[SCM] ardour/master: Fix insecure library loading (Closes: #598282)
adiknoth-guest at users.alioth.debian.org
adiknoth-guest at users.alioth.debian.org
Tue Sep 28 19:25:57 UTC 2010
The following commit has been merged in the master branch:
commit 4699ef7640bca7f042306c9138305d433f05f808
Author: Adrian Knoth <adi at drcomp.erfurt.thur.de>
Date: Tue Sep 28 16:33:53 2010 +0200
Fix insecure library loading (Closes: #598282)
diff --git a/debian/patches/130_ldpath.patch b/debian/patches/130_ldpath.patch
new file mode 100644
index 0000000..51d0e8d
--- /dev/null
+++ b/debian/patches/130_ldpath.patch
@@ -0,0 +1,17 @@
+From: Adrian Knoth <adi at drcomp.erfurt.thur.de>
+Description: Fix unsecure loading of libraries
+ When LD_LIBRARY_PATH is unset, the ardour executable would
+ load malicious libraries from CWD/$PWD.
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598282
+Forwarded: yes
+--- a/gtk2_ardour/ardour.sh.in
++++ b/gtk2_ardour/ardour.sh.in
+@@ -2,7 +2,7 @@
+
+ export GTK_PATH=%INSTALL_PREFIX%/%LIBDIR%/ardour2:$GTK_PATH
+
+-export LD_LIBRARY_PATH=%INSTALL_PREFIX%/%LIBDIR%/ardour2:$LD_LIBRARY_PATH
++export LD_LIBRARY_PATH="%INSTALL_PREFIX%/%LIBDIR%/ardour2${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
+ # DYLD_LIBRARY_PATH is for Darwin
+ export DYLD_LIBRARY_PATH=$LD_LIBRARY_PATH
+
diff --git a/debian/patches/series b/debian/patches/series
index 4e27a49..70d074b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@
90_ardour-x-change.patch
100_syslibs.patch
111_libardourvampplugins.patch
+130_ldpath.patch
--
ardour Debian packaging
More information about the pkg-multimedia-commits
mailing list