apport (2.28.1-0ubuntu3.8) noble-security; urgency=medium
* SECURITY REGRESSION: exception during core dump handling (LP: #2112466)
- d/p/apport-Do-not-hide-FileNotFoundError-during-crash-handlin.patch:
Do not hide FileNotFoundError during crash handling.
-- Octavio Galland <octavio.galland@canonical.com> Tue, 08 Jul 2025 11:50:50 -0300
apport (2.28.1-0ubuntu3.7) noble-security; urgency=medium
* SECURITY REGRESSION: apport not generating core dumps inside containers
(LP: #2112272)
- d/p/check-exe-mtime.patch: Check the exe mtime within the proc root
mount.
-- Octavio Galland <octavio.galland@canonical.com> Wed, 04 Jun 2025 15:59:08 -0300
apport (2.28.1-0ubuntu3.6) noble-security; urgency=medium
* SECURITY UPDATE: Insecure report permissions (LP: #2106338)
- d/p/apport-Do-not-change-report-group-to-report-owners-primar.patch: Do
not change report group to report owners primary group.
- CVE-2025-5467
* SECURITY UPDATE: Race condition when forwarding core files to containers
(LP: #2107472)
- d/p/apport-move-consistency_checks-call-further-up.patch: Move
consistency_checks call further up.
- d/p/apport-do-not-override-options.pid.patch: Do not override
options.pid.
- d/p/apport-open-proc-pid-as-early-as-possible.patch: Open /proc/<pid> as
early as possible.
- d/p/fileutils-respect-proc_pid_fd-in-get_core_path.patch: Respect
proc_pid_fd in get_core_path.
- d/p/apport-use-opened-proc-pid-everywhere.patch: Use opened /proc/<pid>
everywhere.
- d/p/apport-do-consistency-check-before-forwarding-crashes.patch: Do
consistency check before forwarding crashes.
- d/p/apport-require-dump-mode-to-be-specified.patch: Require --dump-mode
to be specified.
- d/p/apport-determine-report-owner-by-dump_mode.patch: Determine report
owner by dump_mode.
- d/p/apport-do-not-forward-crash-for-dump_mode-2.patch: Do not forward
crash for dump_mode == 2.
- d/p/apport-support-pidfd-F-parameter-from-kernel.patch: Support pidfd
(%F) parameter from kernel.
- CVE-2025-5054
-- Octavio Galland <octavio.galland@canonical.com> Fri, 23 May 2025 09:41:47 -0300
apport (2.28.1-0ubuntu3.5) noble; urgency=medium
[ Simon Chopin ]
* d/p/tests-skip-anonymization-test-on-environments-that-a.patch:
Fix FTBFS when building on the LP infra (LP: #2097264)
[ Chris Peterson ]
* d/package-hooks/ubuntu-desktop-bootstrap.py: attach files with root
and add subiquity traceback, curtin logs, subiquity or system journal,
hardware information, and check if snap updated (LP: #2098415).
* d/package-hooks/subiquity.py: fix typo in path to curtin apt
configuration (LP: #2098423).
[ Benjamin Drung ]
* apport-gtk: check for available display on startup (LP: #2006981)
* python3-apport: Bump python3-problem-report dependency to >= 2.28
for CompressedFile class (LP: #2100313)
* test:
- do not check for exact encoded gzip data (LP: #2076269)
- depend on apport-gtk for new UI integration test
- split test_find_package_desktopfile into separate test cases
and fix test_find_package_desktopfile_multiple
- autopkgtest: install xterm for test_find_package_desktopfile_multiple
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 27 Feb 2025 14:01:57 +0100
apport (2.28.1-0ubuntu3.3) noble; urgency=medium
* Depend on gdb-multiarch and python3-psutil for system tests
-- Benjamin Drung <bdrung@ubuntu.com> Sat, 26 Oct 2024 13:50:11 +0200
apport (2.28.1-0ubuntu3.2) noble; urgency=medium
* Remove obsolete apport init.d and bash-completion conffiles (LP: #2078634)
* recent-syslog: read stdout after process completion (LP: #2073935)
* package_hook: Handle failures of removed packages (LP: #2078695)
* Fix hang when cancelling/closing Apport (LP: #1537310)
* tests:
- fix wait_for_gdb_sleeping_child_process (LP: #2073933)
- fix flaky tests waiting for sleep command (LP: #2076186)
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 04 Oct 2024 14:50:27 +0200
apport (2.28.1-0ubuntu3.1) noble; urgency=medium
[ Chris Peterson ]
* d/package-hooks/subiquity.py: update information collection (LP: #2067775)
- Add information about snap update/refresh state
- Attach logs and change key names to align with the information
attached by subiquity's self-collection
- Attach hardware information
- Ensure bug reports are always private since there may be private
information in the logs
- Don't require sudo for logs collection
- Add journal logs
- Ensure snap revision is included in both deb and snap collection
style
- Handle version information when permission elevation fails.
[ Benjamin Drung ]
* apport: do not modify permission of existing /var/crash or
create /var/crash with setgid permission (mode 3777) (LP: #2066995)
* apport.postinst: Create /var/crash with mode 3777 (LP: #2066995)
* whoopsie-upload-all: exit with 0 if whoopsie is disabled (LP: #2069360)
* Fix retracing crashes on Ubuntu 24.04 (noble) and add chaos-marmosets as
dependency for the newly added system-tests (LP: #2067120)
[ Sebastien Bacher ]
* Fix some issues in the hook for ubuntu-desktop-bootstrap (LP: #2072751)
-- Benjamin Drung <bdrung@ubuntu.com> Mon, 22 Jul 2024 16:59:07 +0200
apport (2.28.1-0ubuntu3) noble; urgency=medium
* report: fix determining bug report URL for Thunderbird (LP: #2056758)
* setup: determine udev directory dynamically
* Install apport-autoreport units into /usr/lib/systemd/system
-- Benjamin Drung <bdrung@ubuntu.com> Tue, 23 Apr 2024 13:30:10 +0200
apport (2.28.1-0ubuntu2) noble; urgency=medium
* Drop python3-distutils from autopkgtest dependencies
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 19 Apr 2024 01:50:32 +0200
apport (2.28.1-0ubuntu1) noble; urgency=medium
[ Benjamin Drung ]
* New bug-fix upstream release
- Ignore missing `COREDUMP_FILENAME` (LP: #2058380)
- fix integration tests for bash >= 5.2.21-2ubuntu2 and coreutils
>= 9.4-3ubuntu1 (LP: #2054902)
* Stop shipping debian-installer package hook (LP: #2060581)
* general-hooks/ubuntu.py: Drop upstart integration
* apport: Install python3-zstandard when using systemd-coredump (LP: #2061753)
* Disable Launchpad crash reports for the 24.04 release
[ Sebastien Bacher ]
* ubuntu-desktop-installer has been replaced by ubuntu-desktop-bootstrap
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 18 Apr 2024 15:46:28 +0200
apport (2.28.0-0ubuntu1) noble; urgency=medium
* New upstream release
- ui: remove skipping crashes that happened during logout (LP: #2043393)
- setup: set minimum Java release to 8 (LP: #2045705)
- support systemd-coredump as core dump handler (LP: #2048136)
* Drop patches that were applied upstream
* Address pylint complaints in patches and package hooks
* Replace build dependency pkg-config by pkgconf
* Suggest python3-zstandard in python3-problem-report for read support
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 22 Feb 2024 15:20:00 +0100
apport (2.27.0-0ubuntu7) noble; urgency=medium
[ Benjamin Drung ]
* Rely on pybuild in dh_auto_* targets
* Introduce the separate apport-core-dump-handler package that registers as
kernel crash dump handler. This is needed for the upcoming systemd-coredump
support.
