[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 557-1] dietlibc security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : dietlibc
Version        : 0.33~cvs20120325-4+deb7u1
Debian Bug     : #832169

It was discovered that there was an insecure default PATH in
dietlibc, a libc optimized for small size.

Thorsten Glaser discovered that the default PATH in dietlibc
(if the environment variable is unset) contained the current
working directory.

For Debian 7 "Wheezy", this issue has been fixed in:

 * dietlibc version 0.33~cvs20120325-4+deb7u1
 * minit version 0.10-5+deb7u1

We recommend that you upgrade your dietlibc and minit packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXlmWeAAoJEB6VPifUMR5YxPQQAKAQ0pxNzvw3/iJ5odQ5Etfl
ZqMpFjoCeWbKelfi1M/vXYmE0h9VNyt8dKMlMKSoDnexR2P0AAzwoU+kuNXLDPnp
XYC+s2qeoSIGduuNsLPZoBTZnZ1djSJjRJg9h1P/DSYpQgbCYyn8dLPgViBrEvf8
ziu89WYMFNfSRwoxw+XAODjzU8yys0SVcl126evFfxTxwYd+ANGAdeGKNAT/FXFJ
jQXkP/u1GkVFl1UBOGIJJeFZmL4sE4crBkgJFihejoscwqQAVYUdmGdwQl+BAAEy
G8QBrtzgIHGGVOnh+RmBsf3+FF9jqZ5LZnVdteZqRAJdhhETs4XsaKQSRD4NSQG0
4/Cq9ijdnUrWCR41AwUs0QTF+PajGLF3xMFwwXtpaAINDGLBV9/+03l1pP4IQBZs
bovlA3zW6WXBJ7g4rN7yu6Fi0iasPvfEx/Vk4mCLbe9mOHSnHo8VX2oEWh5UNs7z
Cw66H16g7qmWGMLpLU+MTlEfhI7+FOV1ACTTnzcWNjAHS8VwV0QGACKsOdWuXAPO
gCHtRHxgNshjmzJ9MHjhyfRp3BwanW8U8toMwB600xbSBkKCVrHx4+klCfwJASeq
2WW6qgdmFsa+F/Y8cdNNRY7wVPDyIadIvGYTLlJuxMZInlGsrGPkH6uPRKcMH7m6
PyeFXIt8/yFcz0JqGJSL
=kY2Y
-----END PGP SIGNATURE-----
Reply to: