Bug 114668

Summary: Contains invalid/insecure RPATH
Product: [Retired] Red Hat Raw Hide Reporter: Enrico Scholz <rh-bugzilla>
Component: net-snmpAssignee: Phil Knirsch <pknirsch>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0CC: rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-02-03 14:39:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Enrico Scholz 2004-01-30 21:20:35 UTC 
Description of problem:


http://www.securityfocus.com/archive/1/351758/2004-01-27/2004-02-02/0


File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/default_store/default_store.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/default_store/../../snmplib/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/ASN/ASN.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/ASN/../../snmplib/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/OID/OID.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/OID/../../snmplib/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/agent/agent.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/agent/../../agent/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/agent/agent.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/agent/../../agent/helpers/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/agent/agent.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/agent/../../snmplib/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/NetSNMP/agent/default_store/default_store.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/agent/default_store/../../../snmplib/.libs'
File '/usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi/auto/SNMP/SNMP.so' contains an invalid rpath '/usr/src/redhat/BUILD/net-snmp-5.1/perl/SNMP/../../snmplib/.libs'


Version-Release number of selected component (if applicable):

net-snmp-5.1-8
Comment 1 Phil Knirsch 2004-02-03 14:39:19 UTC 
As /usr/src/redhat is never world writable in our distribution this
isn't a high security risk.

Nonetheless i'll fix it in the next release.

Read ya, Phil
Comment 2 Enrico Scholz 2004-03-25 05:34:48 UTC 
fwiw, still in net-snmp-5.1-11.1