USN-7545-1 introduced a regression in Apport
Software Description:
- apport: automatically generate crash reports for debugging
Details:
USN-7545-1 fixed vulnerabilities in Apport. The update incorrectly
handled logging if a crashing process was killed while Apport was
analyzing it. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Qualys discovered that Apport incorrectly handled metadata when
processing application crashes. An attacker could possibly use this issue
to leak sensitive information.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
apport 2.20.11-0ubuntu82.10
python3-apport 2.20.11-0ubuntu82.10
Ubuntu 20.04 LTS
apport 2.20.11-0ubuntu27.31
python3-apport 2.20.11-0ubuntu27.31
Ubuntu 18.04 LTS
apport 2.20.9-0ubuntu7.29+esm4
Available with Ubuntu Pro
python-apport 2.20.9-0ubuntu7.29+esm4
Available with Ubuntu Pro
python3-apport 2.20.9-0ubuntu7.29+esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
apport 2.20.1-0ubuntu2.30+esm8
Available with Ubuntu Pro
python-apport 2.20.1-0ubuntu2.30+esm8
Available with Ubuntu Pro
python3-apport 2.20.1-0ubuntu2.30+esm8
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-7545-4
https://ubuntu.com/security/notices/USN-7545-2
https://ubuntu.com/security/notices/USN-7545-3
https://ubuntu.com/security/notices/USN-7545-4
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2117236
Get the latest Linux and open source security news straight to your inbox.