| |||||||||||||||||||
Mageia alert MGASA-2012-0193 (automake)
MGASA-2012-0193 Date: August 2nd, 2012 Affected releases: 1, 2 Description: Updated automake package fixes security vulnerability: A race condition in automake (lib/am/distdir.am) could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck (CVE-2012-3386). Please note that this vulnerability impacts not only the Automake package itself, but all packages with Automake-generated makefiles. For an effective fix it is necessary to regenerate the Makefile.in files with a fixed Automake version. Updated Packages: Mageia 1: automake-1.11.1-3.1.mga1 automake1.7-1.7.9-13.1.mga1 Mageia 2: automake-1.11.3-1.1.mga2 automake1.7-1.7.9-13.1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386 https://bugzilla.redhat.com/show_bug.cgi?id=838286 https://lists.gnu.org/archive/html/automake/2012-07/msg00... https://lists.gnu.org/archive/html/automake/2012-07/msg00... http://www.mandriva.com/en/support/security/advisories/?d... https://bugs.mageia.org/show_bug.cgi?id=6749 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||