* Move systemd units from /lib to /usr/lib
[ Simon Chopin ]
* Rework apport-retrace to handle unbound crashid (LP: #2051512)
* fix: use context manager when manipulating GzipFiles (LP: #2051512)
-- Benjamin Drung <bdrung@ubuntu.com> Wed, 14 Feb 2024 16:51:44 +0100
apport (2.27.0-0ubuntu6) noble; urgency=medium
* Move additional package hooks to debian/package-hooks
* Enable Launchpad crash reports for noble
* cherry-pick setup patches: replace deprecated distutils by setuptools
-- Benjamin Drung <bdrung@ubuntu.com> Tue, 31 Oct 2023 00:24:35 +0100
apport (2.27.0-0ubuntu5) mantic; urgency=medium
* d/p/lp2038650: Fix crash reporting when going through the UI (LP: #2038650)
-- Simon Chopin <schopin@ubuntu.com> Mon, 09 Oct 2023 15:52:13 +0200
apport (2.27.0-0ubuntu4) mantic; urgency=medium
* Disable Launchpad crash reports for the 23.10 release
-- Brian Murray <brian@ubuntu.com> Mon, 02 Oct 2023 12:56:17 -0700
apport (2.27.0-0ubuntu3) mantic; urgency=medium
* fix: raise "gdb not found" as soon as detected (LP: #2031919)
* bash-completion: Do not use ls in completion (LP: #1850804)
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 29 Sep 2023 01:03:44 +0200
apport (2.27.0-0ubuntu2) mantic; urgency=medium
* Run only pylint --errors-only and mypy from tests/run-linters (LP: #2028881)
* Depend on dictionaries-common for having a dpkg diversion test package
(LP: #2028879)
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 28 Jul 2023 18:59:34 +0200
apport (2.27.0-0ubuntu1) mantic; urgency=medium
* New upstream release.
- apport-unpack: Catch MalformedProblemReport on extraction (LP: #1997912)
* Switch running test suite with pytest
* Apply black changes and pylint fixes to patches
-- Benjamin Drung <bdrung@ubuntu.com> Mon, 24 Jul 2023 20:36:16 +0200
apport (2.26.1-0ubuntu3) mantic; urgency=medium
* Enable Launchpad crash reports for mantic
-- Benjamin Drung <bdrung@ubuntu.com> Tue, 02 May 2023 14:07:28 +0200
apport (2.26.1-0ubuntu2) lunar; urgency=medium
* fix(tests): Clear environment for test_run_as_real_user_no_sudo
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 14 Apr 2023 00:17:27 +0200
apport (2.26.1-0ubuntu1) lunar; urgency=medium
[ Benjamin Drung ]
* New upstream bug-fix release.
- SECURITY UPDATE: viewing an apport-cli crash with default pager could
escalate privilege (LP: #2016023). Do not run sensible-pager as root
if using sudo/pkexec.
- Catch HTTPError in UserInterface.file_report (LP: #2008638)
- Print proper error message if /proc/<pid> is gone (LP: #2008638)
- Do not drop environment variables when calling GDB (LP: #2012374)
- Fix parsing options with spaces in sources.list (LP: #1822712)
* Disable Launchpad crash reports for 23.04 release
[ Sebastien Bacher ]
* Let subiquity collect the desktop installer details if available
-- Benjamin Drung <bdrung@ubuntu.com> Wed, 12 Apr 2023 20:17:37 +0200
apport (2.26.0-0ubuntu2) lunar; urgency=medium
* fix: Mock query to Github in integration test
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 24 Feb 2023 16:17:43 +0100
apport (2.26.0-0ubuntu1) lunar; urgency=medium
* New upstream release.
* Depend on python3-requests for GitHub crash DB backend
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 24 Feb 2023 01:50:21 +0100
apport (2.25.0-0ubuntu1) lunar; urgency=medium
* New upstream release.
- Add general hook image.py for collecting cloud build info
(LP: #1724623)
- Catch UnicodeDecodeError on a malformed problem report (LP: #1996040)
- Fix TypeError in error(): not enough arguments for format string
(LP: #1562477)
- whoopsie-upload-all: Use NoninteractiveHookUI for add_hooks_info
(LP: #2003098)
- Use inclusive names. This includes renaming the directory
/etc/apport/blacklist.d to /etc/apport/report-ignore and
/etc/apport/whitelist.d to /etc/apport/report-only
* Drop wine-preloader from Apports report-ignore list
* Drop unneeded dependency on transitional lsb-base
* Replace transitional policykit-1 by pkexec and polkitd
* Bump Standards-Version to 4.6.2
* Install apport-kde.desktop into apport-kde
* Use dh_missing --fail-missing
* Replace lsb_release call by platform.freedesktop_os_release and drop
lsb-release dependency
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 16 Feb 2023 12:03:57 +0100
apport (2.24.0-0ubuntu2) lunar; urgency=medium
* Fix test failures with Python 3.11 (PR #57)
-- Benjamin Drung <bdrung@ubuntu.com> Tue, 10 Jan 2023 17:34:18 +0100
apport (2.24.0-0ubuntu1) lunar; urgency=medium
* New upstream bug-fix release.
