* SECURITY UPDATE: Information disclosure via insufficient scrubbing of
passwords in /etc/fstab
- debian/patches/0010-CVE-2014-0246.patch: Remove passwords when collecting
the contents of /etc/fstab
- CVE-2014-0246
[ Louis Bouchard ]
* SECURITY UPDATE: Information disclosure and/or directory traversal
via insecure tmp file handling (LP: #1525271)
- debian/patches/0011-CVE-2015-7529.patch: Safely create a private
tmp directory
- CVE-2015-7529
This bug was fixed in the package sosreport - 3.1-1ubuntu2.2
---------------
sosreport (3.1-1ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: Information disclosure via insufficient scrubbing of patches/ 0010-CVE- 2014-0246. patch: Remove passwords when collecting
passwords in /etc/fstab
- debian/
the contents of /etc/fstab
- CVE-2014-0246
[ Louis Bouchard ] patches/ 0011-CVE- 2015-7529. patch: Safely create a private
* SECURITY UPDATE: Information disclosure and/or directory traversal
via insecure tmp file handling (LP: #1525271)
- debian/
tmp directory
- CVE-2015-7529
-- Tyler Hicks <email address hidden> Thu, 17 Dec 2015 17:27:05 -0600