35:12.974607+00:00
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Martin Pitt <[email protected]>
Signed-By: Steve Beattie <[email protected]>
https://launchpad.net/ubuntu/+source/apport/2.0.1-0ubuntu17.15

Sorry, changesfile not available.

-- 
Precise-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes

[ubuntu/precise-security] apport 2.0.1-0ubuntu17.15 (Accepted)

Reply via email to