[ubuntu/kinetic-proposed] apport 2.21.0-0ubuntu1 (Accepted)

Benjamin Drung bdrung at ubuntu.com
Fri Jun 10 10:05:14 UTC 2022 

apport (2.21.0-0ubuntu1) kinetic; urgency=medium

  * New upstream release.
    - data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654,
      CVE-2022-28656)
    - data/apport, apport/fileutils.py, test/test_fileutils.py: Validate
      D-Bus socket location. (CVE-2022-28655)
    - apport/fileutils.py, test/test_fileutils.py: Turn off interpolation
      in get_config() to prevent DoS attacks. (CVE-2022-28652)
    - Switch from chroot to container to validating socket owner.
      (CVE-2022-1242, CVE-2022-28657)
    - data/apport, etc/init.d/apport: Switch to using non-positional
      arguments. Get real UID and GID from the kernel and make sure they
      match the process. Also fix executable name space handling in
      argument parsing. (CVE-2022-28658, CVE-2021-3899)
    - Grab a slice of JournalErrors around the crash time (LP: #1962454)
  * Switch to dpkg-source format 3.0 (quilt)
  * Run unit and integration tests during package build
  * Update autopkgtest (unit/integration and systems tests)
  * Switch to debhelper 13
  * Let apport depend on sensible-utils for sensible-pager
  * Drop ancient X-Python3-Version
  * Drop support for pre-cosmic upgrades
  * Bump Standards-Version to 4.6.1
  * Update debian/copyright
  * Point Vcs-* URIs to git
  * crashdb.conf: Enable Launchpad crash reports for kinetic
  * Add upstream metadata

Date: Fri, 10 Jun 2022 11:37:56 +0200
Changed-By: Benjamin Drung <bdrung at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/apport/2.21.0-0ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 10 Jun 2022 11:37:56 +0200
Source: apport
Built-For-Profiles: noudeb
Architecture: source
Version: 2.21.0-0ubuntu1
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Benjamin Drung <bdrung at ubuntu.com>
Launchpad-Bugs-Fixed: 1962454
Changes:
 apport (2.21.0-0ubuntu1) kinetic; urgency=medium
 .
   * New upstream release.
     - data/apport: Limit memory and duration of gdbus call. (CVE-2022-28654,
       CVE-2022-28656)
     - data/apport, apport/fileutils.py, test/test_fileutils.py: Validate
       D-Bus socket location. (CVE-2022-28655)
     - apport/fileutils.py, test/test_fileutils.py: Turn off interpolation
       in get_config() to prevent DoS attacks. (CVE-2022-28652)
     - Switch from chroot to container to validating socket owner.
       (CVE-2022-1242, CVE-2022-28657)
     - data/apport, etc/init.d/apport: Switch to using non-positional
       arguments. Get real UID and GID from the kernel and make sure they
       match the process. Also fix executable name space handling in
       argument parsing. (CVE-2022-28658, CVE-2021-3899)
     - Grab a slice of JournalErrors around the crash time (LP: #1962454)
   * Switch to dpkg-source format 3.0 (quilt)
   * Run unit and integration tests during package build
   * Update autopkgtest (unit/integration and systems tests)
   * Switch to debhelper 13
   * Let apport depend on sensible-utils for sensible-pager
   * Drop ancient X-Python3-Version
   * Drop support for pre-cosmic upgrades
   * Bump Standards-Version to 4.6.1
   * Update debian/copyright
   * Point Vcs-* URIs to git
   * crashdb.conf: Enable Launchpad crash reports for kinetic
   * Add upstream metadata
Checksums-Sha1:
 52f281b1a4c9651deea27b9ddb301ee3b7610cac 3285 apport_2.21.0-0ubuntu1.dsc
 87b107d999fe356e0b369f49b3498ce8da910eb5 626152 apport_2.21.0.orig.tar.xz
 f4d8fcb82379b61e70894b916a79a52e3f69bd0c 833 apport_2.21.0.orig.tar.xz.asc
 6feec01f853399fa5961b5f6a01a3a365927e8fd 145732 apport_2.21.0-0ubuntu1.debian.tar.xz
 70a5306e8748929d2234b295ac7aab730fa97ce8 9252 apport_2.21.0-0ubuntu1_source.buildinfo
Checksums-Sha256:
 002272d4825e25dd4b76291c6250a43169457f5d3341cc466a649140c358d698 3285 apport_2.21.0-0ubuntu1.dsc
 ccd0b0adb4e7a6d68b64397f3fcec48921d783b0d8aa8ec38d919ea144a60d4f 626152 apport_2.21.0.orig.tar.xz
 3ad7e9315eddbd77135b0cc247cec7a4e9d1dcd171165315db83706b0be6dcfe 833 apport_2.21.0.orig.tar.xz.asc
 40aea62f5cfc98cdc4983c714b74ede9057c6f704d01e2ac0ba464b353501f50 145732 apport_2.21.0-0ubuntu1.debian.tar.xz
 9447fb6d393f0f7d50b26928dae9b5f4f5867014da7ea87f19b3d47d9b262b2d 9252 apport_2.21.0-0ubuntu1_source.buildinfo
Files:
 0ee35ed88047ac1393bba5c0c55d286c 3285 utils optional apport_2.21.0-0ubuntu1.dsc
 9483b4a29cb1436d01b1b6aaaad45e63 626152 utils optional apport_2.21.0.orig.tar.xz
 239a4a6e633bcb69fa4d5cd6b4ce9de7 833 utils optional apport_2.21.0.orig.tar.xz.asc
 bfc19b0c6f96422b728fdf4e79b051ab 145732 utils optional apport_2.21.0-0ubuntu1.debian.tar.xz
 856625c5aa1699a9437f2ceceab04d6f 9252 utils optional apport_2.21.0-0ubuntu1_source.buildinfo

More information about the kinetic-changes mailing list