Silvio Cesare discovered a potential information leak in glibc. It
allows LD_DEBUG on SUID binaries where it should not be allowed. This
has various security implications, which may be used to gain
*** Bug 146404 has been marked as a duplicate of this bug. ***
[Bulk move of FC2 bugs to Fedora Legacy. See
I get the impression this bug is not considered worth fixing. Reopened bug
146404 so RH security team can decide on what to do for RHEL 3.
See #152848 for RHL73/RHL9/FC1.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
This hasn't been fixed for FC2 by Fedora Legacy.
The errata mistakenly references this bug, when it should be referencing bug 146404.
Because this is a Fedora Legacy issue, reopening.
Continuing tracking this at #152848, so closing here.
*** This bug has been marked as a duplicate of 152848 ***