[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#598501: unblock: bristol/0.60.5-2

Hi Adam,

thanks for reviewing this!

On Wed, Sep 29, 2010 at 9:43 PM, Adam D. Barratt
<adam@adam-barratt.org.uk> wrote:
> On Wed, 2010-09-29 at 15:34 +0200, Alessio Treglia wrote:
>> Please unblock package bristol 0.60.5-2, which fixes the 'grave' bug
>> #598285 ("CVE-2010-3351: insecure library loading").
>
> and removes potentially useful functionality in the process :-/
> (although forcing /usr/local/lib and usr/lib (sic) ahead of
> LD_LIBRARY_PATH is a little odd anyway)
>
> + export SLAB_HOME=$BRISTOL
> + export BRIGHTON=$BRISTOL
> +
> +-export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH}:${BRISTOL}/lib
> ++export LD_LIBRARY_PATH=@BRISTOL_DIR@/lib:/usr/local/lib:/usr/lib:/lib
> +
> + export PATH=${PATH}:$BRISTOL/bin:/usr/local/bin
>
> Should that be ${BRISTOL} rather than @BRISTOL_DIR@?

It gets replaced by ${BRISTOL}, which contains /usr/share/bristol/ and
it is unnecessary at all.
We may remove it, I think.


-- 
Alessio Treglia <alessio@debian.org>
Debian & Ubuntu Developer | Homepage: http://www.alessiotreglia.com
0FEC 59A5 E18E E04F 6D40 593B 45D4 8C7C DCFC 3FD0
Reply to: