Bug 146402 - CAN-2004-1453 Information leak with LD_DEBUG
CAN-2004-1453 Information leak with LD_DEBUG
Status: CLOSED DUPLICATE of bug 152848
Product: Fedora Legacy
Classification: Retired
Component: glibc (Show other bugs)
fc2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://www.gentoo.org/security/en/gls...
2, discuss
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-01-27 16:48 EST by Leonard den Ottolander
Modified: 2016-11-24 09:52 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-07-20 12:10:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Leonard den Ottolander 2005-01-27 16:48:00 EST
Silvio Cesare discovered a potential information leak in glibc. It
allows LD_DEBUG on SUID binaries where it should not be allowed. This
has various security implications, which may be used to gain
confidentional information.
Comment 1 Jakub Jelinek 2005-01-27 17:05:05 EST
*** Bug 146404 has been marked as a duplicate of this bug. ***
Comment 4 Matthew Miller 2005-04-11 18:20:44 EDT
[Bulk move of FC2 bugs to Fedora Legacy. See
<http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00020.html>.]
Comment 5 Leonard den Ottolander 2005-04-12 18:44:50 EDT
I get the impression this bug is not considered worth fixing. Reopened bug
146404 so RH security team can decide on what to do for RHEL 3.
Comment 6 Pekka Savola 2005-05-16 06:29:22 EDT
See #152848 for RHL73/RHL9/FC1.
Comment 7 Tim Powers 2005-05-18 10:00:02 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-256.html
Comment 8 Dominic Hargreaves 2005-05-18 10:24:52 EDT
This hasn't been fixed for FC2 by Fedora Legacy.
Comment 9 Dennis Gregorovic 2005-05-19 23:25:55 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-256.html
Comment 10 Josh Bressers 2005-06-16 18:43:43 EDT
The errata mistakenly references this bug, when it should be referencing bug 146404.
Comment 11 Pekka Savola 2005-06-17 00:39:05 EDT
Because this is a Fedora Legacy issue, reopening.
Comment 12 Pekka Savola 2005-07-20 12:10:02 EDT
Continuing tracking this at #152848, so closing here.

*** This bug has been marked as a duplicate of 152848 ***

Note You need to log in before you can comment on or make changes to this bug.