Security fixes for: * CVE-2015-3315 * CVE-2015-3142 * CVE-2015-1869 * CVE-2015-1870 * CVE-2015-3151 * CVE-2015-3150 * CVE-2015-3159

abrt:

  • Move the default dump location from /var/tmp/abrt to /var/spool/abrt
  • Use root for owner of all dump directories
  • Stop reading hs_error.log from /tmp
  • Don not save the system logs by default
  • Don not save dmesg if kernel.dmesg_restrict=1

libreport:

  • Harden the code against directory traversal, symbolic and hard link attacks
  • Fix a bug causing that the first value of AlwaysExcludedElements was ignored
  • Fix missing icon for the "Stop" button icon name
  • Improve development documentation
  • Translations updates

gnome-abrt:

  • Use DBus to get problem data for detail dialog
  • Fix an error introduced with the details on System page
  • Enabled the Details also for the System problems

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2015-10193

This update has been submitted for testing by mhabrnal.

7 years ago

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/93143/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/93151/steps/runtask/logs/stdio (results are informative only)

mhabrnal has edited this update. New build(s): abrt-2.3.0-6.fc21, libreport-2.3.0-8.fc21. Removed build(s): abrt-2.3.0-5.fc21, libreport-2.3.0-7.fc21.

7 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/93911/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/93911/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

7 years ago

This update has been pushed to testing

7 years ago
User Icon dimitrisk commented & provided feedback 7 years ago
karma

gnome-abrt crashes on start: ImportError: /lib64/libabrt.so.0: undefined symbol: create_dump_dir_from_problem_data_ext

Looks like it needs a dependency version bump on libreport? Installing the updated one from updates-testing fixed this.

mhabrnal has edited this update. New build(s): gnome-abrt-1.0.0-3.fc21, abrt-2.3.0-7.fc21. Removed build(s): gnome-abrt-1.0.0-2.fc21, abrt-2.3.0-6.fc21.

7 years ago

This update has been submitted for testing by mhabrnal.

7 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/99749/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/99749/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

7 years ago
User Icon filiperosset commented & provided feedback 7 years ago
karma

no regressions noted

This update has been pushed to testing

7 years ago
User Icon juliuxpigface commented & provided feedback 7 years ago
karma

Gone through some of the listed test-cases on Fedora 21 Workstation. No regressions found.

Critical path update approved

7 years ago
User Icon yuwata provided feedback 7 years ago
karma

This update has reached the stable karma threshold and will be pushed to the stable updates repository

7 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/102172/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
modified
7 years ago
BZ#986876 RFE: Disallow core dump upload entirely
0
0
BZ#1169774 failure to extract debuginfo
0
0
BZ#1179752 undocumented options in abrt-cli
0
0
BZ#1193656 abrt-gui renders crash list white-on-white when using dark theme
0
0
BZ#1212821 CVE-2015-3142 abrt: abrt-hook-ccpp writes core dumps to existing files owned by others [fedora-all]
0
0
BZ#1212865 CVE-2015-1869 abrt: default event scripts follow symbolic links [fedora-all]
0
0
BZ#1212871 CVE-2015-1870 abrt: default abrt event scripts lead to information disclosure [fedora-all]
0
0
BZ#1213485 Can't extract files from downloaded debuginfo package
0
0
BZ#1214452 CVE-2015-3151 abrt: directory traversals in several D-Bus methods implemented by abrt-dbus [fedora-all]
0
0
BZ#1214609 CVE-2015-3150 abrt: abrt-dbus does not guard against crafted problem directory path arguments [fedora-all]
0
0
BZ#1216975 CVE-2015-3159 abrt: missing process environment sanitizaton in abrt-action-install-debuginfo-to-abrt-cache [fedora-all]
0
0
BZ#1218239 CVE-2015-3315 abrt: Various race-conditions and symlink issues found in abrt [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case QA:Obsolete Testcase ABRT Actions and Reporters
0 0 Test Case ABRT Application restart
0 0 Test Case ABRT BlackList
0 0 Test Case ABRT Bugzilla plugin
0 0 Test Case ABRT CCPP addon
0 0 Test Case ABRT CLI
0 0 Test Case ABRT CLI Localized
0 0 Test Case ABRT Configuration Storage
0 0 Test Case ABRT Cron
0 0 Test Case ABRT Desktop auto-reporting
0 0 Test Case ABRT GPG Keys
0 0 Test Case ABRT GPG check
0 0 Test Case ABRT GUI Localized
0 0 Test Case ABRT GUI MAIN
0 0 Test Case ABRT GUI Translation
0 0 Test Case ABRT Logger plugin
0 0 Test Case ABRT Mailx plugin
0 0 Test Case ABRT Plugins
0 0 Test Case ABRT RemoveSecurityInformation
0 0 Test Case ABRT Reporting Known Crash
0 0 Test Case ABRT SELinux
0 0 Test Case ABRT ccpp-journal
0 0 Test Case ABRT cnotify
0 0 Test Case ABRT containers
0 0 Test Case ABRT kernel addon
0 0 Test Case ABRT kernel-journal
0 0 Test Case ABRT python addon
0 0 Test Case ABRT python better debugging
0 0 Test Case ABRT python3
0 0 Test Case ABRT quota
0 0 Test Case ABRT ruby gem
0 0 Test Case ABRT server
0 0 Test Case ABRT sosreport
0 0 Test Case ABRT third party event extension
0 0 Test Case ABRT vmcore
0 0 Test Case ABRT vmcores
0 0 Test Case GNOME ABRT MAIN
0 0 Test Case Libreport Anaconda Install
0 0 Test Case Libreport anaconda
0 0 Test Case Libreport firstboot
0 0 Test Case Libreport sealert
0 0 Test Case Retrace Server CLI
0 0 Test Case Retrace Server GUI