RC status of rpath issues

To: debian-release@lists.debian.org
Subject: RC status of rpath issues
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 23 Nov 2006 00:29:08 +0100
Message-id: <[🔎] slrnem9na4.3m0.jmm@inutil.org>

I've seen a couple of RC bugs being filed for rpath issues in various
packages. For stable-security these are only treated as DSA-worthy
if the rpath points to /tmp, but not towards a directory like /build
or a specific home directory, as exploiting these would require social
engineering against root. While they should of course be fixed where
possible I'd recommend against treating them as release critical per
se. (At least not in the sense they they're a reason for removing a
package from testing).

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: RC status of rpath issues
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: Bug#399329: Request to upload new upstream for phpMyAdmin (2.9.1.1)
Next by Date: Re: dpkg 1.13.24 hint and next upload
Previous by thread: Re: libgpod update
Next by thread: Re: RC status of rpath issues
Index(es):
- Date
- Thread