Apport

Apport 2.33.0

Milestone information

Project:: Apport

Series:: main

Version:: 2.33.0

Released:: 2025-06-06

Registrant:: Benjamin Drung

Release registered:: 2025-06-06

Active:: No. Drivers cannot target bugs and blueprints to this milestone.

Download RDF metadata

Activities

Assigned to you:: No blueprints or bugs assigned to you.

Assignees:: No users assigned to blueprints and bugs.

Blueprints:: No blueprints are targeted to this milestone.

Bugs:: 6 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File	Description	Downloads
apport-2.33.0.tar.xz (md5, sig)	apport-2.33.0.tar.xz	38 last downloaded 15 weeks ago
Total downloads:		38

Release notes

### Added

* Check Python code with ruff
* Include ELF package metadata from systemd-coredump
* test: support coreutils rename to gnu-coreutils (LP: #2111595)

### Changed

* problem_report:
- write `CompressedValue` in chunks as well
- reduce chunk size from 1 MB to 128 kB
* report: drop support for libnih
* Deprecate logging functions in base apport module
* Check cyclomatic complexity
* Fix invalid non-public names (i.e. use upper case for global constants)
* setup.py: remove the shebang mangling code
* packaging: drop lsb_release support from `get_os_version()`
* apt_dpkg: check return type of `pickle.load()`
* ui: split `HookUI` class into separate module
* fileutils: let `find_core_files_by_uid` return a list of tuples
* Rename `apport/packaging.py` to `apport/package_info.py`
* Stop importing from base apport module directly
* Lazy load elements in base apport module
* Add more type hints
* Split some big functions into smaller ones
* test: drop running pyflakes

### Fixed

* SECURITY UPDATE: Report file insecure permissions (LP: #2106338)
  - Do not change report group to report owner's primary group.
  - CVE-2025-5467
* SECURITY UPDATE: Race condition when forwarding core files to containers (LP: #2107472)
  - apport: move `consistency_checks` call further up
  - apport: do not override `options.pid`
  - apport: open `/proc/<pid>` as early as possible
  - fileutils: respect `proc_pid_fd` in `get_core_path`
  - apport: use opened `/proc/<pid>` everywhere
  - apport: do consistency check before forwarding crashes
  - apport: require `--dump-mode` to be specified
  - apport: determine report owner by `dump_mode`
  - apport: do not forward crash for `dump_mode == 2`
  - apport: support pidfd (%F) parameter from kernel
  - CVE-2025-5054
* setuptools/java: use snakecase for option name (LP: #2111595)
* apport: catch `ProcessLookupError` in `forward_crash_to_container` (LP: #2080499)
* apport: look for the exe within the proc root mount (LP: #2112272)
* ui: fix return value for `--hanging` case in `run_argv`
* test: do not check for exact encoded gzip data (LP: #2076269)

Changelog

This release does not have a changelog.

0 blueprints and 6 bugs targeted

Bug report			Importance	Status
2076269	#2076269	invalid base64 encoded gzip data on s390x causes autopkgtest failures	3 High	11 Fix Released
2080499	#2080499	/usr/share/apport/apport:ProcessLookupError:/usr/share/apport/apport@1248:main:_check_global_pid_and_forward:forward_crash_to_container	3 High	11 Fix Released
2106338	#2106338	Apport Report File Insecure Permissions	3 High	11 Fix Released
2107472	#2107472	Race condition when forwarding core files to containers	3 High	11 Fix Released
2111595	#2111595	FTBFS in questing: setup.cfg command 'build_java' has no such option 'minimum-java-release'	3 High	11 Fix Released
2112272	#2112272	Apport refuses to generate core dumps inside containers	3 High	11 Fix Released

Related milestones and releases

This milestone contains Public information

Everyone can see this information.