* test_backend_apt_dpkg.py: Reset internal apt caches between tests. Avoids
random test failures due to leaking paths from previous test cases.
* SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)
-- Martin Pitt <email address hidden> Thu, 22 Oct 2015 15:15:37 +0200
This bug was fixed in the package apport - 2.14.1-0ubuntu3.18
--------------- 0ubuntu3. 18) trusty-security; urgency=medium
apport (2.14.1-
* test_backend_ apt_dpkg. py: Reset internal apt caches between tests. Avoids
random test failures due to leaking paths from previous test cases.
* SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)
-- Martin Pitt <email address hidden> Thu, 22 Oct 2015 15:15:37 +0200