Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Fri, 26 Sep 2014 14:44:56 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Low: automake on SL5.x (noarch) MIME-Version: 1.0 Synopsis: Low: automake security update Advisory ID: SLSA-2014:1243-1 Issue Date: 2014-09-16 CVE Numbers: CVE-2012-3386 -- It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck". (CVE-2012-3386) -- SL5 noarch automake-1.9.6-3.el5.noarch.rpm - Scientific Linux Development Team