- Catch malformed problem reports (LP: #1996040)
- Catch ValueError: not enough values to unpack (LP: #1995100)
- Catch FileNotFoundError for missing desktop files (LP: #1997753)
- Catch binascii.Error: Incorrect padding (LP: #1997912)
- Catch AttributeError: NoneType object has no attribute origins
(LP: #1997973)
* Drop cherry-picked upstream patches
* oem-getlogs: Use colon instead of a dot for chown command
* Remove redundant section from apport-noui
* Clarify that apport-noui is empty
* Run black, isort, pydocstyle, pylint during package build
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 08 Dec 2022 01:37:20 +0100
apport (2.23.1-0ubuntu5) lunar; urgency=medium
* Declare python3-apport breaking older apport/apport-gtk/apport-kde
(LP: #1997759)
* build: Bump source/target Java version to 7
-- Benjamin Drung <bdrung@ubuntu.com> Mon, 05 Dec 2022 13:22:03 +0100
apport (2.23.1-0ubuntu4) lunar; urgency=medium
* etc/apport/crashdb.conf: Enable Launchpad crash reports for lunar
-- Benjamin Drung <bdrung@ubuntu.com> Tue, 15 Nov 2022 16:31:53 +0100
apport (2.23.1-0ubuntu3) kinetic; urgency=medium
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 22.10
release.
-- Utkarsh Gupta <utkarsh@ubuntu.com> Thu, 13 Oct 2022 10:39:02 +0530
apport (2.23.1-0ubuntu2) kinetic; urgency=medium
* tests: Determine source package dynamically in test_run_crash_kernel
(LP: #1992172)
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 07 Oct 2022 18:24:45 +0200
apport (2.23.1-0ubuntu1) kinetic; urgency=medium
* New upstream bug-fix release.
- Disable debuginfod when collecting a report (LP: #1989803)
- apport-cli: Fix AttributeError: 'bytes' object has no attribute 'fileno'
(LP: #1991200)
- apport-bug: Add `/snap/bin` to `PATH` for Firefox snap on Lubuntu
(LP: #1973470)
* Drop cherry-picked upstream patches
* tests: Fix path for installed apport-cli
-- Benjamin Drung <bdrung@ubuntu.com> Wed, 05 Oct 2022 16:25:48 +0200
apport (2.23.0-0ubuntu2) kinetic; urgency=medium
* tests: Wait for test process to be started (LP: #1989365)
* tests: Fix psutil.NoSuchProcess in wait_for_gdb_child_process
(LP: #1989371)
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 15 Sep 2022 14:04:42 +0200
apport (2.23.0-0ubuntu1) kinetic; urgency=medium
* New upstream release:
- apport-gtk:
- Gracefully handle import failure of gi (LP: #1980561)
- Catch AssertionError when importing Gdk (LP: #1980238)
- data/apport:
- Fix PermissionError for setuid programs inside container (LP: #1982487)
- Fix reading from stdin inside containers (LP: #1982555)
- apport-kde:
- Fix inverse order of choices (LP: #1967965)
- Import apport before usage (LP: #1980553)
- Drop old workaround for bug in SIP destructor (LP: #1980553)
- apport-unpack: Fix ValueError: ['separator'] has no binary content
(LP: #1889443)
- Fix _run_hook getting called with ui=None (LP: #1983481)
* Refresh patches and drop backported patches
* Fix pydocstyle and pylint complains in patches
-- Benjamin Drung <bdrung@ubuntu.com> Mon, 22 Aug 2022 22:31:55 +0200
apport (2.22.0-0ubuntu4) kinetic; urgency=medium
* tests: Use sleep instead of yes for tests
* apport: Initialize error log as first step
* Depend on python3-systemd for autopkgtest system-tests
-- Benjamin Drung <bdrung@ubuntu.com> Thu, 07 Jul 2022 20:44:02 +0200
apport (2.22.0-0ubuntu3) kinetic; urgency=medium
* tests: Fix killing test executable too early (LP: #1980390)
* tests: Fix test_add_gdb_info_script on armhf
* autopkgtest: Depend on Ubuntu keyring packages for system tests
* tests: Fix wrong Ubuntu archive URI on ports
* tests: Fix KeyError in test_install_packages_unversioned
* Fix trying to find debug packages for non-existing version
* tests: Upgrade APT tests to use Ubuntu 22.04 (jammy)
* tests: Fix IndexError in test_crash_setuid_drop
* tests: Print Apport log if no report is found
-- Benjamin Drung <bdrung@ubuntu.com> Wed, 06 Jul 2022 16:56:52 +0200
apport (2.22.0-0ubuntu2) kinetic; urgency=medium
* apport-gtk: Fix importing the wrong Gdk version
-- Benjamin Drung <bdrung@ubuntu.com> Tue, 28 Jun 2022 13:41:05 +0200
apport (2.22.0-0ubuntu1) kinetic; urgency=medium
* New upstream release:
- Replace `ProblemReport.get_date` by `ProblemReport.get_timestamp`, fixes
regression in 2.21.0 (LP: #1978487)
- apport-gtk: Exclude trailing dot from URL links (LP: #1978301)
- Fix `AttributeError`: 'NoneType' object has no attribute 'write', fixes
regression in 2.21.0 (LP: #1979211)
- apport_python_hook: Properly handle missing modules (LP: #1774843)
- apport_python_hook: Fix FileNotFoundError if the current directory was
deleted (LP: #1979637)
- apport_python_hook: Fix crash if os.getcwd() fails (LP: #1977954)
- Replace deprecated 'imp' module (LP: #1947425)
- whoopsie-upload-all: Fix 'EOFError' object has no attribute 'errno',
fixes regression in 2.21.0 (LP: #1979681)
* Fix KeyError: 'CasperMD5json'
-- Benjamin Drung <bdrung@ubuntu.com> Mon, 27 Jun 2022 12:03:00 +0200
apport (2.21.0-0ubuntu2) kinetic; urgency=medium
* tests: Use unlimited core ulimit for SIGQUIT test
* data/apport: Fix log file writing if chown/chmod fails
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 10 Jun 2022 15:39:32 +0200
apport (2.21.0-0ubuntu1) kinetic; urgency=medium
* New upstream release.
- data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654,
CVE-2022-28656)
- data/apport, apport/fileutils.py, test/test_fileutils.py: Validate
D-Bus socket location. (CVE-2022-28655)
- apport/fileutils.py, test/test_fileutils.py: Turn off interpolation
in get_config() to prevent DoS attacks. (CVE-2022-28652)
- Switch from chroot to container to validating socket owner.
