MDVSA-2010:203 -- Mandriva automakeID: oval:org.secpod.oval:def:301132 | Date: (C)2012-01-07 (M)2021-09-30 |
Class: PATCH | Family: unix |
A vulnerability was discovered and corrected in automake: The dist or distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete . Packages for 2009.0 are provided as of the Extended Maintenance Program
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2010.1 |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |