Mandriva Update for nss_db MDVSA-2010:077 (nss_db)

Please Install the Updated Packages.
A vulnerability has been found and corrected in nss_db: The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module (CVE-2010-0826). The updated packages have been patched to correct this issue.
nss_db on Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64, Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64