Mandriva Linux Security Advisory 2010-077 - The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module. The updated packages have been patched to correct this issue.
ccece97cdc94a42632eb60fec233e0eaedd86806ceda46b8535014ee4a06839a