The warning for CVE-2020-27348 could include a reference to how to fix
Bug #1918267 reported by
Sebastien Bacher
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snapcraft |
Triaged
|
Low
|
Chris Patterson | ||
Bug Description
Checking a build log I saw the warning
'CVE-2020-27348: A potentially empty LD_LIBRARY_PATH has been set for environment in 'quadrapassel'. The current working directory will be added to the library path if empty. This can cause unexpected libraries to be loaded.'
It's nice that it gives a warning about the issue but it would be even better if it was hinting on how to fix the issue or pointing to some online resources on the topic
Revision history for this message
| Sergio Schvezov (sergiusens) wrote | #1 |
| Changed in snapcraft: | |
| status: | New → Triaged |
| importance: | Undecided → Low |
| assignee: | nobody → Chris Patterson (cjp256) |
To post a comment you must log in.
We should link to documentation.