On Mon, 2006-03-27 at 11:57 -0600, Peter Samuelson wrote: > [Bill Allombert] > > libapache2-svn modules have a rpath pointing to /tmp: [...] > Extra rpaths are usually > quite harmless, but you are right, if a buildd builds things in /tmp, > it can be a security problem. Err, it seems it was hand compiled. At least the rpath contains /tmp/svn/subversion-1.3.0 , then I suspect a hand compilation. At least why a buildd would use /tmp/svn/ as a build path?
> I'll take another look as soon as I get a chance. IMHO a bin NMU would be enough in this case. But beware: there's a new neon package version since then; and I couldn't build the current Subversion package in a clean SID chroot due to a segfault building the Java bindings. Regards, Laszlo/GCS
signature.asc
Description: This is a digitally signed message part
