Mandriva Linux Security Advisory : tomboy (MDVSA-2008:064)
Medium Nessus Plugin ID 37621
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA flaw in how tomboy handles LD_LIBRARY_PATH was discovered where by appending paths to LD_LIBRARY_PATH the program would also search the current directory for shared libraries. In directories containing network data, those libraries could be injected into the application.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected tomboy package.