Comment 4 for bug 1700573

You're right, Felix. I didn't recall bug 1648806 and didn't realize that apport registered itself as a handler for .crash files. I've requested a CVE from MITRE.

@bdmurray can you prepare a fix for this bug and attach a patch? Please don't commit the fix to the public bzr tree or publicly leak any other info about this issue. Also, do you think it is necessary for Apport to register itself as a handler for .crash files? It seems to me like it provides little usefulness despite exposing users to several attacks such as this one.