Package: libg20-perl Version: 0.70-1.2 Severity: grave Tags: security Hello Eric,
The file /usr/lib/perl5/auto/G2/G2.so include a rpath pointing to /build/buildd/g2-0.70/g2_perl/.. which is not a FHS approved location. % chrpath /usr/lib/perl5/auto/G2/G2.so /usr/lib/perl5/auto/G2/G2.so: RPATH=/build/buildd/g2-0.70/g2_perl/.. On some system, a user could have write access to /build and thus be able to set up a rogue library in that location that will get loaded by users of libg20-perl. Cheers, -- Bill. <[EMAIL PROTECTED]> Imagine a large red swirl here. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
