Bug#598421: CVE-2010-3377 -- security problem in a few files
Adam C Powell IV
hazelsct at debian.org
Thu Sep 30 14:16:50 UTC 2010
Hello Andre,
There's a security bug in the Debian package for salome due to insecure
handling of LD_LIBRARY_PATH in a couple of places, bug 598421.
To fix it, I've patched my runSalome script (this does not affect
upstream runSalome), and several upstream files, and pushed the fixes to
the alioth repository.
Can you please forward upstream the *-secure-library-path.patch files
(*=gui, med, yacs)? Please mention that it fixes Common Vulnerabilities
and Exposures issue ID CVE-2010-3377 , as mentioned in the patches.
Thanks,
Adam
--
GPG fingerprint: D54D 1AEE B11C CE9B A02B C5DD 526F 01E8 564E E4B6
Engineering consulting with open source tools
http://www.opennovation.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/debian-science-maintainers/attachments/20100930/fb51989b/attachment.pgp>
More information about the debian-science-maintainers
mailing list