FS#15083 : [xz-utils] insecure RPATH (with FIXfix)

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#15083 - [xz-utils] insecure RPATH (with FIXfix)

Attached to Project: Arch Linux
Opened by Gerardo Exequiel Pozzi (djgera) - Saturday, 13 June 2009, 01:57 GMT
Last edited by Pierre Schmitz (Pierre) - Saturday, 13 June 2009, 10:55 GMT

Task Type	Bug Report
Category	Packages: Core
Status	Closed
Assigned To	Pierre Schmitz (Pierre)
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description: All files under /usr/bin have this insecure RPATH

RPATH /home/pierre/chroot/arch32-testing/xz-utils/trunk/src/xz-4.999.8beta/src/liblzma/.libs

RPATH /home/pierre/chroot/arch64-testing/xz-utils/trunk/src/xz-4.999.8beta/src/liblzma/.libs

Additional info:
xz-utils-4.999.8beta-3

PKGBUILD.xz-utils.rpath.fix.p... (0.4 KiB)

This task depends upon

Closed by Pierre Schmitz (Pierre)
Saturday, 13 June 2009, 10:55 GMT
Reason for closing: Fixed

Comments (1)
Related Tasks (0/0)

Comment by Pierre Schmitz (Pierre) - Saturday, 13 June 2009, 10:50 GMT

Shouldn't the --disable-rpath configure flag fix this? At least it does not for me; but I added it anyway. But the build system looks quite messed up.

A namcap rule for detecting this would be useful.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

Arch Linux

FS#15083 - [xz-utils] insecure RPATH (with FIXfix)

Details

Loading...