* New upstream release. Changes since previous snapshot:
- SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)
- test_backend_apt_dpkg.py: Reset internal apt caches between tests.
Avoids random test failures due to leaking paths from previous test
cases.
* debian/control: Adjust Vcs-Bzr: for xenial branch.
* debian/control: Drop obsolete XS-Testsuite: header.
-- Martin Pitt <email address hidden> Tue, 27 Oct 2015 14:33:28 +0100
This bug was fixed in the package apport - 2.19.2-0ubuntu1
---------------
apport (2.19.2-0ubuntu1) xenial; urgency=medium
* New upstream release. Changes since previous snapshot: CVE-2015- 1341, LP: #1507480) apt_dpkg. py: Reset internal apt caches between tests.
- SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(
- test_backend_
Avoids random test failures due to leaking paths from previous test
cases.
* debian/control: Adjust Vcs-Bzr: for xenial branch.
* debian/control: Drop obsolete XS-Testsuite: header.
-- Martin Pitt <email address hidden> Tue, 27 Oct 2015 14:33:28 +0100