First published: Tue Sep 14 2021(Updated: )
USN-5077-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/apport | <2.20.1-0ubuntu2.30+esm2 | 2.20.1-0ubuntu2.30+esm2 |
Ubuntu Ubuntu | =16.04 | |
All of | ||
ubuntu/python-apport | <2.20.1-0ubuntu2.30+esm2 | 2.20.1-0ubuntu2.30+esm2 |
Ubuntu Ubuntu | =16.04 | |
All of | ||
ubuntu/python3-apport | <2.20.1-0ubuntu2.30+esm2 | 2.20.1-0ubuntu2.30+esm2 |
Ubuntu Ubuntu | =16.04 | |
All of | ||
ubuntu/apport | <2.14.1-0ubuntu3.29+esm8 | 2.14.1-0ubuntu3.29+esm8 |
Ubuntu Ubuntu | =14.04 | |
All of | ||
ubuntu/python-apport | <2.14.1-0ubuntu3.29+esm8 | 2.14.1-0ubuntu3.29+esm8 |
Ubuntu Ubuntu | =14.04 | |
All of | ||
ubuntu/python3-apport | <2.14.1-0ubuntu3.29+esm8 | 2.14.1-0ubuntu3.29+esm8 |
Ubuntu Ubuntu | =14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the Apport vulnerabilities is USN-5077-2.
The Apport vulnerabilities affect Ubuntu 14.04 ESM and Ubuntu 16.04 ESM with specific versions of Apport and related packages.
To fix the Apport vulnerabilities, update to version 2.20.1-0ubuntu2.30+esm2 for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
You can find more information about the Apport vulnerabilities in the Ubuntu Security Notices USN-5077-1.
The severity of the Apport vulnerabilities is not specified.