Attachments added by a hook become public when bug is marked as a duplicate by retracer
Bug #419929 reported by
Martin Erik Werner
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apport (Ubuntu) |
Expired
|
Medium
|
Unassigned | ||
Bug Description
Binary package hint: apport
If a private bug contains attachments which were added by a hook, and is marked as a duplicate, only the common attachments are removed, the hook-added ones are still available, now publicly.
This is a privacy concern.
Example: Bug #419821
| security vulnerability: | no → yes |
| Changed in apport (Ubuntu): | |
| status: | New → Confirmed |
| Changed in apport (Ubuntu): | |
| importance: | Undecided → Medium |
| tags: | added: privacy |
Revision history for this message
| Marcus Tomlinson (marcustomlinson) wrote | #1 |
| Changed in apport (Ubuntu): | |
| status: | Confirmed → Incomplete |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in apport (Ubuntu): | |
| status: | Incomplete → Expired |
To post a comment you must log in.
This release of Ubuntu is no longer receiving maintenance updates. If this is still an issue on a maintained version of Ubuntu please let us know.