Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 579
Alerts This Week
Warning Icon 1 579

Ubuntu 16.04 ESM: USN-5077-2 Severe Vulnerability in Apport Disclosure

ubuntu
Calendar Grey September 14, 2021
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-5077-2 addresses vulnerabilities in Apport that affect essential distributions, providing instructions for necessary updates.
Several security issues were fixed in Apport.

Summary

Several security issues were fixed in Apport.

Software Description:

- apport: automatically generate crash reports for debugging

Details:

USN-5077-1 fixed several vulnerabilities in Apport. This update provides

the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Maik Münch and Stephen Röttger discovered that Apport incorrectly handled

certain information gathering operations. A local attacker could use this

issue to gain read access to arbitrary files, possibly containing sensitive

information.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  apport                          2.20.1-0ubuntu2.30+esm2
  python-apport                   2.20.1-0ubuntu2.30+esm2
  python3-apport                  2.20.1-0ubuntu2.30+esm2

Ubuntu 14.04 ESM:
  apport                          2.14.1-0ubuntu3.29+esm8
  python-apport                   2.14.1-0ubuntu3.29+esm8
  python3-apport                  2.14.1-0ubuntu3.29+esm8

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5077-2

https://ubuntu.com/security/notices/USN-5077-1

CVE-2021-3709, CVE-2021-3710

Severity
critical
Lowest
Low
Medium
High
Critical

September 14, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.