* Let apport depend on recent python3-problem-report for recent bug fix
* SECURITY UPDATE: viewing an apport-cli crash with default pager could
escalate privilege (LP: #2016023)
- d/p/refactor-Introduce-run_as_real_user.patch: Introduce
run_as_real_user()
- d/p/fix-Only-open-browser-as-user-via-sudo-if-running-as-root.patch:
Only open browser as user (via sudo) if running as root
- d/p/Replace-sudo-by-dropping-privileges-ourselves.patch: Replace sudo by
dropping privileges ourselves
- debian/patches/CVE-2023-1326.patch: drops privilege to users environment
before execution
- CVE-2023-1326
This bug was fixed in the package apport - 2.23.1-0ubuntu3.2
---------------
apport (2.23.1-0ubuntu3.2) kinetic-security; urgency=medium
* Let apport depend on recent python3- problem- report for recent bug fix Introduce- run_as_ real_user. patch: Introduce as_real_ user() Only-open- browser- as-user- via-sudo- if-running- as-root. patch: sudo-by- dropping- privileges- ourselves. patch: Replace sudo by patches/ CVE-2023- 1326.patch: drops privilege to users environment
* SECURITY UPDATE: viewing an apport-cli crash with default pager could
escalate privilege (LP: #2016023)
- d/p/refactor-
run_
- d/p/fix-
Only open browser as user (via sudo) if running as root
- d/p/Replace-
dropping privileges ourselves
- debian/
before execution
- CVE-2023-1326
-- Benjamin Drung <email address hidden> Wed, 12 Apr 2023 12:38:24 +0200