This bug was fixed in the package apport - 2.12.6-0ubuntu1 --------------- apport (2.12.6-0ubuntu1) trusty; urgency=low
* New upstream security/bug fix release: - SECURITY FIX: For setuid programs which drop their privileges after startup, make the report and core dumps owned by root, to avoid possible data disclosure. Also, change core dump files to permissions "0600". Thanks to Martin Carpenter for discovering this! (CVE-2013-1067, LP: #1242435) - sandboxutils.needed_runtime_packages(): Create cache directory for Contents.gz if missing. (LP: #933199) - apt/dpkg: Recognize options in apt sources.list. (LP: #1238620) * Move Vcs-Bzr to trusty branch. -- Martin Pitt <martin.p...@ubuntu.com> Fri, 25 Oct 2013 06:49:19 +0200 ** Changed in: apport (Ubuntu) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-1067 -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1238620 Title: apport-retrace doesn't work with [arch=foo] in the deb line Status in “apport” package in Ubuntu: Fix Released Bug description: I used [arch=armhf] to work around bug #1238616, but apport-retrace doesn't seem to support that syntax and chooses ddebs to download the Contents file from. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1238620/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp