The attachment "unhandled-XML-exception.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1877023 Title: Unhandled exception in check_ignored() Status in apport package in Ubuntu: New Bug description: Hi, I have found a security issue on apport 2.20.11 and earlier. ## Vulnerability apport 2.20.11 and earlier have an unhandled exception vulnerability during parsing apport-ignore.xml. An attacker can cause a denial of service (i.e., application crash) via a crafted apport-ignore.xml file. ## Description Reports can be suppressed by blacklisting in apport-ignore.xml. This is an example of apport-ignore.xml <?xml version="1.0" ?> <apport> <ignore mtime="1461374304" program="/opt/sublime_text/sublime_text"/> <ignore mtime="1453471676" program="/bin/sleep"/> <ignore mtime="1452699271" program="/usr/bin/strace"/> </apport> Unfortunately, it may cause an unhandled exception when 'mtime' attribute is specified as a string value, not a number like this. <?xml version="1.0" ?> <apport> <ignore mtime="string" program="/bin/sleep"/> </apport> It may disrupt apport service and allow an attacker to potentially enable a denial of service via local access. The flaw lies in improper exception handling of 'mtime' attribute in apport-ignore.xml (see https://git.launchpad.net/ubuntu/+source/apport/tree/apport/report.py?h=applied/ubuntu/devel#n1104). ## Log Here is /var/log/apport.log when the above exception occurs. ERROR: apport (pid 25904) Tue May 5 18:38:21 2020: Unhandled exception: Traceback (most recent call last): File "/usr/share/apport/apport", line 629, in <module> if info.check_ignored(): File "/usr/lib/python3/dist-packages/apport/report.py", line 1082, in check_ignored if float(ignore.getAttribute('mtime')) >= cur_mtime: ValueError: could not convert string to float: 'string' Sincerely, To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1877023/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
