apport 2.14.1-0ubuntu3.27 source package in Ubuntu
Changelog
apport (2.14.1-0ubuntu3.27) trusty-security; urgency=medium
* SECURITY UPDATE: Denial of service via resource exhaustion and
privilege escalation when handling crashes of tainted processes
(LP: #1726372)
- When /proc/sys/fs/suid_dumpable is set to 2, do not assume that
the user and group owning the /proc/<PID>/stat file is the same
user and group that started the process. Rather check the dump
mode of the crashed process and do not write a core file if its
value is 2. Thanks to Sander Bos for discovering this issue!
- CVE-2017-14177
* SECURITY UPDATE: Denial of service via resource exhaustion,
privilege escalation, and possible container escape when handling
crashes of processes inside PID namespaces (LP: #1726372)
- Change the method for determining if a crash is from a container
so that there are no false positives from software using PID
namespaces. Additionally, disable container crash forwarding by
ignoring crashes that occur in a PID namespace. This functionality
may be re-enabled in a future update. Thanks to Sander Bos for
discovering this issue!
- CVE-2017-14180
-- Brian Murray <email address hidden> Mon, 13 Nov 2017 08:54:04 -0800
Upload details
- Uploaded by:
- Brian Murray
- Sponsored by:
- Tyler Hicks
- Uploaded to:
- Trusty
- Original maintainer:
- Martin Pitt
- Architectures:
- all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apport_2.14.1.orig.tar.gz | 1.2 MiB | 2a9705542c062983471143a43f144c68109656a32428da2fc4579014f6670e65 |
| apport_2.14.1-0ubuntu3.27.diff.gz | 160.3 KiB | 348bc8323db7042a80d10ffc7cdf270223a25ef39c8d00630bd5767feb08379f |
| apport_2.14.1-0ubuntu3.27.dsc | 2.8 KiB | 4a5b22d55fc8576f052c081a01abd843ebcd78dc1972dd206efa7044406b48d4 |
Available diffs
Binary packages built by this source
- apport: automatically generate crash reports for debugging
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package also provides a command line frontend for browsing and
handling the crash reports. For desktops, you should consider
installing the GTK+ or Qt user interface (apport-gtk or apport-kde).
- apport-gtk: GTK+ frontend for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a GTK+ frontend for browsing and handling the
crash reports.
- apport-kde: KDE frontend for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a KDE frontend for browsing and handling the
crash reports.
- apport-noui: tools for automatically reporting Apport crash reports
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
Installing this package will configure your system to automatically submit
all new Apport crash reports.
- apport-retrace: tools for reprocessing Apport crash reports
apport-retrace recombines an Apport crash report (either a file or a
Launchpad bug) and debug symbol packages (.ddebs) into fully symbolic
stack traces. This can optionally use a sandbox for installing debug symbol
packages and doing the processing, so that entire process of retracing crashes
can happen with normal user privileges without changing the system.
.
You need to install gdb-multiarch if you want to be able to retrace crash
reports which happened on a different architecture than the one you run
apport-retrace on.
- apport-valgrind: valgrind wrapper that first downloads debug symbols
apport-valgrind is a valgrind wrapper that automatically downloads related
available debug symbols and provides them to valgrind's memcheck tool, which
is executed. The output is a valgrind log file ("valgrind.log") that contains
stack traces (with as many symbols resolved as available) and that shows
memory leaks.
- dh-apport: debhelper extension for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a debhelper extension to make it easier for other
packages to include apport hooks.
- python-apport: Python library for Apport crash report handling
This Python package provides high-level functions for creating and
handling apport crash reports:
.
* Query available and new reports.
* Add OS, packaging, and process runtime information to a report.
* Various frontend utility functions.
* Python hook to generate crash reports when Python scripts fail.
- python-problem-report: Python library to handle problem reports
This Python library provides an interface for creating, modifying,
and accessing standardized problem reports for program and kernel
crashes and packaging bugs.
.
These problem reports use standard Debian control format syntax
(RFC822).
- python3-apport: Python 3 library for Apport crash report handling
This Python package provides high-level functions for creating and
handling apport crash reports:
.
* Query available and new reports.
* Add OS, packaging, and process runtime information to a report.
* Various frontend utility functions.
* Python hook to generate crash reports when Python scripts fail.
- python3-problem-report: Python 3 library to handle problem reports
This Python library provides an interface for creating, modifying,
and accessing standardized problem reports for program and kernel
crashes and packaging bugs.
.
These problem reports use standard Debian control format syntax
(RFC822).
