CVE-2005-4791 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4791): Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
This is for liferea only. Daniel, please advise.
This is not an issue for us, since we don't install the liferea script at all. We replace it with the binary it's supposed to be calling. As far as I can tell from the links, only the script is vulnerable.
Thanks for clarifying.