Branches for Squeeze

Author: Iain Lane
Revision Date: 2010-11-29 18:59:02 UTC

[bc0695b] Fix insecure LD_LIBRARY_PATH. A vulnerability existed
where if LD_LIBRARY_PATH were set but empty, a trailing : as a path
separator would still be appended to the path, exposing an
insecure/invalid search path. Using :+: instead of +: prevents this
as ${X:+:$X} returns X iff X is set and not empty whereas ${X+:$X}
returns X iff X is set (it may be empty). References: CVE-2010-4005
(Closes: #605096)