The Snap team is pleased to announce the release of Snap 0.2.16. This release fixes a critical security vulnerability and all users of Snap should upgrade immediately.
Changes since 0.2.15
We’re not entirely sure how we didn’t catch this, but a commit made back in April of this year caused our fileServe code to have a critical vulnerability which allowed it to serve any file on the disk, including
/etc/passwd. Obviously if you are using Snap’s file serving code, you should upgrade to Snap 0.2.16 immediately.
–The Snap team