bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make d

bug-automake

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make d

From:	Stefano Lattarini
Subject:	bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*'
Date:	Fri, 17 Dec 2010 00:19:06 +0100
User-agent:	KMail/1.13.3 (Linux/2.6.30-2-686; KDE/4.4.4; i686; ; )

Hello Ralf and Behdad.

On Wednesday 17 November 2010, Behdad Esfahbod wrote:
>
> On 11/13/10 03:00, Ralf Wildenhues wrote:
>>
>> You are the first person to report this in the 12 months since we
>> released fixed versions of Automake.  I don't have other data to go on
>> but it thus doesn't seem to be a very wide spread issue to me, and
>> there's the obvious workaround of a chmod -R after extraction, no?
>>
> When I read about the fix, this was the first thing that popped into my mind.
> I didn't actually hit this issue.
> 
> But I agree: most probably no one actually relies on the permissions being
> correct right off the tarball anyway.
> 
> Cheers,
> behdad
> 
Given this rationale, would it be ok to close this bug now?

Regards,
  Stefano

[Prev in Thread]

Current Thread

[Next in Thread]

bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*', Stefano Lattarini <=
- bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*', Behdad Esfahbod, 2010/12/17
  - bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*', Stefano Lattarini, 2010/12/17

Prev by Date: bug#7655: conditional _TEXINFOS should be supported
Next by Date: bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*'
Previous by thread: bug#7657: TEXINFOS primary accepts too many prefixes.
Next by thread: bug#7379: On the fix for CVE-2009-4029 Automake security fix for 'make dist*'
Index(es):
- Date
- Thread