Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Ubuntu 21.04 USN-5077-1 Moderate: Apport Sensitivity Issue

ubuntu
Calendar Grey September 14, 2021
Dist Ubuntu Esm H88
Multiple vulnerabilities addressed in Apport for Ubuntu versions, improving safeguards against information exposure.
Several security issues were fixed in Apport.

Summary

Several security issues were fixed in Apport.

Software Description:

- apport: automatically generate crash reports for debugging

Details:

Maik Münch and Stephen Röttger discovered that Apport incorrectly handled

certain information gathering operations. A local attacker could use this

issue to gain read access to arbitrary files, possibly containing sensitive

information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
  apport                          2.20.11-0ubuntu65.3
  python3-apport                  2.20.11-0ubuntu65.3

Ubuntu 20.04 LTS:
  apport                          2.20.11-0ubuntu27.20
  python3-apport                  2.20.11-0ubuntu27.20

Ubuntu 18.04 LTS:
  apport                          2.20.9-0ubuntu7.26
  python-apport                   2.20.9-0ubuntu7.26
  python3-apport                  2.20.9-0ubuntu7.26

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5077-1

CVE-2021-3709, CVE-2021-3710

Severity
important
Lowest
Low
Medium
High
Critical

September 14, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.