VULHUB ™

Debian Security Advisory DSA-039-1 - The version of GNU libc that was distributed with Debian GNU/Linux 2.2 suffered from 2 security problems - It was possible to use LD_PRELOAD to load libraries that are listed in /etc/ld.so.cache, even for suid programs, allowing users to create and overwrite files which they should not be able to. In addition, by using LD_PROFILE suid programs would write data to a file in /var/tmp, which was not done safely. Both problems have been fixed in version 2.1.3-17 and we recommend that you upgrade your glibc packages immediately.

Debian Security Advisory DSA-039-1 - The version of GNU libc that was distributed with Debian GNU/Linux 2.2 suffered from 2 security problems - It was possible to use LD_PRELOAD to load libraries that are listed in /etc/ld.so.cache, even for suid programs, allowing users to create and overwrite files which they should not be able to. In addition, by using LD_PROFILE suid programs would write data to a file in /var/tmp, which was not done safely. Both problems have been fixed in version 2.1.3-17 and we recommend that you upgrade your glibc packages immediately.