(CVE-2022-1242, CVE-2022-28657)
- data/apport, etc/init.d/apport: Switch to using non-positional
arguments. Get real UID and GID from the kernel and make sure they
match the process. Also fix executable name space handling in
argument parsing. (CVE-2022-28658, CVE-2021-3899)
- Grab a slice of JournalErrors around the crash time (LP: #1962454)
* Switch to dpkg-source format 3.0 (quilt)
* Run unit and integration tests during package build
* Update autopkgtest (unit/integration and systems tests)
* Switch to debhelper 13
* Let apport depend on sensible-utils for sensible-pager
* Drop ancient X-Python3-Version
* Drop support for pre-cosmic upgrades
* Bump Standards-Version to 4.6.1
* Update debian/copyright
* Point Vcs-* URIs to git
* crashdb.conf: Enable Launchpad crash reports for kinetic
* Add upstream metadata
-- Benjamin Drung <bdrung@ubuntu.com> Fri, 10 Jun 2022 11:37:56 +0200
apport (2.20.11-0ubuntu82) jammy; urgency=medium
* whoopsie-upload-all:
- Catch zlib.error when decoding CoreDump from crash file (LP: #1947800)
- Catch FileNotFoundError during process_report (LP: #1867204)
-- Benjamin Drung <bdrung@ubuntu.com> Wed, 13 Apr 2022 22:20:41 +0200
apport (2.20.11-0ubuntu81) jammy; urgency=medium
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 22.04
release.
-- Brian Murray <brian@ubuntu.com> Tue, 12 Apr 2022 09:58:15 -0700
apport (2.20.11-0ubuntu80) jammy; urgency=medium
* kde/apport-kde: Ensure we are passing integers to setGeometry
(LP: #1965830)
-- Brian Murray <brian@ubuntu.com> Mon, 28 Mar 2022 12:34:10 -0700
apport (2.20.11-0ubuntu79) jammy; urgency=medium
* kde/apport-kde: when displaying a progress dialog ensure that we are using
an integer. (LP: #1964405)
-- Brian Murray <brian@ubuntu.com> Fri, 11 Mar 2022 10:41:47 -0800
apport (2.20.11-0ubuntu78) jammy; urgency=medium
[ Olivier Gayot ]
* Expect whoopsie to be started using path-based activation.
* Pass timeout option to apport-autoreport so that whoopsie has time to
upload all reports.
* Use timer-based activation for apport-autoreport in addition to path-based
activation (on modification of /var/crash).
* Some code cleanup in data/whoopsie-upload-all.
* Use unbuffered logging in data/whoopsie-upload-all.
* Touch the /var/crash directory in data/whoopsie-upload-all so that
whoopsie activates when needed.
* Stop removing .crash files after they are successfully uploaded by
whoopsie.
[ Brian Murray ]
* When collecting information about a snap gather some additional details,
thanks to Olivier Tilloy for the idea. (LP: #1960964)
* Update the recommended version of whoopsie for apport-noui.
-- Brian Murray <brian@ubuntu.com> Tue, 22 Feb 2022 17:13:48 -0800
apport (2.20.11-0ubuntu77) jammy; urgency=medium
* apport/ui.py: Error out when -w option is used on wayland (LP: #1952947).
-- Nick Rosbrook <nick.rosbrook@canonical.com> Tue, 15 Feb 2022 10:10:59 -0500
apport (2.20.11-0ubuntu76) jammy; urgency=medium
* data/package-hooks/ubuntu-desktop-installer.py: Add in a new package hook
which allows one to report bugs about the ubuntu-desktop-installer to the
appropriate project. Thanks to Sebastien Bacher for this hook.
* test/test_crashdb.py: convert the number to an integer before the truncate
call.
* test/test_backend_apt_dpkg.py: switch to using apt-helper instead of
apt-key to import the ddebs and ports.ubuntu.com keys.
-- Brian Murray <brian@ubuntu.com> Tue, 25 Jan 2022 09:58:45 -0800
apport (2.20.11-0ubuntu75) jammy; urgency=medium
* bin/apport-retrace: For releases which gdb doesn't search in the
debug-file-directory for .gnu_debugaltlink create a symlink from the
host's .dwz to the machine specific one to work around the issue.
(LP: #1818918)
-- Brian Murray <brian@ubuntu.com> Mon, 13 Dec 2021 20:17:57 -0800
apport (2.20.11-0ubuntu74) jammy; urgency=medium
[ Sebastien Bacher ]
* apport/ui.py: preserve XDG_DATA_DIRS for system reports, it's necessary
to be able to find a webbrowser installed from a snap like firefox.
(LP: #1951214)
-- Brian Murray <brian@ubuntu.com> Wed, 01 Dec 2021 14:12:32 -0800
apport (2.20.11-0ubuntu73) jammy; urgency=medium
* test/test_report.py: the abort tests are failing again as the backtrace
didn't have a program counter value in frame 1 or 2 so also check frame 3.
-- Brian Murray <brian@ubuntu.com> Mon, 01 Nov 2021 11:13:17 -0700
apport (2.20.11-0ubuntu72) jammy; urgency=medium
* etc/apport/crashdb.conf: Enable Launchpad crash reports for jammy.
-- Brian Murray <brian@ubuntu.com> Wed, 27 Oct 2021 05:35:34 -0700
apport (2.20.11-0ubuntu71) impish-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via core files
- refactor privilege dropping and create core files in a well-known
directory in apport/fileutils.py, apport/report.py, data/apport,
test/test_fileutils.py, test/test_report.py,
test/test_signal_crashes.py, test/test_ui.py.
- use systemd-tmpfiles to create and manage the well-known core file
directory in setup.py, data/systemd/apport.conf,
debian/apport.install.
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 18 Oct 2021 07:48:31 -0400
apport (2.20.11-0ubuntu70) impish; urgency=medium
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 21.10
release.
* debian/tests/upstream-system: Set /proc/sys/kernel/core_uses_pid to 0 as
that's the easiest way to fix tests that expect the core file to be named
core and not core.PID
-- Brian Murray <brian@ubuntu.com> Tue, 05 Oct 2021 19:47:24 -0700
apport (2.20.11-0ubuntu69) impish; urgency=medium
* SECURITY UPDATE: Arbitrary file read (LP: #1934308)
- data/general-hooks/ubuntu.py: don't attempt to include emacs
byte-compilation logs, they haven't been generated by the emacs
packages in a long time.
- CVE-2021-3709
* SECURITY UPDATE: Info disclosure via path traversal (LP: #1933832)
- apport/hookutils.py, test/test_hookutils.py: detect path traversal
attacks, and directory symlinks.
- CVE-2021-3710
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 26 Aug 2021 10:55:40 -0400
apport (2.20.11-0ubuntu68) impish; urgency=medium
* data/package-hooks/source_ubiquity.py: confirm that the key exists in the
report before trying to manipulate it. (LP: #1929292)
* backends/packaging-apt-dpkg.py: check to see if there is a different
package which provides the dependency.
* test/test_report.py: with glibc 2.34 abort tests started failing as the
backtrace didn't have a program counter value in frame 1 so check frame 1
or frame 2.
