Bug#601199: release.debian.org: unblock: mono-debugger/2.6.3-2.1

To: 601199@bugs.debian.org, 601199-submitter@bugs.debian.org
Cc: adam@adam-barratt.org.uk
Subject: Bug#601199: release.debian.org: unblock: mono-debugger/2.6.3-2.1
From: Jari Aalto <jari.aalto@cante.net>
Date: Wed, 03 Nov 2010 00:50:54 +0200
Message-id: <[🔎] 87sjzjxru9.fsf@picasso.cante.net>
Reply-to: Jari Aalto <jari.aalto@cante.net>, 601199@bugs.debian.org

> "Adam D. Barratt" <adam@adam-barratt.org.uk>
> > On Sun, 2010-10-24 at 12:40 +0200, Moritz Muehlenhoff wrote:
> > Please unblock package mono-debugger. It fixes CVE-2010-3369.
>
> I'm not really convinced about the utility of this:
>
> ++   tmp=$(echo "$1" | sed -e 's/::\+// ; s/^:// ; s/:$//' )
>
> The code is already using ${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH} to only
> append LD_LIBRARY_PATH if it is non-empty, resolving the issue with the
> script (adding empty items without the user realising).
>
> If I want to explicitly add empty items to LD_LIBRARY_PATH before
> calling the debugger, and potentially shoot myself badly in the foot,
> should I not be permitted to do so?

I can provide *-2.2 without the patchclean(). Let me know if new upload
is ok.

Jari

Reply to:

Follow-Ups:
- Bug#601199: release.debian.org: unblock: mono-debugger/2.6.3-2.1
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Bug#602245: unblock: gnucash/2.2.9-9
Next by Date: Re: Security unblock requests (ust/0.7-2.1)
Previous by thread: Bug#602245: marked as done (unblock: gnucash/2.2.9-9)
Next by thread: Bug#601199: release.debian.org: unblock: mono-debugger/2.6.3-2.1
Index(es):
- Date
- Thread