USN-1009-1: GNU C Library vulnerabilities
22 October 2010
Local root escalation via LD_AUDIT environment variable.
Tavis Ormandy discovered multiple flaws in the GNU C Library's handling
of the LD_AUDIT environment variable when running a privileged binary. A
local attacker could exploit this to gain root privileges. (CVE-2010-3847,
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.