[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] maint.mk: add sc_vulnerable_makefile_CVE-2012-3386
From: |
Jim Meyering |
Subject: |
[PATCH] maint.mk: add sc_vulnerable_makefile_CVE-2012-3386 |
Date: |
Mon, 09 Jul 2012 18:32:50 +0200 |
To accompany automake's just-fixed "make distcheck" vulnerability,
http://thread.gmane.org/gmane.comp.sysutils.automake.patches/8572
here's a syntax-check rule like the one for CVE-2009-4029:
>From 48fe477c9008efadab8cf8c0c3240d824c12a8b9 Mon Sep 17 00:00:00 2001
From: Jim Meyering <address@hidden>
Date: Mon, 9 Jul 2012 16:24:00 +0200
Subject: [PATCH] maint.mk: add sc_vulnerable_makefile_CVE-2012-3386
* top/maint.mk (sc_vulnerable_makefile_CVE-2012-3386): New rule.
---
ChangeLog | 3 +++
top/maint.mk | 9 +++++++++
2 files changed, 12 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index c3da46b..c642230 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
2012-07-09 Jim Meyering <address@hidden>
+ maint.mk: add sc_vulnerable_makefile_CVE-2012-3386
+ * top/maint.mk (sc_vulnerable_makefile_CVE-2012-3386): New rule.
+
maint.mk: _sc_search_regexp, sc_vulnerable_makefile_CVE-2009-4029: fix
Bugs in both of those conspired to make the
sc_vulnerable_makefile_CVE-2009-4029 rule 99% useless.
diff --git a/top/maint.mk b/top/maint.mk
index 2361d00..0023989 100644
--- a/top/maint.mk
+++ b/top/maint.mk
@@ -1223,6 +1223,15 @@ sc_vulnerable_makefile_CVE-2009-4029:
' see http://bugzilla.redhat.com/542609 for details') \
$(_sc_search_regexp)
+sc_vulnerable_makefile_CVE-2012-3386:
+ @prohibit='chmod a\+w \$$\(distdir\)' \
+ in_files=(^\|/)Makefile\\.in$$ \
+ halt=$$(printf '%s\n' \
+ 'the above files are vulnerable; beware of running' \
+ ' "make distcheck", and upgrade to fixed automake' \
+ ' see http://bugzilla.redhat.com/CVE-2012-3386 for details') \
+ $(_sc_search_regexp)
+
vc-diff-check:
(unset CDPATH; cd $(srcdir) && $(VC) diff) > vc-diffs || :
if test -s vc-diffs; then \
--
1.7.11.1.116.g8228a23
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [PATCH] maint.mk: add sc_vulnerable_makefile_CVE-2012-3386,
Jim Meyering <=