[ubuntu/trusty-updates] apport 2.14.1-0ubuntu3.25 (Accepted)

Ubuntu Archive Robot Tue, 18 Jul 2017 11:58:29 -0700

apport (2.14.1-0ubuntu3.25) trusty-security; urgency=medium

  * SECURITY UPDATE: code execution through path traversal in
    .crash files (LP: #1700573)
    - apport/report.py, test/test_ui.py: fix traversal issue
      and add a test for that.
    - debian/apport.install, setup.py, xdg-mime/apport.xml: removes
      apport as a file handler for .crash files. Thanks to Brian
      Murray for the patch and Felix Wilhelm for discovering this.
    - CVE-2017-10708


Date: 2017-07-17 22:24:13.087723+00:00
Changed-By: [email protected] (Leonidas S. Barbosa)
Maintainer: Martin Pitt <[email protected]>
Signed-By: Ubuntu Archive Robot 
<[email protected]>
https://launchpad.net/ubuntu/+source/apport/2.14.1-0ubuntu3.25

Sorry, changesfile not available.

-- 
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-updates] apport 2.14.1-0ubuntu3.25 (Accepted)

Reply via email to