Bug#598298: Patch for CVE-2010-3366

2010-10-13 Thread Etienne Millon 
Hello,

Here is a patch that fixes this issue.

Regards,

-- 
Etienne Millon
diff -u mn-fit-5.13/debian/changelog mn-fit-5.13/debian/changelog
--- mn-fit-5.13/debian/changelog
+++ mn-fit-5.13/debian/changelog
@@ -1,3 +1,10 @@
+mn-fit (5.13-8) unstable; urgency=low
+
+  * QA upload.
+  * Fix security issue CVE-2010-3366 (Closes: #598298)
+
+ -- Etienne Millon   Wed, 13 Oct 2010 10:14:51 +0200
+
 mn-fit (5.13-7) unstable; urgency=low
 
   * QA upload.
only in patch2:
unchanged:
--- mn-fit-5.13.orig/src/bin/mn_fit
+++ mn-fit-5.13/src/bin/mn_fit
@@ -110,7 +110,7 @@
   ROOTSYS=XXX_ROOTSYS_ENV_XXX
   if [ -n "$ROOTSYS" ]; then
 export ROOTSYS
-LD_LIBRARY_PATH=$ROOTSYS/lib:$LD_LIBRARY_PATH
+LD_LIBRARY_PATH=$ROOTSYS/lib${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
 export LD_LIBRARY_PATH
   fi
 fi


signature.asc
Description: Digital signature

Bug#598298: uploaded to mentors.d.n

2010-10-18 Thread Etienne Millon 
tags 598298 + pending
thanks

I have prepared a QA upload for this package, it is hosted on
mentors.d.n :

http://mentors.debian.net/debian/pool/main/m/mn-fit/mn-fit_5.13-8.dsc

-- 
Etienne Millon


signature.asc
Description: Digital signature