Home page logo

fulldisclosure logo Full Disclosure mailing list archives

rPSA-2010-0071-1 automake
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Wed, 27 Oct 2010 11:03:39 -0400

rPath Security Advisory: 2010-0071-1
Published: 2010-10-27
    rPath Linux 2

Rating: Informational
Exposure Level Classification:
    Local User Non-deterministic Unauthorized Access
Updated Versions:
    automake=conary.rpath.com () rpl:2/1.10-1.1-1

rPath Issue Tracking System:


    In previous versions of automake, when producing a distribution
    tarball for a package that uses Automake, insecure permissions
    were assigned to directories in the build tree, which introduces
    a race condition that allows local users to modify the contents of
    package files before the build is complete.  This has been fixed.


Copyright 2010 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • rPSA-2010-0071-1 automake rPath Update Announcements (Oct 27)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]