Scientific Linux: SLSA-2014:1243-1 Low: Automake Local Execution Risk

Sep 26, 2014 •

LinuxSecurity Advisories

1 min read

Topics Covered

security advisory security issue low severity local code execution automake update scientific linux

Low: automake security update

Date: Fri, 26 Sep 2014 14:44:56 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Low: automake on SL5.x (noarch)
MIME-Version: 1.0

Synopsis: Low: automake security update
Advisory ID: SLSA-2014:1243-1
Issue Date: 2014-09-16
CVE Numbers: CVE-2012-3386
--

It was found that the distcheck rule in Automake-generated Makefiles made
a directory world-writable when preparing source archives. If a malicious,
local user could access this directory, they could execute arbitrary code
with the privileges of the user running "make distcheck". (CVE-2012-3386)
--

SL5
 noarch
 automake-1.9.6-3.el5.noarch.rpm

- Scientific Linux Development Team

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here

Scientific Linux: SLSA-2014:1243-1 Low: Automake Local Execution Risk

Topics Covered

Search Advisories & Updates

Recent Searches

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Scientific Linux: SLSA-2014:1243-1 Low: Automake Local Execution Risk

Topics Covered

Search Advisories & Updates

Recent Searches

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!