Colons not escaped for setting LD_LIBRARY_PATH.
The wrapper script created by ltmain 2.4.6 on Linux sets LD_LIBRARY_PATH as an absolute path. Unfortunately it doesn't escape colons and the colon is the delimiter for paths in LD_LIBRARY_PATH. So the exe doesn't find its library. Could someone help me locate the place where I could modify the escaping? Philipp ___ https://lists.gnu.org/mailman/listinfo/libtool
Re: Colons not escaped for setting LD_LIBRARY_PATH.
* Russ Allbery (ea...@eyrie.org) [20180203 02:57]: > I believe directory names including colons are simply not supported for > LD_LIBRARY_PATH (and various other things, such as PATH). No no no, you get me wrong! What I meant is that colons *are* separators for entries in LD_LIBRARY_PATH and PATH. But now I guess it's more an issue with bash then with libtool as libtool hasn't changed in quite a few years but bash has. So at least for now it seems like a false alarm. Philipp ___ https://lists.gnu.org/mailman/listinfo/libtool
Re: Colons not escaped for setting LD_LIBRARY_PATH.
* Bob Friesenhahn (bfrie...@simple.dallas.tx.us) [20180202 21:01]: > Are you saying that your system includes colons in its filesystem paths? > That would definitely be problematic. Not the system but the open build service uses colons in path names, but you also have to use colons for passing remote path names and colons are allowed they just have to be escaped. Philipp ___ https://lists.gnu.org/mailman/listinfo/libtool
Security fix for libtool
I'm maintaining libtool for SuSE/Novell and have a problem where I would need help from upstreams. You just released 2.2.6a to fix the local load problem. The CVE says that libtool 1.x is also affected but sources have changed enough so that the fix for 2.x can't be applied. In particular the libtool 1.5.x source has a tryall_dlopen that only takes two parameters. If the local load problem does affect 1.5.x I need help in coming up with a patch as I can't do a version update for older released products. Philipp ___ http://lists.gnu.org/mailman/listinfo/libtool
Re: Security fix for libtool
* Bob Friesenhahn (bfrie...@simple.dallas.tx.us) [20091124 18:34]: > >I'm maintaining libtool for SuSE/Novell and have a problem where I would > >need help from upstreams. You just released 2.2.6a to fix the local load > >problem. > > You need 2.2.6b (not 'a'!) to fix the problem. Sorry, I did mean 'b' not 'a'. > A patch for 1.5.26 does exist (see > "http://lists.gnu.org/archive/html/libtool/2009-11/msg00065.html";). That's very good news indeed. > There is no patch for 1.4.X versions. What I have are 1.5.2, 1.5.22 and 1.5.26 and at least for the last one a solution exists. That leaves only two to really care for. > perhaps late '99 have the issue so this is a good time to try to > upgrade libltdl to a consistent modern version. For released distributions, specially the server products this is out of the question, though I would prefer that too. > That said, there is cause for concern under Linux, but (usually) no > need for alarm. And thanks for your answer! Philipp ___ http://lists.gnu.org/mailman/listinfo/libtool
