Users have been advised to upgrade as soon as possible

Dec 18, 2015 15:43 GMT  ·  By

Details about a couple of SoS vulnerabilities that have been found and fixed in Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS have been detailed in a regular security notice.

SoS is not a package that usually gets updates, especially not for vulnerabilities. SoS is a set of tools to gather troubleshooting data from a system, so it's not exactly something all that unimportant. In any case, updating would be a good idea.

"Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report. Mateusz Guzik discovered that SoS incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files or gain access to temporary file contents containing sensitive system information," reads the security notice.

These issues have been found and corrected with a simple update. For a more detailed description of the problems, you can see Canonical's security notification. Users have been advised to upgrade their systems.

The problems can be repaired if you upgrade your system to the latest sosreport packages specific to each distribution. To apply the patch, users will have to run the Update Manager application. A reboot of the system is not required, but users will need to log out and log back in to complete the procedure.

You can also choose to upgrade from the terminal. All you have to do is enter these commands in a terminal near you:

code
sudo apt-get update
sudo apt-get dist-upgrade
Enjoy!