Note that this bug is likely a security hole; /usr/bin/ghc loading .so files relative to the CWD could be exploted.
When ghc's postinst runs ghc-pkg, it seems that dpkg does something that prevents those relative paths being used (possibly just a chdir, didn't check). So, it's at least not trivially exploitable by getting root to install ghc when root is in /tmp. -- see shy jo
signature.asc
Description: Digital signature