Nixpkgs security tracker

Untriaged

Permalink CVE-2015-1341

created 1 month, 3 weeks ago

Apport privilege escalation through Python module imports

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

References

https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC

Affected products

Apport

<2.14.1-0ubuntu3.18
<2.0.1-0ubuntu17.13
<2.17.2-0ubuntu1.7
<2.19.2
<2.19.1-0ubuntu4

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4
nixos-25.11 0.0.0.4
- nixos-25.11-small 0.0.0.4
- nixpkgs-25.11-darwin 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers