touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #113785
[Bug 1500450] Re: /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file
This bug was fixed in the package apport - 2.0.1-0ubuntu17.13
---------------
apport (2.0.1-0ubuntu17.13) precise-security; urgency=medium
* SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)
-- Martin Pitt <martin.pitt@xxxxxxxxxx> Thu, 22 Oct 2015 15:50:47
+0200
** Changed in: apport (Ubuntu Precise)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1341
** Changed in: apport (Ubuntu Vivid)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1500450
Title:
/usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file
Status in apport package in Ubuntu:
Fix Released
Status in apport source package in Precise:
Fix Released
Status in apport source package in Trusty:
Fix Committed
Status in apport source package in Vivid:
Fix Released
Bug description:
If the SRU fixes the issue we should not see the new version of the
package in the following buckets.
Trusty / Vivid SRU Bucket
-----------------
https://errors.ubuntu.com/problem/9265493993332196b8be4f1bb3aac669a6fc60fe
Precise SRU Bucket
------------------
https://errors.ubuntu.com/problem/f200105584e29484b216d31ad21edc08ff473db3
The Ubuntu Error Tracker has been receiving reports about a problem
regarding apport. This problem was most recently seen with version
2.19-0ubuntu1, the problem page at
https://errors.ubuntu.com/problem/df0a3ad32b9c2a7f173b2959a64b16b7ed139af4
contains more details.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1500450/+subscriptions
References