Greetins, I'm forwarding this patch for *cluster-agents*, which is included in debian packages, and might be of your interest:
>From 5cdbbe5a5234c1bd26f7fe2a5c59abeb76e6e18c Mon Sep 17 00:00:00 2001 From: Jari Aalto <[email protected]> Date: Tue, 19 Oct 2010 13:32:54 +0300 Subject: [PATCH] CVE-2010-3389 insecure library loading Bug#598549 Organization: Private Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Signed-off-by: Jari Aalto <[email protected]> --- heartbeat/SAPDatabase | 7 +++++-- heartbeat/SAPInstance | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) Index: cluster-agents-1.0.3/heartbeat/SAPDatabase =================================================================== --- cluster-agents-1.0.3.orig/heartbeat/SAPDatabase 2011-01-20 16:33:31.178808000 -0500 +++ cluster-agents-1.0.3/heartbeat/SAPDatabase 2011-01-21 17:16:08.190680002 -0500 @@ -966,8 +966,11 @@ fi # as root user we need the library path to the SAP kernel to be able to call executables -if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then - LD_LIBRARY_PATH=$DIR_EXECUTABLE:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH +if [ "$DIR_EXECUTABLE" ]; then + if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then + LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" + export LD_LIBRARY_PATH + fi fi sidadm="`echo $SID | tr [:upper:] [:lower:]`adm" Index: cluster-agents-1.0.3/heartbeat/SAPInstance =================================================================== --- cluster-agents-1.0.3.orig/heartbeat/SAPInstance 2011-01-20 16:33:31.178808000 -0500 +++ cluster-agents-1.0.3/heartbeat/SAPInstance 2011-01-21 17:16:08.200680002 -0500 @@ -296,8 +296,11 @@ fi # as root user we need the library path to the SAP kernel to be able to call sapcontrol - if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then - LD_LIBRARY_PATH=$DIR_EXECUTABLE:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH + if [ "$DIR_EXECUTABLE" ]; then + if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then + LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" + export LD_LIBRARY_PATH + fi fi sidadm="`echo $SID | tr [:upper:] [:lower:]`adm" -- Andres Rodriguez (RoAkSoAx) Ubuntu MOTU Developer Systems Engineer
_______________________________________________________ Linux-HA-Dev: [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/
