Ubuntu
apport package

  1. Bionic (18.04)
  2. Bug #1989467
  3. Comment #7

Comment 7 for bug 1989467

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 2.20.9-0ubuntu7.29

---------------
apport (2.20.9-0ubuntu7.29) bionic-security; urgency=medium

  * SECURITY UPDATE: viewing an apport-cli crash with default pager could
    escalate privilege (LP: #2016023)
    - apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
      users environment before execution (using sudo)
    - test/test_ui.py, test/test_user/group.py: Add test cases for new code
    - CVE-2023-1326
  * backends/packaging-apt-dpkg.py: when downloading packages from Launchpad
    do not require them to be authenticated. (LP: #1989467)

 -- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 19:53:49 +0200