nixpkgs

mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-11-06 10:16:44 +01:00

History

Anders Kaseorg 665dfc26ed libversion: Fix unsafe concatenation of $LD_LIBRARY_PATH Naive concatenation of $LD_LIBRARY_PATH can result in an empty colon-delimited segment; this tells glibc to load libraries from the current directory, which is definitely wrong, and may be a security vulnerability if the current directory is untrusted. This particular case probably has no security relevance, but we should avoid this unsafe pattern anyway in case it gets copied. See #76804. Signed-off-by: Anders Kaseorg <andersk@mit.edu>	2020-05-31 01:42:09 -07:00
..
default.nix	libversion: Fix unsafe concatenation of $LD_LIBRARY_PATH	2020-05-31 01:42:09 -07:00

Anders Kaseorg 665dfc26ed libversion: Fix unsafe concatenation of $LD_LIBRARY_PATH

Naive concatenation of $LD_LIBRARY_PATH can result in an empty
colon-delimited segment; this tells glibc to load libraries from the
current directory, which is definitely wrong, and may be a security
vulnerability if the current directory is untrusted.  This particular
case probably has no security relevance, but we should avoid this
unsafe pattern anyway in case it gets copied.  See #76804.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>

2020-05-31 01:42:09 -07:00

default.nix

libversion: Fix unsafe concatenation of $LD_LIBRARY_PATH

2020-05-31 01:42:09 -07:00