[Bug 1242435] Re: Desktop setuid cores readable by non-privileged user

Launchpad Bug Tracker Thu, 24 Oct 2013 10:03:58 -0700

This bug was fixed in the package apport - 2.12.5-0ubuntu2.1

---------------
apport (2.12.5-0ubuntu2.1) saucy-security; urgency=low


  * SECURITY UPDATE: incorrect permissions on setuid process core dumps
    (LP: #1242435)
    - use correct permissions when writing the core file in data/apport,
      added test to test/test_signal_crashes.py.
    - Thanks to Martin Pitt for the patch!
    - CVE-2013-1067
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Wed, 23 Oct 2013 12:50:57 
-0400

** Changed in: apport (Ubuntu Saucy)
       Status: Triaged => Fix Released

** Changed in: apport (Ubuntu Quantal)
       Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1242435

Title:
  Desktop setuid cores readable by non-privileged user

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1242435/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1242435] Re: Desktop setuid cores readable by non-privileged user

Reply via email to