Low: automake security update
Date: Thu, 28 Feb 2013 16:17:04 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Organization: Fermilab
Subject: Security ERRATA Low: automake on SL6.x (noarch)
MIME-Version: 1.0
Synopsis: Low: automake security update
Issue Date: 2013-02-21
CVE Numbers: CVE-2012-3386
--
It was found that the distcheck rule in Automake-generated Makefiles made a
directory world-writable when preparing source archives. If a malicious,
local user could access this directory, they could execute arbitrary code with the
privileges of the user running "make distcheck". (CVE-2012-3386)
--
SL6
noarch
automake-1.11.1-4.el6.noarch.rpm
- Scientific Linux Development Team