Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : apport update (USN-1668-1)

Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Dan Rosenberg discovered that an application running under an AppArmor
profile that allowed unconfined execution of apport-bug could escape
confinement by calling apport-bug with a crafted environment. While
not a vulnerability in apport itself, this update mitigates the issue
by sanitizing certain variables in the apport-bug shell script.

Solution :

Update the affected apport package.

Risk factor :

High

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 63288 ()

Bugtraq ID:

CVE ID: