Bug#495756: ecl has rpath to insecure location (/tmp/buildd/ecl-0.9j-20080306/build/)
ballombe at debian.org
Wed Aug 20 08:55:51 UTC 2008
Hello Debian Common Lisp Team,
ecl includes a ELF file /usr/lib/ecl/asdf.fas with a rpath pointing to
This allows an attacker with write access to that directory to
add modified libraries which will be loaded when someone
else run ecl.
Bill. <ballombe at debian.org>
Imagine a large red swirl here.
More information about the pkg-common-lisp-devel