reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.
https://exchange.xforce.ibmcloud.com/vulnerabilities/19520
https://bugzilla.ubuntu.com/show_bug.cgi?id=6717
https://bugzilla.ubuntu.com/show_bug.cgi?id=6600
http://secunia.com/advisories/14422/