~ubuntu-core-dev/ubuntu/utopic/apport/ubuntu

Viewing all changes in revision 2374.

  • Committer: Martin Pitt
  • Date: 2015-05-13 09:44:51 UTC
  • Revision ID: martin.pitt@canonical.com-20150513094451-mg3tca3ks2yg1cm4
SECURITY UPDATE: When writing a core dump file for a crashed packaged
program, don't close and reopen the .crash report file but just rewind and
re-read it. This prevents the user from modifying the .crash report file
while "apport" is running to inject data and creating crafted core dump
files. In conjunction with the above vulnerability of writing core dump
files to arbitrary directories this could be exploited to gain root
privileges.
Thanks to Philip Pettersson for discovering this issue!
(CVE-2015-1325, LP: #1453900)

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: