** Also affects: apport (Arch Linux)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage notifications
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage notifications
** Changed in: apport
Assignee: kitty sanders (towncutie2233) => Martin Pitt (pitti)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged
** Changed in: apport
Assignee: Martin Pitt (pitti) => kitty sanders (towncutie2233)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged
** Changed in: apport (Debian)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage n
This bug was fixed in the package apport - 2.12.6-0ubuntu1
---
apport (2.12.6-0ubuntu1) trusty; urgency=low
* New upstream security/bug fix release:
- SECURITY FIX: For setuid programs which drop their privileges after
startup, make the report and core dumps owned by root,
** Changed in: apport (Debian)
Status: Unknown => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage notifi
** Changed in: apport (Ubuntu Trusty)
Status: Triaged => Fix Committed
** Bug watch added: Debian Bug tracker #727661
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727661
** Also affects: apport (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727661
Importance: Un
Fixed in upstream release 2.12.6:
https://launchpad.net/apport/trunk/2.12.6
** Description changed:
Elsewhere I have been working on a sensitive information leak via core
dump generated by gcore(1).
The sensitive information in question is read by a stock setuid root
binary executed by
** Branch linked: lp:apport
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage notifications about this bug go to:
https://b
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage notifications about this bug go to:
https://bugs.lau
This bug was fixed in the package apport - 2.12.5-0ubuntu2.1
---
apport (2.12.5-0ubuntu2.1) saucy-security; urgency=low
* SECURITY UPDATE: incorrect permissions on setuid process core dumps
(LP: #1242435)
- use correct permissions when writing the core file in data/apport,
This bug was fixed in the package apport - 2.6.1-0ubuntu13
---
apport (2.6.1-0ubuntu13) quantal-security; urgency=low
* SECURITY UPDATE: incorrect permissions on setuid process core dumps
(LP: #1242435)
- use correct permissions when writing the core file in data/apport,
This bug was fixed in the package apport - 2.0.1-0ubuntu17.6
---
apport (2.0.1-0ubuntu17.6) precise-security; urgency=low
* SECURITY UPDATE: incorrect permissions on setuid process core dumps
(LP: #1242435)
- use correct permissions when writing the core file in data/apport,
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435
Title:
Desktop setuid cores readable by non-privileged user
To manage noti
This bug was fixed in the package apport - 2.9.2-0ubuntu8.5
---
apport (2.9.2-0ubuntu8.5) raring-security; urgency=low
* SECURITY UPDATE: incorrect permissions on setuid process core dumps
(LP: #1242435)
- use correct permissions when writing the core file in data/apport,
17 matches
Mail list logo