-- Brian Murray <brian@ubuntu.com> Thu, 19 Aug 2021 16:32:29 -0700
apport (2.20.11-0ubuntu67) impish; urgency=medium
* SECURITY UPDATE: Multiple arbitrary file reads (LP: #1917904)
- apport/hookutils.py: don't follow symlinks and make sure the file
isn't a FIFO in read_file().
- test/test_hookutils.py: added symlink tests.
- CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
CVE-2021-32555
* SECURITY UPDATE: info disclosure via modified config files spoofing
(LP: #1917904)
- backends/packaging-apt-dpkg.py: properly terminate arguments in
get_modified_conffiles.
- CVE-2021-32556
* SECURITY UPDATE: arbitrary file write (LP: #1917904)
- data/whoopsie-upload-all: don't follow symlinks and make sure the
file isn't a FIFO in process_report().
- CVE-2021-32557
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 18 May 2021 09:15:10 -0400
apport (2.20.11-0ubuntu66) impish; urgency=medium
* etc/apport/crashdb.conf: Enable Launchpad crash reports for impish.
-- Brian Murray <brian@ubuntu.com> Fri, 07 May 2021 15:39:35 -0700
apport (2.20.11-0ubuntu65) hirsute; urgency=medium
* test/test_backend_apt_dpkg.py: libc6 recommends packages, some of which
are not installed on buildds now, so switch to testing libc-bin which only
has dependencies and is what the test is supposed to test.
-- Brian Murray <brian@ubuntu.com> Wed, 14 Apr 2021 13:52:22 -0700
apport (2.20.11-0ubuntu64) hirsute; urgency=medium
* apport/hookutils.py: Do not crash when deleting CasperMD5json from the
report. (LP: #1923541)
-- Brian Murray <brian@ubuntu.com> Tue, 13 Apr 2021 07:25:43 -0700
apport (2.20.11-0ubuntu63) hirsute; urgency=medium
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 21.04
release.
-- Brian Murray <brian@ubuntu.com> Mon, 12 Apr 2021 10:34:56 -0700
apport (2.20.11-0ubuntu62) hirsute; urgency=medium
* apport/hookutils.py: spawn pkttyagent so that log files can be gathered as
root in a non-graphical environment (LP: #1821415). Thanks to Iain Lane
for the patch.
* apport/hookutils.py: root access is needed to read the
casper-md5check.json file so switch to using that. (LP: #1922937)
* data/general-hooks/ubuntu.py: improving tagging of bugs from images we
create so that they are tagged $arch-image and better identify Raspberry
Pi devices (LP: #1920837). Thanks to Dave Jones for the patch.
-- Brian Murray <brian@ubuntu.com> Wed, 07 Apr 2021 13:14:04 -0700
apport (2.20.11-0ubuntu61) hirsute; urgency=medium
* apport/hookutils.py: when creating KernLog with MAC information use
root_command_output with dmesg. Missed when fixing LP #1896095.
* data/general-hooks/ubuntu.py: tag bugs from Raspberry Pi images and RISCV
images appropriately. (LP: #1920837)
-- Brian Murray <brian@ubuntu.com> Wed, 24 Mar 2021 08:07:43 -0700
apport (2.20.11-0ubuntu60) hirsute; urgency=medium
* Drop dh-systemd build dependency.
-- Matthias Klose <doko@ubuntu.com> Wed, 10 Mar 2021 16:45:45 +0100
apport (2.20.11-0ubuntu59) hirsute; urgency=medium
* No change rebuild with fixed ownership.
-- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 16 Feb 2021 15:09:46 +0000
apport (2.20.11-0ubuntu58) hirsute; urgency=medium
[ Shivaram Lingamneni ]
* Remove dependency on python3-requests thereby reducing memory usage of
apport.
-- Brian Murray <brian@ubuntu.com> Mon, 15 Feb 2021 09:39:13 -0800
apport (2.20.11-0ubuntu57) hirsute; urgency=medium
* SECURITY UPDATE: multiple security issues (LP: #1912326)
- CVE-2021-25682: error parsing /proc/pid/status
- CVE-2021-25683: error parsing /proc/pid/stat
- CVE-2021-25684: stuck reading fifo
- data/apport: make sure existing report is a regular file.
- apport/fileutils.py: move some logic here to skip over manipulated
process names and filenames.
- test/test_fileutils.py: added some parsing tests.
-- Brian Murray <brian@ubuntu.com> Tue, 02 Feb 2021 12:42:44 -0800
apport (2.20.11-0ubuntu56) hirsute; urgency=medium
* test/test_backend_apt_dpkg.py: switch to using packages from the
apport-hackers PPA which are less likely to be deleted by random house
keeping.
* apport/hookutils.py: change the default value of CasperMD5CheckResult to
unknown as that more accurately reflects the case where the file does not
exist. Thanks to Walter Lapchynski for the fix.
-- Brian Murray <brian@ubuntu.com> Wed, 27 Jan 2021 15:34:23 -0800
apport (2.20.11-0ubuntu55) hirsute; urgency=medium
* data/apport: only drop supplemental groups if the user is root.
-- Brian Murray <brian@ubuntu.com> Wed, 02 Dec 2020 14:40:29 -0800
apport (2.20.11-0ubuntu54) hirsute; urgency=medium
* Fix for Python 3.9.
-- Matthias Klose <doko@ubuntu.com> Mon, 30 Nov 2020 17:18:23 +0100
apport (2.20.11-0ubuntu53) hirsute; urgency=medium
* Various security hardening fixes (LP: #1903332)
- apport/fileutils.py: drop privileges in the correct order, limit
settings file size.
- apport/apport/report.py: properly drop privileges, limit ignore file
size.
- data/apport: drop supplemental groups.
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 12 Nov 2020 09:41:34 -0500
apport (2.20.11-0ubuntu52) hirsute; urgency=medium
* apport/report.py, test/test_report.py, test/test_ui.py,
test/test_ui_gtk.py: handle the fact that gdb now returns a different
error message for truncated core files and patch out add_gdb_info from a
bunch of tests which don't need to run it.
-- Brian Murray <brian@ubuntu.com> Tue, 10 Nov 2020 12:46:41 -0800
apport (2.20.11-0ubuntu51) hirsute; urgency=medium
* data/apport: Modify the check for whether or not a process is running in
the same namespace so that crashes from processes running protected in the
system.slice are considered as being from the same namespace. (LP: #1870060)
* etc/apport/crashdb.conf: Enable Launchpad crash reports for 21.04.
-- Brian Murray <brian@ubuntu.com> Wed, 04 Nov 2020 13:40:41 -0800
apport (2.20.11-0ubuntu50) groovy; urgency=medium
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 20.10
release.
