tags 495756 + pending
thanks
Hi Bill!
Please check the bug number you reply, I sent this back to the original
bug report ;-)
On Tue, 26 Aug 2008 14:09:12 +0200, Bill Allombert wrote:
On Mon, Aug 25, 2008 at 11:54:26PM +0200, Luca Capello wrote:
I've added the ECL list to cc:. While I can
On Mon, Aug 25, 2008 at 11:54:26PM +0200, Luca Capello wrote:
Hi Bill!
For the ECL list: this is a 'serious' bug in the Debian BTS [1]. For
the reason why rpath is considered harmful by Debian see [2] and [3].
Please don't Cc: me, I read the list. However, please keep the Debian
bug
Hi Bill!
For the ECL list: this is a 'serious' bug in the Debian BTS [1]. For
the reason why rpath is considered harmful by Debian see [2] and [3].
Please don't Cc: me, I read the list. However, please keep the Debian
bug cc:ed (no need to subscribe), I set the M-F-T and R-T to both the
bug
On Mon, Aug 25, 2008 at 11:54 PM, Luca Capello [EMAIL PROTECTED] wrote:
For the ECL list: this is a 'serious' bug in the Debian BTS [1]. For
the reason why rpath is considered harmful by Debian see [2] and [3].
ECL does not use rpath. The guessing of how it works is still in the
autoconf
Package: ecl
Version: 0.9j-20080306-4
Severity: serious
Tags: security
Hello Debian Common Lisp Team,
ecl includes a ELF file /usr/lib/ecl/asdf.fas with a rpath pointing to
/tmp/buildd/ecl-0.9j-20080306/build/.
This allows an attacker with write access to that directory to
add modified libraries
5 matches
Mail list logo
