Comment 45 for bug 357024

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apport - 1.0-0ubuntu5.2

apport (1.0-0ubuntu5.2) jaunty-security; urgency=low

  [ Martin Pitt ]
  * etc/cron.daily/apport: Only attempt to remove files and symlinks, do not
    descend into subdirectories of /var/crash/. Doing so might be exploited by
    a race condition between find traversing a huge directory tree, changing
    an existing subdir into a symlink to e. g. /etc/, and finally getting that
    piped to rm. Patch based on work by Martin Pitt. Thanks to Stephane
    Chazelas for discovering this!
    - LP: #357024
    - CVE-2009-1295

 -- Jamie Strandboge <email address hidden> Wed, 29 Apr 2009 08:33:09 -0500