apport 2.20.11-0ubuntu27.24 source package in Ubuntu
Changelog
apport (2.20.11-0ubuntu27.24) focal-security; urgency=medium * SECURITY UPDATE: Fix multiple security issues - test/test_report.py: Fix flaky test. - data/apport: Fix too many arguments for error_log(). - data/apport: Use proper argument variable name executable_path. - etc/init.d/apport: Set core_pipe_limit to a non-zero value to make sure the kernel waits for apport to finish before removing the /proc information. - apport/fileutils.py, data/apport: Search for executable name if one wan't provided such as when being called in a container. - data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654, CVE-2022-28656) - data/apport, apport/fileutils.py, test/test_fileutils.py: Validate D-Bus socket location. (CVE-2022-28655) - apport/fileutils.py, test/test_fileutils.py: Turn off interpolation in get_config() to prevent DoS attacks. (CVE-2022-28652) - Refactor duplicate code into search_map() function. - Switch from chroot to container to validating socket owner. (CVE-2022-1242, CVE-2022-28657) - data/apport: Clarify error message. - apport/fileutils.py: Fix typo in comment. - apport/fileutils.py: Do not call str in loop. - data/apport, etc/init.d/apport: Switch to using non-positional arguments. Get real UID and GID from the kernel and make sure they match the process. Also fix executable name space handling in argument parsing. (CVE-2022-28658, CVE-2021-3899) -- Marc Deslauriers <email address hidden> Tue, 10 May 2022 09:23:35 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
apport_2.20.11-0ubuntu27.24.tar.gz | 1.3 MiB | ca5154fd06988aade2e916da00f42300ff0bee49c46db1efcadb8bd3e486cd44 |
apport_2.20.11-0ubuntu27.24.dsc | 2.6 KiB | dee91959c653fe911097aa4d0918dd1826d8b1d6cf1f798f76872a629c0db70d |
Available diffs
Binary packages built by this source
- apport: automatically generate crash reports for debugging
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package also provides a command line frontend for browsing and
handling the crash reports. For desktops, you should consider
installing the GTK+ or Qt user interface (apport-gtk or apport-kde).
- apport-gtk: GTK+ frontend for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a GTK+ frontend for browsing and handling the
crash reports.
- apport-kde: KDE frontend for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a KDE frontend for browsing and handling the
crash reports.
- apport-noui: tools for automatically reporting Apport crash reports
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
Installing this package will configure your system to automatically submit
all new Apport crash reports.
- apport-retrace: tools for reprocessing Apport crash reports
apport-retrace recombines an Apport crash report (either a file or a
Launchpad bug) and debug symbol packages (.ddebs) into fully symbolic
stack traces. This can optionally use a sandbox for installing debug symbol
packages and doing the processing, so that entire process of retracing crashes
can happen with normal user privileges without changing the system.
.
You need to install gdb-multiarch if you want to be able to retrace crash
reports which happened on a different architecture than the one you run
apport-retrace on.
- apport-valgrind: valgrind wrapper that first downloads debug symbols
apport-valgrind is a valgrind wrapper that automatically downloads related
available debug symbols and provides them to valgrind's memcheck tool, which
is executed. The output is a valgrind log file ("valgrind.log") that contains
stack traces (with as many symbols resolved as available) and that shows
memory leaks.
- dh-apport: debhelper extension for the apport crash report system
apport automatically collects data from crashed processes and
compiles a problem report in /var/crash/. This utilizes the crashdump
helper hook provided by the Ubuntu kernel.
.
This package provides a debhelper extension to make it easier for other
packages to include apport hooks.
- python3-apport: Python 3 library for Apport crash report handling
This Python package provides high-level functions for creating and
handling apport crash reports:
.
* Query available and new reports.
* Add OS, packaging, and process runtime information to a report.
* Various frontend utility functions.
* Python hook to generate crash reports when Python scripts fail.
- python3-problem-report: Python 3 library to handle problem reports
This Python library provides an interface for creating, modifying,
and accessing standardized problem reports for program and kernel
crashes and packaging bugs.
.
These problem reports use standard Debian control format syntax
(RFC822).