LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Low: automake security update
Advisory ID:       SLSA-2014:1243-1
Issue Date:        2014-09-16
CVE Numbers:       CVE-2012-3386
--

It was found that the distcheck rule in Automake-generated Makefiles made
a directory world-writable when preparing source archives. If a malicious,
local user could access this directory, they could execute arbitrary code
with the privileges of the user running "make distcheck". (CVE-2012-3386)
--

SL5
  noarch
    automake-1.9.6-3.el5.noarch.rpm

- Scientific Linux Development Team