Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=6926d890d18bb4e7fc7027979fec741bc139970a
commit 6926d890d18bb4e7fc7027979fec741bc139970a Author: voroskoi <[EMAIL PROTECTED]> Date: Tue Jan 15 19:36:18 2008 +0100 FSA340-liferea diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 37c1f35..4998801 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -27,6 +27,18 @@ <fsas> <fsa> + <id>340</id> + <date>2008-01-15</date> + <author>voroskoi</author> + <package>liferea</package> + <vulnerable>1.2.23-2sayshell1</vulnerable> + <unaffected>1.2.23-2sayshell2</unaffected> + <bts>http://bugs.frugalware.org/task/2606</bts> + <cve>There is no CVE for this issue.</cve> + <desc>A security issue has been reported in Liferea, which can be exploited by malicious, local users to gain escalated privileges. + The security issue is caused due to the Liferea starter script incorrectly setting the environment variable LD_LIBRARY_PATH. This can be exploited to gain escalated privileges e.g. by tricking a user into running Liferea in a directory containing a malicious library.</desc> + </fsa> + <fsa> <id>339</id> <date>2008-01-15</date> <author>voroskoi</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
