Hello, Here is a patch that fixes this issue. Regards, -- Etienne Millon
diff -u mn-fit-5.13/debian/changelog mn-fit-5.13/debian/changelog
--- mn-fit-5.13/debian/changelog
+++ mn-fit-5.13/debian/changelog
@@ -1,3 +1,10 @@
+mn-fit (5.13-8) unstable; urgency=low
+
+ * QA upload.
+ * Fix security issue CVE-2010-3366 (Closes: #598298)
+
+ -- Etienne Millon <etienne.millon@gmail.com> Wed, 13 Oct 2010 10:14:51 +0200
+
mn-fit (5.13-7) unstable; urgency=low
* QA upload.
only in patch2:
unchanged:
--- mn-fit-5.13.orig/src/bin/mn_fit
+++ mn-fit-5.13/src/bin/mn_fit
@@ -110,7 +110,7 @@
ROOTSYS=XXX_ROOTSYS_ENV_XXX
if [ -n "$ROOTSYS" ]; then
export ROOTSYS
- LD_LIBRARY_PATH=$ROOTSYS/lib:$LD_LIBRARY_PATH
+ LD_LIBRARY_PATH=$ROOTSYS/lib${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
export LD_LIBRARY_PATH
fi
fi
Attachment:
signature.asc
Description: Digital signature