Bug#600667: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
On Thu, 21 Oct 2010 19:36:04 +0200, Aurelien Jarno wrote:
> On Mon, Oct 18, 2010 at 06:58:45PM -0400, Michael Gilbert wrote:
> > package: eglibc
> > version: 2.11.2-6
> > severity: grave
> > tag: patch
> >
> > an issue has been disclosed in eglibc. see:
> > http://seclists.org/fulldisclosure/2010/Oct/257
> >
> > patch available:
> > http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html
> >
>
> I have just committed the fix, I am planning to do an upload soon to
> unstable. Do you think we should also fix it in stable? via a security
> release?
the exploitability of this issue is questionable, but i think it should
be fixed in a DSA just to be safe (based on the precautionary
principle).
thanks for working on the fix.
mike
Reply to: