CVE-2005-3581

Name	CVE-2005-3581
Description	GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
gdal (PTS)	bullseye (security), bullseye	3.2.2+dfsg-2+deb11u2	fixed
	bookworm	3.6.2+dfsg-1	fixed
	trixie	3.10.3+dfsg-1	fixed
	forky, sid	3.11.4+dfsg-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
gdal	source	(unstable)	(not affected)

- gdal <not-affected> (Gentoo-specific packaging flaw)