Package: gnucash Version: 2.2.6-2 Tags: security Severity: important >From CVE-2010-3999
"gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory." https://bugzilla.redhat.com/show_bug.cgi?id=644933
