apport 2.14.1-0ubuntu3.27 source package in Ubuntu

Changelog

apport (2.14.1-0ubuntu3.27) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service via resource exhaustion and
    privilege escalation when handling crashes of tainted processes
    (LP: #1726372)
    - When /proc/sys/fs/suid_dumpable is set to 2, do not assume that
      the user and group owning the /proc/<PID>/stat file is the same
      user and group that started the process. Rather check the dump
      mode of the crashed process and do not write a core file if its
      value is 2. Thanks to Sander Bos for discovering this issue!
    - CVE-2017-14177
  * SECURITY UPDATE: Denial of service via resource exhaustion,
    privilege escalation, and possible container escape when handling
    crashes of processes inside PID namespaces (LP: #1726372)
    - Change the method for determining if a crash is from a container
      so that there are no false positives from software using PID
      namespaces. Additionally, disable container crash forwarding by
      ignoring crashes that occur in a PID namespace. This functionality
      may be re-enabled in a future update. Thanks to Sander Bos for
      discovering this issue!
    - CVE-2017-14180

 -- Brian Murray <email address hidden>  Mon, 13 Nov 2017 08:54:04 -0800

Upload details

Uploaded by:
Brian Murray on 2017-11-14
Sponsored by:
Tyler Hicks
Uploaded to:
Trusty
Original maintainer:
Martin Pitt
Architectures:
all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2017-11-15 main utils
Trusty security on 2017-11-15 main utils

Builds

Trusty: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
apport_2.14.1.orig.tar.gz 1.2 MiB 2a9705542c062983471143a43f144c68109656a32428da2fc4579014f6670e65
apport_2.14.1-0ubuntu3.27.diff.gz 160.3 KiB 348bc8323db7042a80d10ffc7cdf270223a25ef39c8d00630bd5767feb08379f
apport_2.14.1-0ubuntu3.27.dsc 2.8 KiB 4a5b22d55fc8576f052c081a01abd843ebcd78dc1972dd206efa7044406b48d4

View changes file

Binary packages built by this source

apport: automatically generate crash reports for debugging

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package also provides a command line frontend for browsing and
 handling the crash reports. For desktops, you should consider
 installing the GTK+ or Qt user interface (apport-gtk or apport-kde).

apport-gtk: GTK+ frontend for the apport crash report system

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package provides a GTK+ frontend for browsing and handling the
 crash reports.

apport-kde: KDE frontend for the apport crash report system

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package provides a KDE frontend for browsing and handling the
 crash reports.

apport-noui: tools for automatically reporting Apport crash reports

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 Installing this package will configure your system to automatically submit
 all new Apport crash reports.

apport-retrace: tools for reprocessing Apport crash reports

 apport-retrace recombines an Apport crash report (either a file or a
 Launchpad bug) and debug symbol packages (.ddebs) into fully symbolic
 stack traces. This can optionally use a sandbox for installing debug symbol
 packages and doing the processing, so that entire process of retracing crashes
 can happen with normal user privileges without changing the system.
 .
 You need to install gdb-multiarch if you want to be able to retrace crash
 reports which happened on a different architecture than the one you run
 apport-retrace on.

apport-valgrind: valgrind wrapper that first downloads debug symbols

 apport-valgrind is a valgrind wrapper that automatically downloads related
 available debug symbols and provides them to valgrind's memcheck tool, which
 is executed. The output is a valgrind log file ("valgrind.log") that contains
 stack traces (with as many symbols resolved as available) and that shows
 memory leaks.

dh-apport: debhelper extension for the apport crash report system

 apport automatically collects data from crashed processes and
 compiles a problem report in /var/crash/. This utilizes the crashdump
 helper hook provided by the Ubuntu kernel.
 .
 This package provides a debhelper extension to make it easier for other
 packages to include apport hooks.

python-apport: Python library for Apport crash report handling

 This Python package provides high-level functions for creating and
 handling apport crash reports:
 .
  * Query available and new reports.
  * Add OS, packaging, and process runtime information to a report.
  * Various frontend utility functions.
  * Python hook to generate crash reports when Python scripts fail.

python-problem-report: Python library to handle problem reports

 This Python library provides an interface for creating, modifying,
 and accessing standardized problem reports for program and kernel
 crashes and packaging bugs.
 .
 These problem reports use standard Debian control format syntax
 (RFC822).

python3-apport: Python 3 library for Apport crash report handling

 This Python package provides high-level functions for creating and
 handling apport crash reports:
 .
  * Query available and new reports.
  * Add OS, packaging, and process runtime information to a report.
  * Various frontend utility functions.
  * Python hook to generate crash reports when Python scripts fail.

python3-problem-report: Python 3 library to handle problem reports

 This Python library provides an interface for creating, modifying,
 and accessing standardized problem reports for program and kernel
 crashes and packaging bugs.
 .
 These problem reports use standard Debian control format syntax
 (RFC822).