* SECURITY UPDATE: viewing an apport-cli crash with default pager could
escalate privilege (LP: #2016023)
- apport/ui.py, apport/user_group.py, bin/apport-cli: drops privilege to
users environment before execution (using sudo)
- test/test_ui.py, test/test_user/group.py: Add test cases for new code
- CVE-2023-1326
* backends/packaging-apt-dpkg.py: when downloading packages from Launchpad
do not require them to be authenticated. (LP: #1989467)
This bug was fixed in the package apport - 2.20.9-0ubuntu7.29
--------------- 0ubuntu7. 29) bionic-security; urgency=medium
apport (2.20.9-
* SECURITY UPDATE: viewing an apport-cli crash with default pager could user_group. py, bin/apport-cli: drops privilege to user/group. py: Add test cases for new code packaging- apt-dpkg. py: when downloading packages from Launchpad
escalate privilege (LP: #2016023)
- apport/ui.py, apport/
users environment before execution (using sudo)
- test/test_ui.py, test/test_
- CVE-2023-1326
* backends/
do not require them to be authenticated. (LP: #1989467)
-- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 19:53:49 +0200