Package: valgrind Version: 1:3.3.1-2 Severity: normal Tags: security
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for valgrind. CVE-2008-4865[0]: | Untrusted search path vulnerability in valgrind allows local users to | execute arbitrary programs via a Trojan horse .valgrindrc file in the | current working directory, as demonstrated using a malicious | --db-command options. NOTE: the severity of this issue has been | disputed, but CVE is including this issue because execution of a | program from an untrusted directory is a common scenario. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4865 http://security-tracker.debian.net/tracker/CVE-2008-4865 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
