Jab Oravec has reported a security issue in Tomboy, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the "/usr/bin/tomboy" script incorrectly setting the environment variable LD_LIBRARY_PATH. This can be exploited to gain escalated privileges by e.g. tricking a user into running Tomboy in a directory containing a malicious library.
CC'ing maintainers and setting whiteboard status.
*** Bug 188806 has been marked as a duplicate of this bug. ***
0.8.0 has been released couple days ago, anyone knows if includes a fix for this? I don't see anything in the changelog...
Upstream bug filed: http://bugzilla.gnome.org/show_bug.cgi?id=485224
Created attachment 133582 [details, diff] tomboy-trunk-insecure-ldpath.patch Should fix this issue.
As upstream is unresponsive could you please include the patch without the change from sh -> bash in the first line (I talked to uberlord about it, the syntax is not bash specific as I first thought)?
[02:30] <compnerd> rbu: tomboy-0.8.1-r1 commited [02:30] <rbu> compnerd: thanks Arches, please test and mark stable app-misc/tomboy-0.8.1-r1. Target keywords : "amd64 ppc x86"
Stable on x86
ppc stable
err... amd64 done... sorry
GLSA request filed.
I've updated this in the snapshot, so I'm removing release.
GLSA 200711-12