diff -Nru apport-2.20.11/data/apport apport-2.20.11/data/apport
--- apport-2.20.11/data/apport	2020-01-06 23:58:40.000000000 +1030
+++ apport-2.20.11/data/apport	2020-02-11 15:50:22.000000000 +1030
@@ -32,15 +32,10 @@
     This avoids bringing down the system to its knees if there is a series of
     crashes.'''
 
-    # create lock file directory
-    try:
-        os.mkdir("/var/lock/apport", mode=0o744)
-    except FileExistsError as e:
-        pass
-
     # create a lock file
     try:
-        fd = os.open("/var/lock/apport/lock", os.O_WRONLY | os.O_CREAT | os.O_NOFOLLOW)
+        fd = os.open("/var/run/apport.lock", os.O_WRONLY | os.O_CREAT | os.O_NOFOLLOW,
+                     mode=0o400)
     except OSError as e:
         error_log('cannot create lock file (uid %i): %s' % (os.getuid(), str(e)))
         sys.exit(1)
diff -Nru apport-2.20.11/debian/changelog apport-2.20.11/debian/changelog
--- apport-2.20.11/debian/changelog	2020-01-06 23:58:40.000000000 +1030
+++ apport-2.20.11/debian/changelog	2020-02-11 15:50:22.000000000 +1030
@@ -1,3 +1,12 @@
+apport (2.20.11-0ubuntu17) focal; urgency=medium
+
+  * SECURITY UPDATE: World writable lock file created in word writable
+    location (LP: #1862348)
+    - data/apport: Change location of lock file to be directly under /var/run so
+      that regular users can not directly access it or perform symlink attacks.
+    - CVE-2020-8831
+ -- Alex Murray <alex.murray@canonical.com>  Tue, 11 Feb 2020 15:50:22 +1030
+
 apport (2.20.11-0ubuntu16) focal; urgency=medium
 
   * SECURITY REGRESSION: 'module' object has no attribute 'O_PATH'