Please, find attached a patch for the CVE vulnerability issue encountered by the Debian team.
Description:
The vulnerability is introduced by an insecure change to LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for libraries on a directory other than the standard paths.
CVE-2010-3384
More details can be found here:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598306
will be in 1.3.2