On Fri, Jul 13, 2012 at 03:34:53PM +0200, Jim Meyering wrote:
> It's fixed in the latest, automake-12.2
I think you mean 1.12.2 :-)
> http://bugzilla.redhat.com/CVE-2012-3386
> http://savannah.gnu.org/forum/forum.php?forum_id=7294
However I don't think I see any fixed Fedora builds (1.12
If you run "make distcheck" (the rule generated by automake),
be sure that it is safe. Until a few days ago, running that
rule in a directory readable by others would put you at risk
from a local attacker. It can be exploited reliably.
It's fixed in the latest, automake-12.2
http://bugzilla.