* data/apport: In the event that the crashing executable does not exist on
disk any more the path name of the executable (passed by core) is appended
with '(deleted)' because apport is currently using sys.argv for argument
parsing there end up being too many arguments and apport crashes. This is
fixed by adding handling for six arguments. (LP: #1899195)
-- Brian Murray <brian@ubuntu.com> Mon, 12 Oct 2020 13:44:05 -0700
apport (2.20.11-0ubuntu49) groovy; urgency=medium
* data/whoopsie-upload-all: Handle the case where the .crash file is newer
than the .uploaded file by removing the .uploaded and .upload files
thereby causing the crash to get submitted. (LP: #1891657)
-- Brian Murray <brian@ubuntu.com> Thu, 01 Oct 2020 15:41:28 -0700
apport (2.20.11-0ubuntu48) groovy; urgency=medium
* data/whoopsie-upload-all: When processing reports if a .crash file already
has a corresponding .uploaded file which is newer than the .crash file
remove the .crash file. This reduces the number of times the
apport-autoreport.service runs. (LP: #1891657)
-- Brian Murray <brian@ubuntu.com> Fri, 25 Sep 2020 14:49:27 -0700
apport (2.20.11-0ubuntu47) groovy; urgency=medium
[ Tiago Stürmer Daitx ]
* apport/ui.py: improve message when origin check fails as it can be
caused by empty apt list - candidate is limited to dpkg and we can't
tell where it came from. (LP: #1775219)
-- Brian Murray <brian@ubuntu.com> Mon, 21 Sep 2020 15:02:17 -0700
apport (2.20.11-0ubuntu46) groovy; urgency=medium
[ Brian Murray ]
* apport/hookutils.py: call dump_acpi_tables.py with root_command_output
thereby avoiding a PermissionError.
* data/dump_acpi_tables.py: If the user cannot read the acpi tables don't
try and print them. (LP: #1895865)
* apport/hookutils.py: use root_command_output to gather dmesg rather than
failing to include it. (LP: #1896095)
[ YC Cheng ]
* bin/oem-getlogs: add ucm2 directory. Per Hui Wang, ucm3 also
use ucm2 directory. (LP: #1893899)
* apport/hookutils.py: add new pa-info command in pulseaudio
pre requested by Hui Wang. (LP: #1893899)
-- Brian Murray <brian@ubuntu.com> Mon, 21 Sep 2020 10:19:02 -0700
apport (2.20.11-0ubuntu45) groovy; urgency=medium
[ YC Cheng ]
* apport/hookutils.py: add acpidump using built-in dump_acpi_tables.py.
(LP: #1888352)
* bin/oem-getlogs: add "-E" in the usage, since we'd like to talk to
pulseaudio session and that need environment infomation. Also remove
acpidump since we will use the one from hook.
[ Brian Murray ]
* data/general-hooks/ubuntu.py: Check for /var/run/reboot-required.pkgs and
add it to the report as RebootRequiredPkgs.
-- Brian Murray <brian@ubuntu.com> Wed, 26 Aug 2020 15:57:02 -0700
apport (2.20.11-0ubuntu44) groovy; urgency=medium
* SECURITY UPDATE: information disclosure issue (LP: #1885633)
- data/apport: also drop gid when checking if user session is closing.
- CVE-2020-11936
* SECURITY UPDATE: crash via malformed ignore file (LP: #1877023)
- apport/report.py: don't crash on malformed mtime values.
- CVE-2020-15701
* SECURITY UPDATE: TOCTOU in core file location
- data/apport: make sure the process hasn't been replaced after Apport
has started.
- CVE-2020-15702
* apport/ui.py, test/test_ui.py: make sure a PID is specified when using
--hanging (LP: #1876659)
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 31 Jul 2020 09:10:30 -0400
apport (2.20.11-0ubuntu43) groovy; urgency=medium
* d/control: Offer real package alternatives along with x-terminal-server
for apport-gtk and apport-kde (LP: #1881976).
-- Dariusz Gadomski <dgadomski@ubuntu.com> Thu, 23 Jul 2020 08:52:46 +0200
apport (2.20.11-0ubuntu42) groovy; urgency=medium
* Fix pep8 errors regarding ambiguous variables.
-- Brian Murray <brian@ubuntu.com> Wed, 24 Jun 2020 09:15:51 -0700
apport (2.20.11-0ubuntu41) groovy; urgency=medium
[ Daniel Watkins ]
* apport/crashdb_impl/launchpad.py: ensure that project will always be set
in get_comment_url. (LP: #1884221)
[ Brian Murray ]
* data/dump_acpi_tables.py: update the output thanks to Alex Hung for the
patch. (LP: #1883027)
-- Brian Murray <brian@ubuntu.com> Tue, 23 Jun 2020 16:02:46 -0700
apport (2.20.11-0ubuntu40) groovy; urgency=medium
* Build-depend on python3-requests-unixsocket.
-- Brian Murray <brian@ubuntu.com> Wed, 10 Jun 2020 12:30:43 -0700
apport (2.20.11-0ubuntu39) groovy; urgency=medium
* Add functionality to apport so that ubuntu-bug can be used to report a bug
about a snap using information from the snap's contact field. Thanks to
Lukas Märdian for the patch. (LP: #1861082)
-- Brian Murray <brian@ubuntu.com> Wed, 10 Jun 2020 11:25:22 -0700
apport (2.20.11-0ubuntu38) groovy; urgency=medium
* apport/report.py: If the user is not a part of any system groups then
set UserGroups to 'N/A'. (LP: #1427600)
-- Brian Murray <brian@ubuntu.com> Wed, 03 Jun 2020 15:32:17 -0700
apport (2.20.11-0ubuntu37) groovy; urgency=medium
* apport/report.py: If the user is not a part of any system groups then
set UserGroups to an empty string. (LP: #1427600)
-- Brian Murray <brian@ubuntu.com> Tue, 02 Jun 2020 10:19:45 -0700
apport (2.20.11-0ubuntu36) groovy; urgency=medium
* Build-depend on pyflakes3, not obsolete pyflakes.
