SciLinux: CVE-2009-4029 Low: automake SL5.x i386/x86_64
Summary
Standards. If a malicious, local user could access the directory where avictim was creating distribution archives, they could use this flaw tomodify the files being added to those archives. Makefiles generated bythese updated automake packages no longer make distribution directoriesworld-writable, as recommended by the updated GNU Coding Standards.(CVE-2009-4029)Note: This issue affected Makefile targets used by developers to preparedistribution source archives. Those targets are not used when compilingprograms from the source code.SL 5.xSRPMS:automake-1.9.6-2.3.el5.src.rpmautomake14-1.4p6-13.el5.1.src.rpmautomake15-1.5-16.el5.2.src.rpmautomake16-1.6.3-8.el5.1.src.rpmautomake17-1.7.9-7.el5.2.src.rpmi386:automake14-1.4p6-13.el5.1.noarch.rpmautomake15-1.5-16.el5.2.noarch.rpmautomake16-1.6.3-8.el5.1.noarch.rpmautomake17-1.7.9-7.el5.2.noarch.rpmautomake-1.9.6-2.3.el5.noarch.rpmx86_64:automake14-1.4p6-13.el5.1.noarch.rpmautomake15-1.5-16.el5.2.noarch.rpmautomake16-1.6.3-8.el5.1.noarch.rpmautomake17-1.7.9-7.el5.2.noarch.rpmautomake-1.9.6-2.3.el5.noarch.rpm-Connie Sieh-Troy Dawson