Format: 1.8
Date: Thu, 04 Jul 2019 12:05:21 +0930
Source: apport
Binary: apport python-problem-report python3-problem-report python-apport python3-apport apport-retrace apport-valgrind apport-gtk apport-kde dh-apport apport-noui
Architecture: all amd64_translations
Version: 2.20.1-0ubuntu2.19
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy01-amd64-021.buildd>
Changed-By: Alex Murray <alex.murray@canonical.com>
Description:
 apport     - automatically generate crash reports for debugging
 apport-gtk - GTK+ frontend for the apport crash report system
 apport-kde - KDE frontend for the apport crash report system
 apport-noui - tools for automatically reporting Apport crash reports
 apport-retrace - tools for reprocessing Apport crash reports
 apport-valgrind - valgrind wrapper that first downloads debug symbols
 dh-apport  - debhelper extension for the apport crash report system
 python-apport - Python library for Apport crash report handling
 python-problem-report - Python library to handle problem reports
 python3-apport - Python 3 library for Apport crash report handling
 python3-problem-report - Python 3 library to handle problem reports
Launchpad-Bugs-Fixed: 1830858
Changes:
 apport (2.20.1-0ubuntu2.19) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: TOCTOU issue allows local user to read arbitrary
     files (LP: #1830858)
     - apport/report.py: Avoid TOCTOU issue on users ignore file by
       dropping privileges and then opening the file both test for access and
       open the file in a single operation, instead of using access() before
       reading the file which could be abused by a symlink to cause Apport to
       read and embed an arbitrary file in the resulting crash dump.
     - CVE-2019-7307
Checksums-Sha1:
 850bc52a097c674405dc5f9fa069a88009aea3f8 9516 apport-gtk_2.20.1-0ubuntu2.19_all.deb
 fe515453b1339df89ef2dc684d468f070bf92052 17802 apport-kde_2.20.1-0ubuntu2.19_all.deb
 1dfa57af48c33c6fb3c4cc24a5f5223a67d71bd9 2910 apport-noui_2.20.1-0ubuntu2.19_all.deb
 2554a6e55ae1dff5b71d9844a80b3300b6747461 12348 apport-retrace_2.20.1-0ubuntu2.19_all.deb
 e74715eb0bf12d40cc6ee21557e6e3bb027b17f3 5098 apport-valgrind_2.20.1-0ubuntu2.19_all.deb
 c5bf217b79329e2a0b9b293a505124865e8b4e6a 120684 apport_2.20.1-0ubuntu2.19_all.deb
 829edcc68b24641ef280e24c4577db28be889813 1199469 apport_2.20.1-0ubuntu2.19_amd64_translations.tar.gz
 3354481472a7372ed4151f490da26f9ac442adcd 6932 dh-apport_2.20.1-0ubuntu2.19_all.deb
 671f90071b95a504f5c825cec5d6eb4954755d6e 79504 python-apport_2.20.1-0ubuntu2.19_all.deb
 b4487e0dacb733c675455c029334df94b4692957 9826 python-problem-report_2.20.1-0ubuntu2.19_all.deb
 8843e2ae0644033a974fba15ec69c0c4bae2d802 79598 python3-apport_2.20.1-0ubuntu2.19_all.deb
 5b42a983c2c69685c7380dc634f4f203be943946 9916 python3-problem-report_2.20.1-0ubuntu2.19_all.deb
Checksums-Sha256:
 f2116d12f23919c4797cf2072577469b922dee0f9d9bd4232714d40fa3ccd9e1 9516 apport-gtk_2.20.1-0ubuntu2.19_all.deb
 35ee048813e3a49e9dc1e81c1e4413d174ceb229a30533c954a7402feff3ca6a 17802 apport-kde_2.20.1-0ubuntu2.19_all.deb
 583469d43f07ecb7fc428b6d3dfa56aa09bfadb1915af436cb6b9af1c71d97fd 2910 apport-noui_2.20.1-0ubuntu2.19_all.deb
 975d4fc6d6977290373541318737cbab44d6fbdf8bdcf78bc1bcb9f91573ab85 12348 apport-retrace_2.20.1-0ubuntu2.19_all.deb
 ab3ce2139b600cba74772efa989d97684bb805ba43c6ff6bfcfc3529c379759e 5098 apport-valgrind_2.20.1-0ubuntu2.19_all.deb
 887a3b0211f0753787039c8f0909af7cc25ef2b296a3f95e82796a2d37ee1bf2 120684 apport_2.20.1-0ubuntu2.19_all.deb
 8548767130aef92b9a3e77d9587e03bdf0f9dd4f0ae8b2feded1c97db9f83470 1199469 apport_2.20.1-0ubuntu2.19_amd64_translations.tar.gz
 726ca51b651f060faf5e6d3efb2a074af660c2f1649fed640b0003c10db91dd7 6932 dh-apport_2.20.1-0ubuntu2.19_all.deb
 fa4e2bcf13b919ac4b5c11c6bfb1b8a15c3a918e729282e5ae453ecc5601e1be 79504 python-apport_2.20.1-0ubuntu2.19_all.deb
 cdae2f04f4067345e3fc8e914dfd7f334a6590bb991eca2267c24aca06b4cc7d 9826 python-problem-report_2.20.1-0ubuntu2.19_all.deb
 a246755ef4cf627cc03cbaa5654f309da1559769e7ba4727124e0dbed34a1677 79598 python3-apport_2.20.1-0ubuntu2.19_all.deb
 d486ea59bf6cf44c24fd2401b19f9de8eda56b6ed81b6ee45e38145c618d1d6a 9916 python3-problem-report_2.20.1-0ubuntu2.19_all.deb
Files:
 514bd527148925b17eb224df5dc887f3 9516 gnome optional apport-gtk_2.20.1-0ubuntu2.19_all.deb
 2cd991bddcc94066d375aee63b76cb5b 17802 kde optional apport-kde_2.20.1-0ubuntu2.19_all.deb
 87e9988c6f00542792bb8e0295dcf29d 2910 utils optional apport-noui_2.20.1-0ubuntu2.19_all.deb
 38625e106051a40710dbb332a3751f2e 12348 devel optional apport-retrace_2.20.1-0ubuntu2.19_all.deb
 b31326b3e3eff73d78f17a6fa07ebb78 5098 devel optional apport-valgrind_2.20.1-0ubuntu2.19_all.deb
 ffead395306215a260e39094b5dd2c0e 120684 utils optional apport_2.20.1-0ubuntu2.19_all.deb
 48d337c673e14290dd3705d598c3e54f 1199469 raw-translations - apport_2.20.1-0ubuntu2.19_amd64_translations.tar.gz
 e498c2256fa2cf4bd5e38b495cd9e1b3 6932 devel optional dh-apport_2.20.1-0ubuntu2.19_all.deb
 07f72ca1516527bb8e4bca2ab9224764 79504 python optional python-apport_2.20.1-0ubuntu2.19_all.deb
 087ae79c757e9237d5cb3efeca4befdd 9826 python optional python-problem-report_2.20.1-0ubuntu2.19_all.deb
 c86a63bf30477523fc405774927720ba 79598 python optional python3-apport_2.20.1-0ubuntu2.19_all.deb
 ddd639c3ea4c503a642b8fd22adda7d3 9916 python optional python3-problem-report_2.20.1-0ubuntu2.19_all.deb