[Pkg-mono-svn-commits] [SCM] mono branch, debian/patches/dllimport_search_base_not_cwd, created. upstream/2.6.3-2-g52727f0
Iain Lane
laney at ubuntu.com
Mon Dec 6 21:28:34 UTC 2010
The branch, debian/patches/dllimport_search_base_not_cwd has been created
at 52727f0531c26810dab3a3844a59110e48a3d7f5 (commit)
- Shortlog ------------------------------------------------------------
commit 52727f0531c26810dab3a3844a59110e48a3d7f5
Author: Paolo Molaro <lupus at oddwiz.org>
Date: Tue Oct 12 15:53:25 2010 +0200
Search for dllimported shared libs in the base directory, not cwd.
* loader.c: we don't search the current directory anymore for shared
libraries referenced in DllImport attributes, as it has a slight
security risk. We search in the same directory where the referencing
image was loaded from, instead.
References: CVE-2010-4159
Closes: #605097
-----------------------------------------------------------------------
--
mono
More information about the Pkg-mono-svn-commits
mailing list