ubuntu-privacy team mailing list archive

Thread
Date

[Bug 1179686] [NEW] PulseList.txt contains private data

To: ubuntu-privacy@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1179686@xxxxxxxxxxxxxxxxxx>
Date: Mon, 13 May 2013 21:26:18 -0000
Reply-to: Bug 1179686 <1179686@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

You have been subscribed to a public security bug by Fred (eldmannen+launchpad):

Apport leaks private data through the file PulseList.txt which contains
the username and hostname in the properties 'application.process.user'
and 'application.process.host'.

ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: apport 2.9.2-0ubuntu8
ProcVersionSignature: Ubuntu 3.8.0-20.31-generic 3.8.11
Uname: Linux 3.8.0-20-generic x86_64
ApportLog:
 
ApportVersion: 2.9.2-0ubuntu8
Architecture: amd64
CrashReports:
 640:1000:130:52113520:2013-05-12 23:21:15.651600837 +0200:2013-05-12 23:21:16.651600837 +0200:/var/crash/_opt_spotify_spotify-client_spotify.1000.crash
 640:1000:130:22886:2013-05-13 19:41:30.049879550 +0200:2013-05-13 19:41:31.049879550 +0200:/var/crash/_usr_lib_ubuntuone-client_ubuntuone-syncdaemon.1000.crash
Date: Mon May 13 23:20:27 2013
InstallationDate: Installed on 2011-10-21 (570 days ago)
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
MarkForUpload: True
PackageArchitecture: all
SourcePackage: apport
UpgradeStatus: Upgraded to raring on 2013-01-20 (112 days ago)

** Affects: apport (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug privacy raring
-- 
PulseList.txt contains private data
https://bugs.launchpad.net/bugs/1179686
You received this bug notification because you are a member of Ubuntu Privacy Team, which is subscribed to the bug report.