On Mon, Dec 11, 2006 at 05:26:01PM +0000, Tavis Ormandy wrote: > On Sat, Dec 09, 2006 at 04:01:30PM +0100, Timothy Redaelli wrote: > > can't fix rpath, application check its checksum > > > > This looks like a serious security issue, attempting to scan a file > named `liblnxfv.so.4` in the cwd will execute arbitrary code (by > installing a constructor in the dso, for example). > > What was the bug number, we probably need a mask glsa for this issue. > > (the security rpath checks are there for a reason, please dont disable > them without checking eith security team!) >
GLSA 200612-15 Thanks, Tavis. -- ------------------------------------- [EMAIL PROTECTED] | finger me for my pgp key. -------------------------------------------------------
pgp5Z9sUPlfSI.pgp
Description: PGP signature
