Dan Rosenberg discovered that in couchdb, a distributed, fault-tolerant and schema-free document-oriented database, an insecure library search path is used; a local attacker could execute arbitrary code by first dumping a maliciously crafted shared library in some directory, and then having an administrator run couchdb from this same directory. For the stable distribution , this problem has been fixed in version 0.8.0-2+lenny1. We recommend that you upgrade your couchdb package.