This bug was fixed in the package apport - 2.12.5-0ubuntu2.1
---------------
apport (2.12.5-0ubuntu2.1) saucy-security; urgency=low
* SECURITY UPDATE: incorrect permissions on setuid process core dumps
(LP: #1242435)
- use correct permissions when writing the core file in data/apport,
added test to test/test_signal_crashes.py.
- Thanks to Martin Pitt for the patch!
- CVE-2013-1067
-- Marc Deslauriers <[email protected]> Wed, 23 Oct 2013 12:50:57
-0400
** Changed in: apport (Ubuntu Saucy)
Status: Triaged => Fix Released
** Changed in: apport (Ubuntu Quantal)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1242435/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
