Gerrit Venema

**Name of the Vulnerable Software and Affected Versions** Apport (affected versions not specified) **Description** The issue is related to Apport argument parsing, which mishandles filename splitting on older kernels, resulting in argument spoofing. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apport (affected versions not specified) **Description** The issue allows Apport to be tricked into connecting to arbitrary sockets as the root user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** apport (affected versions not specified) **Description** The ~/.config/apport/settings parsing is vulnerable to a "billion laughs" attack. This issue affects the parsing of settings in the apport configuration file, making it susceptible to a specific type of denial-of-service attack. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue allows users to consume unlimited disk space in `/var/crash`. This can potentially lead to disk space exhaustion. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** apport (affected versions not specified) **Description** The issue allows users to fill up apport.log. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue allows users to create arbitrary TCP DBus connections through the `is closing session()` function. This could potentially lead to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apport (affected versions not specified) **Description** The issue allows users to consume RAM in the Apport process through the `is closing session()` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apport (affected versions not specified) **Description** The issue is related to Apport not disabling the python crash handler before entering chroot. This could potentially lead to unintended consequences, although specific details about the impact or exploitation of this issue are not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apache Solr for TYPO3 (solr) extension versions prior to 2.8.3 **Description** The issue is related to "Insecure Unserialize" and has unknown impact with remote attack vectors. **Recommendations** For versions prior to 2.8.3, update to version 2.8.3 or later to resolve the issue.