apport 2.0.1-0ubuntu17.9 source package in Ubuntu
Changelog
apport (2.0.1-0ubuntu17.9) precise-security; urgency=medium * SECURITY UPDATE: When /proc/sys/fs/suid_dumpable is enabled, crashing a program that is suid root or not readable for the user would create root-owned core files in the current directory of that program. Creating specially crafted core files in /etc/logrotate.d or similar could then lead to arbitrary code execution with root privileges. Now core files do not get written for these kinds of programs, in accordance with the intention of core(5). Thanks to Sander Bos for discovering this issue! (CVE-2015-1324, LP: #1452239) * Add test case to ensure that users cannot inject arbitrary core dump file contents (CVE-2015-1325). This version is not affected, but having the test will ensure that backported changes don't introduce this vulnerability. (LP: #1453900) * test_signal_crashes(): Drop hardcoded /tmp/ path in do_crash(), test_nonwritable_cwd() uses a different dir. -- Martin Pitt <email address hidden> Wed, 13 May 2015 13:58:17 +0200
Upload details
- Uploaded by:
- Martin Pitt
- Sponsored by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Martin Pitt
- Architectures:
- all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
apport_2.0.1.orig.tar.gz | 650.8 KiB | 2020aea997fa35fd72a99d55e228cbd5c0686a7904b61b492d44452f3679ff52 |
apport_2.0.1-0ubuntu17.9.diff.gz | 135.5 KiB | ed8aff2c22a34358480024c9939c27e4996512d3bfa3185d69b3e84ac00e287f |
apport_2.0.1-0ubuntu17.9.dsc | 2.3 KiB | 3c59974fa65ac4f86fc729e99418bca8895bb49feb553989584d4d9583184cc6 |
Available diffs
Binary packages built by this source
- apport: automatically generate crash reports for debugging
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package also provides a command line frontend for browsing and
handling the crash reports. For desktops, you should consider
installing the GTK+ or Qt user interface (apport-gtk or apport-kde).
- apport-gtk: GTK+ frontend for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a GTK+ frontend for browsing and handling the
crash reports.
- apport-kde: KDE frontend for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a KDE frontend for browsing and handling the
crash reports.
- apport-retrace: tools for reprocessing Apport crash reports
apport-retrace recombines an Apport crash report (either a file or a
Launchpad bug) and debug symbol packages (.ddebs) into fully symbolic
stack traces. This can optionally use a sandbox for installing debug symbol
packages and doing the processing, so that entire process of retracing crashes
can happen with normal user privileges without changing the system.
- dh-apport: debhelper extension for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a debhelper extension to make it easier for other
packages to include apport hooks.
- python-apport: apport crash report handling library
This Python package provides high-level functions for creating and
handling apport crash reports:
.
* Query available and new reports.
* Add OS, packaging, and process runtime information to a report.
* Various frontend utility functions.
* Python hook to generate crash reports when Python scripts fail.
- python-problem-report: Python library to handle problem reports
This Python library provides an interface for creating, modifying,
and accessing standardized problem reports for program and kernel
crashes and packaging bugs.
.
These problem reports use standard Debian control format syntax
(RFC822).