[USN-4965-2] Apport vulnerabilities

========================================================================== Ubuntu Security Notice USN-4965-2 May 25, 2021
apport vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 16.04 ESM – Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Apport.
Software Description: – apport: automatically generate crash reports for debugging
Details:
USN-4965-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details:
Maik M√ľnch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: apport 2.20.1-0ubuntu2.30+esm1 python-apport 2.20.1-0ubuntu2.30+esm1 python3-apport 2.20.1-0ubuntu2.30+esm1
Ubuntu 14.04 ESM: apport 2.14.1-0ubuntu3.29+esm7 python-apport 2.14.1-0ubuntu3.29+esm7 python3-apport 2.14.1-0ubuntu3.29+esm7
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-4965-2 ubuntu.com/security/notices/USN-4965-1 CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550, CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554, CVE-2021-32555, CVE-2021-32556, CVE-2021-32557