UbuntuUpdates.org

Package "sosreport"

Name: sosreport

Description:

Set of tools to gather troubleshooting data from a system

Latest version: 3.1-1ubuntu2.2
Release: trusty (14.04)
Level: security
Repository: main
Homepage: https://github.com/sosreport/sosreport

Links


Download "sosreport"


Other versions of "sosreport" in Trusty

Repository Area Version
base main 3.1-1ubuntu2
updates main 3.5-1~ubuntu14.04.3
backports main 3.2-2~ubuntu14.04.1

Changelog

Version: 3.1-1ubuntu2.2 2015-12-18 04:06:48 UTC

  sosreport (3.1-1ubuntu2.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Information disclosure via insufficient scrubbing of
    passwords in /etc/fstab
   - debian/patches/0010-CVE-2014-0246.patch: Remove passwords when collecting
     the contents of /etc/fstab
   - CVE-2014-0246

  [ Louis Bouchard ]
  * SECURITY UPDATE: Information disclosure and/or directory traversal
    via insecure tmp file handling (LP: #1525271)
    - debian/patches/0011-CVE-2015-7529.patch: Safely create a private
      tmp directory
    - CVE-2015-7529

 -- Tyler Hicks Thu, 17 Dec 2015 17:27:05 -0600

1525271 CVE-2015-7529 needs to be backported to supported releases
CVE-2014-0246 SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the



About   -   Send Feedback to @ubuntu_updates