Summary: | sys-libc/glibc: arbitrary code execution (CVE-2010-3856) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Andrey Batyiev <generatorglukoff> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED DUPLICATE | ||
Severity: | critical | CC: | seclorum |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Andrey Batyiev
2010-10-23 15:12:06 UTC
*** This bug has been marked as a duplicate of bug 341755 *** Andrey: Thanks for the report, but please use the search function before filing bugs in the future. (In reply to comment #2) > Andrey: Thanks for the report, but please use the search function before filing > bugs in the future. > I think it's different bugs, second found by author of first one during more analysis. > (In reply to comment #2) > > Andrey: Thanks for the report, but please use the search function before filing > > bugs in the future. > > > > I think it's different bugs, second found by author of first one during more > analysis. > Yep, Andrey, they are different bugs but they got assigned the same entry in the bugzilla. Check out bug #341755, that SpanKY linked to. Thanks for the report. (In reply to comment #4) > Yep, Andrey, they are different bugs but they got assigned the same entry in > the bugzilla. > Check out bug #341755, that SpanKY linked to. > > Thanks for the report. > They got assigned same entry *after* i filled this one. That one was "[Bug 341755] sys-libs/glibc library dynamic linker expands $ORIGIN in setuid library search path (CVE-2010-3847)". This bug has nothing with $ORIGIN expansion. |