Ubuntu 4965-2: Apport vulnerabilities

Advisories

==========================================================================
Ubuntu Security Notice USN-4965-2
May 25, 2021

apport vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in Apport.

Software Description:
- apport: automatically generate crash reports for debugging

Details:

USN-4965-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:

 Maik Münch discovered that Apport incorrectly handled certain information
 gathering operations. A local attacker could use these issues to read and
 write arbitrary files as an administrator, and possibly escalate
 privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  apport                          2.20.1-0ubuntu2.30+esm1
  python-apport                   2.20.1-0ubuntu2.30+esm1
  python3-apport                  2.20.1-0ubuntu2.30+esm1

Ubuntu 14.04 ESM:
  apport                          2.14.1-0ubuntu3.29+esm7
  python-apport                   2.14.1-0ubuntu3.29+esm7
  python3-apport                  2.14.1-0ubuntu3.29+esm7

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4965-2
  https://ubuntu.com/security/notices/USN-4965-1
  CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
  CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
  CVE-2021-32555, CVE-2021-32556, CVE-2021-32557

Ubuntu 4965-2: Apport vulnerabilities

May 25, 2021

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in Apport. Software Description: - apport: automatically generate crash reports for debugging Details: USN-4965-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: apport 2.20.1-0ubuntu2.30+esm1 python-apport 2.20.1-0ubuntu2.30+esm1 python3-apport 2.20.1-0ubuntu2.30+esm1 Ubuntu 14.04 ESM: apport 2.14.1-0ubuntu3.29+esm7 python-apport 2.14.1-0ubuntu3.29+esm7 python3-apport 2.14.1-0ubuntu3.29+esm7 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4965-2

https://ubuntu.com/security/notices/USN-4965-1

CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,

CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,

CVE-2021-32555, CVE-2021-32556, CVE-2021-32557

Severity
Ubuntu Security Notice USN-4965-2

Package Information

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.