-- Steve Langasek <steve.langasek@ubuntu.com> Wed, 20 May 2020 08:18:11 -0700
apport (2.20.11-0ubuntu35) groovy; urgency=medium
* kde/apport-kde: Stop showing 'text' instead of a useful string. Thanks to
Launchpad user Niklas Sombert for the patch. (LP: #1879150)
-- Brian Murray <brian@ubuntu.com> Mon, 18 May 2020 10:28:25 -0700
apport (2.20.11-0ubuntu34) groovy; urgency=medium
* apport_python_hook.py: if python apt modules are not built for the python
version then do capture the crash. (LP: #1774843)
-- Brian Murray <brian@ubuntu.com> Wed, 13 May 2020 16:17:11 -0700
apport (2.20.11-0ubuntu33) groovy; urgency=medium
[ Olivier Tilloy ]
* gtk/apport-gtk: upgrade regular expression used to match URLs in free text
(LP: #1871185)
-- Brian Murray <brian@ubuntu.com> Thu, 07 May 2020 14:54:20 -0700
apport (2.20.11-0ubuntu32) groovy; urgency=medium
* debian/apport.install: Add in a source package hook for linux-meta-raspi
which provides linux-raspi and linux-raspi2. (LP: #1876952)
-- Brian Murray <brian@ubuntu.com> Tue, 05 May 2020 09:29:28 -0700
apport (2.20.11-0ubuntu31) groovy; urgency=medium
* data/general-hooks/ubuntu.py: collect ImageMediaBuild information which
exists on preinstalled RPi images. (LP: #1876945)
-- Brian Murray <brian@ubuntu.com> Tue, 05 May 2020 08:37:39 -0700
apport (2.20.11-0ubuntu30) groovy; urgency=medium
* Add in a source package hook symlink for linux-firmware. (LP: #1872059)
-- Brian Murray <brian@ubuntu.com> Tue, 05 May 2020 08:11:39 -0700
apport (2.20.11-0ubuntu29) groovy; urgency=medium
* debian/apport.install: remove linux 5.4 versioned package hooks.
* debian/apport.install: add linux-raspi, linux-raspi2 package hooks.
* etc/apport/crashdb.conf: Enable Launchpad crash reports for 20.10
release.
-- Brian Murray <brian@ubuntu.com> Mon, 04 May 2020 16:25:15 -0700
apport (2.20.11-0ubuntu28) groovy; urgency=medium
* Point Vcs-Bzr to groovy branch
* debian/tests/control: Depend on python3-twisted, not python-twisted-core
-- Julian Andres Klode <juliank@ubuntu.com> Sun, 26 Apr 2020 14:02:39 +0200
apport (2.20.11-0ubuntu27) focal; urgency=medium
* backends/packaging-apt-dpkg.py, apport/sandboxutils.py: Add modifications
to the retracing process to resolve failures to retrace due to user merge
changes.
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 20.04
release.
-- Brian Murray <brian@ubuntu.com> Wed, 15 Apr 2020 17:01:49 -0700
apport (2.20.11-0ubuntu26) focal; urgency=medium
* apport/hookutils.py, data/general-hooks/ubuntu.py: Add in a hook which
will add the results of the casper-md5check to all bug reports.
(LP: #1870408)
-- Brian Murray <brian@ubuntu.com> Wed, 08 Apr 2020 15:46:56 -0700
apport (2.20.11-0ubuntu25) focal; urgency=medium
[ Brian Murray ]
* apport/hookutils.py: Add in "lspci -vt" output for the HWE team.
[ Dimitri John Ledkov ]
* data/general-hooks/powerpc.py: Hande reports without a package, such
as against subiquity snap, otherwise the hook crashes subiquity, which
is trying to generate a crash report. LP: #1871434
* data/package-hooks/subiquity.py: Fix typpo in subiquity hook, readline
from fp, not from filename.
-- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 07 Apr 2020 20:04:10 +0100
apport (2.20.11-0ubuntu24) focal; urgency=medium
* bin/apport-unpack: Handle gzip'ed files, thanks to Yuan-Chen Cheng for the
patch. (LP: #1859581)
-- Brian Murray <brian@ubuntu.com> Fri, 03 Apr 2020 10:38:06 -0700
apport (2.20.11-0ubuntu23) focal; urgency=medium
* With Michael Hudson-Doyle add a package hook to allow subiquity problems
to be reported from the installed system and about the subuquity project.
-- Brian Murray <brian@ubuntu.com> Fri, 03 Apr 2020 09:33:54 -0700
apport (2.20.11-0ubuntu22) focal; urgency=medium
* SECURITY UPDATE: World writable root owned lock file created in user
controllable location (LP: #1862348)
- data/apport: Change location of lock file to be directly under
/var/run so that regular users can not directly access it or perform
symlink attacks.
- CVE-2020-8831
* SECURITY UPDATE: Race condition between report creation and ownership
(LP: #1862933)
- data/apport: When setting owner of report file use a file-descriptor
to the report file instead of its path name to ensure that users can
not cause Apport to change the ownership of other files via a
symlink attack.
- CVE-2020-8833
-- Alex Murray <alex.murray@canonical.com> Wed, 25 Mar 2020 11:28:58 +1030
apport (2.20.11-0ubuntu21) focal; urgency=medium
[ Brian Murray ]
* backends/packaging-apt-dpkg.py: allow mirrors which are accessed via https
in sources.list. Thanks to Launchpad user Esokrates for the fix.
(LP: #1866996)
* backends/packaging-apt-dpkg.py: when downloading packages from Launchpad
do not require them to be authenticated.
* test/test_backend_apt_dpkg.py: Fix check for connectivity and modify
install from PPA test for a change in the PPA being tested.
[ Matthieu Clemenceau ]
* test/test_ui.py: Removed linux package version to fix autopkgtest with
focal. Changed linux-5.4 and linux-signed-5.4 to linux and linux-signed
-- Brian Murray <brian@ubuntu.com> Thu, 12 Mar 2020 15:46:30 -0700
apport (2.20.11-0ubuntu20) focal; urgency=medium
* test/test_report.py: resolve test failure with new glibc output.
-- Brian Murray <brian@ubuntu.com> Tue, 10 Mar 2020 08:41:28 -0700
apport (2.20.11-0ubuntu19) focal; urgency=medium
* apport/report.py: do not return a duplicate signature when we are unable
to access ProcMaps as that is necessary to create one. (LP: #1866347)
* apport/ui.py: Always allow users to use ubuntu-bug or apport-collect
regardless of the Problem Reporting setting as they are manually invoked
and not automatically generated like a crash report. (LP: #1814611)
-- Brian Murray <brian@ubuntu.com> Mon, 09 Mar 2020 15:18:42 -0700
apport (2.20.11-0ubuntu18) focal; urgency=medium
* data/whoopsie-upload-all: append to the crash report using fdopen and open
from os to cope with protected_regular being set to 1. (LP: #1848064)
-- Brian Murray <brian@ubuntu.com> Sat, 22 Feb 2020 06:56:37 -0800
apport (2.20.11-0ubuntu17) focal; urgency=medium
[ Brian Murray ]
* Add in a source package hook symlinks for linux-signed-5.4,
linux-signed-oem-5.4, linux-oem-5.4, and linux-5.4. (LP: #1861446)
* Remove obsolete package hook for Nexus 7 devices.
