** Summary changed: - [SRU] SRU 1.33 + [SRU] SRU 2.33
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/2114137 Title: [SRU] SRU 2.33 Status in apport package in Ubuntu: New Bug description: * New upstream release - SECURITY UPDATE: Report file insecure permissions (LP: #2106338) + Do not change report group to report owner's primary group. + CVE-2025-5467 - SECURITY UPDATE: Race condition when forwarding core files to containers (LP: #2107472) + apport: move consistency_checks call further up + apport: do not override options.pid + apport: open /proc/<pid> as early as possible + fileutils: respect proc_pid_fd in get_core_path + apport: use opened /proc/<pid> everywhere + apport: do consistency check before forwarding crashes + apport: require --dump-mode to be specified + apport: determine report owner by dump_mode + apport: do not forward crash for dump_mode == 2 + apport: support pidfd (%F) parameter from kernel + CVE-2025-5054 - test: support coreutils rename to gnu-coreutils (LP: #2111595) - setuptools/java: use snakecase for option name (LP: #2111595) - apport: look for the exe within the proc root mount (LP: #2112272) * Depend on gnu-coreutils for integration/system tests * Depend on python3-pytest-cov in addition to python3-pytest * Drop patches applied upstream and refresh remaining patches * Address some Pyright complaints in ubuntu general hook To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2114137/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
