Proposed stable update for automake1.7. -- Eric Dorland <e...@kuroneko.ca> ICQ: #61138586, Jabber: ho...@jabber.com
diff -u automake1.7-1.7.9/debian/changelog automake1.7-1.7.9/debian/changelog --- automake1.7-1.7.9/debian/changelog +++ automake1.7-1.7.9/debian/changelog @@ -1,3 +1,10 @@ +automake1.7 (1.7.9-9.1+squeeze1) stable; urgency=low + + * lib/am/distdir.am: Backport fix for CVE-2012-3386 "Temporary worldwide + write permissions during make distcheck". (Closes: #681119) + + -- Eric Dorland <e...@debian.org> Mon, 30 Jul 2012 23:19:21 -0400 + automake1.7 (1.7.9-9.1) unstable; urgency=high * Non-maintainer upload by the Security Team. diff -u automake1.7-1.7.9/lib/am/distdir.am automake1.7-1.7.9/lib/am/distdir.am --- automake1.7-1.7.9/lib/am/distdir.am +++ automake1.7-1.7.9/lib/am/distdir.am @@ -295,7 +295,7 @@ ## Make the new source tree read-only. Distributions ought to work in ## this case. However, make the top-level directory writable so we ## can make our new subdirs. - chmod -R a-w $(distdir); chmod a+w $(distdir) + chmod -R a-w $(distdir); chmod u+w $(distdir) mkdir $(distdir)/_build mkdir $(distdir)/_inst ## Undo the write access.
signature.asc
Description: Digital signature
