Bug#598308: vdr-dbg: CVE-2010-3387: insecure library loading (NMU 1.6.0-19.1)
Julien Cristau
jcristau at debian.org
Mon Oct 18 11:48:06 UTC 2010
On Mon, Oct 18, 2010 at 14:46:03 +0300, Jari Aalto wrote:
> Removing the colon does not address this:
>
> (
> LD_LIBRARY_PATH="::"
> LD_LIBRARY_PATH="/usr/lib/debug${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
> echo $LD_LIBRARY_PATH
> )
>
That's not something that needs to be addressed. That's you shooting
yourself in the foot. Don't do that.
Cheers,
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-vdr-dvb-devel/attachments/20101018/e63371fe/attachment-0001.pgp>
More information about the pkg-vdr-dvb-devel
mailing list