Public bug reported:
If the ld cache configuration is wrong, the correct shared objects
contained in the package are never found or wrong versions being picked
up.
Example:
libnss3 is defined by a quite a few packages including Thunderbird, libnss3 and
Firefox.
Depending on the particular linker cache config, the wrong version may be
picked up.
Mitigation: enhance /usr/bin/firefox to explicitely include the correct
path of its shared objects in the loader path (cf. attached patch).
** Affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "tmp"
https://bugs.launchpad.net/bugs/1695326/+attachment/4887992/+files/tmp
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1695326
Title:
Firefox loader hardening
Status in firefox package in Ubuntu:
New
Bug description:
If the ld cache configuration is wrong, the correct shared objects
contained in the package are never found or wrong versions being
picked up.
Example:
libnss3 is defined by a quite a few packages including Thunderbird, libnss3
and Firefox.
Depending on the particular linker cache config, the wrong version may be
picked up.
Mitigation: enhance /usr/bin/firefox to explicitely include the
correct path of its shared objects in the loader path (cf. attached
patch).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1695326/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