[ Tiago Stürmer Daitx ]
* Fix Python 2/3 support. (LP: #1853383)
-- Brian Murray <brian@ubuntu.com> Fri, 21 Feb 2020 13:16:54 -0800
apport (2.20.11-0ubuntu16) focal; urgency=medium
* SECURITY REGRESSION: 'module' object has no attribute 'O_PATH'
(LP: #1851806)
- apport/report.py, apport/ui.py: use file descriptors for /proc/pid
directory access only when running under python 3; prevent reading /proc
maps under python 2 as it does not provide a secure way to do so; use
io.open for better compatibility between python 2 and 3.
* data/apport: fix number of arguments passed through socks into a container.
* test/test_report.py: test login session with both pid and proc_pid_fd.
-- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Mon, 06 Jan 2020 13:28:40 +0000
apport (2.20.11-0ubuntu15) focal; urgency=medium
* etc/apport/crashdb.conf: Enable Launchpad crash reports for focal.
-- Brian Murray <brian@ubuntu.com> Fri, 20 Dec 2019 10:35:17 -0800
apport (2.20.11-0ubuntu14) focal; urgency=medium
* apport/report.py, test/test_report.py: handle the fact that gdb now
returns a different error message for truncated core files in some cases.
* bin/oem-getlogs: add in script for getting hardware enablement related
logs. Thanks to Yuan-Chen Cheng for the code. (LP: #1841157)
* apport/hookutils.py: also gather lsusb -v and lsusb -t. Thanks to
Yuan-Chen Cheng for the patch.
* bin/oem-getlogs: Various pep8 / pyflakes fixes.
-- Brian Murray <brian@ubuntu.com> Fri, 13 Dec 2019 08:41:58 -0800
apport (2.20.11-0ubuntu13) focal; urgency=medium
[ Brian Murray ]
* Create additional symlinks to the source_linux.py apport package hook for
many OEM kernels. Thanks to You-Sheng Yang for the patch. (LP: #1847967)
[ Michael Hudson-Doyle ]
* Fix autopkgtest failures since recent security update: (LP: #1854237)
- Fix regression in creating report for crashing setuid process by getting
kernel to tell us the executable path rather than reading
/proc/[pid]/exe.
- Fix deletion of partially written core files.
- Fix test_get_logind_session to use new API.
- Restore add_proc_info raising ValueError for a dead process.
- Delete test_lock_symlink, no longer applicable now that the lock is
created in a directory only root can write to.
-- Michael Hudson-Doyle <michael.hudson@ubuntu.com> Fri, 06 Dec 2019 08:57:09 +1300
apport (2.20.11-0ubuntu12) focal; urgency=medium
[ Steve Langasek ]
* Drop python2 bindings.
[ Tiago Stürmer Daitx ]
* debian/control: point VCS to focal repository.
-- Steve Langasek <steve.langasek@ubuntu.com> Tue, 03 Dec 2019 10:46:40 -0800
apport (2.20.11-0ubuntu11) focal; urgency=medium
* SECURITY REGRESSION: missing argument in Report.add_proc_environ
call (LP: #1850929)
- apport/report.py: call add_proc_environ using named arguments
and move proc_pid_dir keyword to last to keep api compatibility.
-- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Tue, 05 Nov 2019 02:49:27 +0000
apport (2.20.11-0ubuntu10) focal; urgency=medium
* SECURITY UPDATE: apport reads arbitrary files if ~/.config/apport/settings
is a symlink (LP: #1830862)
- apport/fileutils.py: drop permissions before reading user settings file.
- CVE-2019-11481
* SECURITY UPDATE: TOCTTOU race conditions and following symbolic
links when creating a core file (LP: #1839413)
- data/apport: use file descriptor to reference to cwd instead
of strings.
- CVE-2019-11482
* SECURITY UPDATE: fully user controllable lock file due to lock file
being located in world-writable directory (LP: #1839415)
- data/apport: create and use lock file from /var/lock/apport.
- CVE-2019-11485
* SECURITY UPDATE: per-process user controllable Apport socket file
(LP: #1839420)
- data/apport: forward crashes only under a valid uid and gid,
thanks Stéphane Graber for the patch.
- CVE-2019-11483
* SECURITY UPDATE: PID recycling enables an unprivileged user to
generate and read a crash report for a privileged process (LP: #1839795)
- data/apport: drop permissions before adding proc info (special thanks
to Kevin Backhouse for the patch)
- data/apport, apport/report.py, apport/ui.py: only access or open
/proc/[pid] through a file descriptor for that directory.
- CVE-2019-15790
-- Tiago Stürmer Daitx <tiago.daitx@ubuntu.com> Tue, 29 Oct 2019 05:23:08 +0000
apport (2.20.11-0ubuntu9) focal; urgency=medium
* Use an SRU-safe substring when checking for the available version of
aspell-doc in xenial, since aspell *did* have an SRU.
-- Steve Langasek <steve.langasek@ubuntu.com> Tue, 22 Oct 2019 14:07:14 -0700
apport (2.20.11-0ubuntu8) eoan; urgency=medium
* Removed general hook which would gather information about click packages.
* data/package-hooks/source_ubiquity: pass on a KeyError when adding
installation logs.
* etc/apport/crashdb.conf: Disable Launchpad crash reports for 19.04
release.
-- Brian Murray <brian@ubuntu.com> Wed, 09 Oct 2019 14:23:27 -0700
apport (2.20.11-0ubuntu7) eoan; urgency=medium
* Resolve pycodestyle issues.
-- Brian Murray <brian@ubuntu.com> Mon, 22 Jul 2019 14:23:42 -0700
apport (2.20.11-0ubuntu6) eoan; urgency=medium
* apport/ui.py: When saving a report for later processing if the filename
to save it to ends with .gz then gzip the report file. Thanks to Yuan-Chen
Cheng for the patch. (LP: #1837174)
-- Brian Murray <brian@ubuntu.com> Mon, 22 Jul 2019 12:20:34 -0700
apport (2.20.11-0ubuntu5) eoan; urgency=medium
* SECURITY UPDATE: TOCTOU issue allows local user to read arbitrary
files (LP: #1830858)
- apport/report.py: Avoid TOCTOU issue on users ignore file by
dropping privileges and then opening the file both test for access and
open the file in a single operation, instead of using access() before
reading the file which could be abused by a symlink to cause Apport to
read and embed an arbitrary file in the resulting crash dump.
- CVE-2019-7307
* data/general-hooks/ubuntu.py: system-image-cli is no longer included in
Ubuntu and we do not need SystemImageInfo any more.
-- Brian Murray <brian@ubuntu.com> Tue, 09 Jul 2019 12:33:44 -0700
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog apport-core-dump-handler`.
Generated by dwww version 1.16 on Tue Dec 16 16:52:43 CET 2025.