USN-2007-1: Apport vulnerability
24 October 2013
Apport could be made to expose privileged information.
- apport - automatically generate crash reports for debugging
Martin Carpenter discovered that Apport set incorrect permissions on core
dump files generated by setuid binaries. A local attacker could possibly
use this issue to obtain privileged information.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.