========================================================================== Ubuntu Security Notice USN-4051-2 July 09, 2019
apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Apport could be made to expose sensitive information in crash reports. Software Description: - apport: automatically generate crash reports for debugging Details: USN-4051-1 fixed a vulnerability in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered a race-condition when reading the user's local Apport configuration. This could be used by a local attacker to cause Apport to include arbitrary files in a resulting crash report. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: python-apport 2.14.1-0ubuntu3.29+esm1 python3-apport 2.14.1-0ubuntu3.29+esm1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4051-2 https://usn.ubuntu.com/4051-1 CVE-2019-7307
signature.asc
Description: PGP signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
