This bug was fixed in the package sosreport - 3.1-1ubuntu2.2
---------------
sosreport (3.1-1ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: Information disclosure via insufficient scrubbing of
passwords in /etc/fstab
- debian/patches/0010-CVE-2014-0246.patch: Remove passwords when collecting
the contents of /etc/fstab
- CVE-2014-0246
[ Louis Bouchard ]
* SECURITY UPDATE: Information disclosure and/or directory traversal
via insecure tmp file handling (LP: #1525271)
- debian/patches/0011-CVE-2015-7529.patch: Safely create a private
tmp directory
- CVE-2015-7529
-- Tyler Hicks <[email protected]> Thu, 17 Dec 2015 17:27:05 -0600
** Changed in: sosreport (Ubuntu Trusty)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1525271
Title:
CVE-2015-7529 needs to be backported to supported releases
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sosreport/+bug/1525271/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
