[Automake-commit] [SCM] GNU Automake branch, branch-1-4, updated. Releas

automake-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Automake-commit] [SCM] GNU Automake branch, branch-1-4, updated. Releas

From:	Ralf Wildenhues
Subject:	[Automake-commit] [SCM] GNU Automake branch, branch-1-4, updated. Release-1-4-p6-3-gd35051b
Date:	Tue, 08 Dec 2009 22:12:17 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Automake".

http://git.sv.gnu.org/gitweb/?p=automake.git;a=commitdiff;h=d35051b68e1bd1c6d2b6b6f604565c1481c96203

The branch, branch-1-4 has been updated
       via  d35051b68e1bd1c6d2b6b6f604565c1481c96203 (commit)
       via  449d20aa12e13fefd848604225fc83d0c39c61d0 (commit)
      from  94b605149432a1c400401847ce3e04f0448dd0c2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d35051b68e1bd1c6d2b6b6f604565c1481c96203
Author: Ralf Wildenhues <address@hidden>
Date:   Tue Dec 8 22:33:21 2009 +0100

    Update NEWS.
    
    * NEWS: Update.
    
    Signed-off-by: Ralf Wildenhues <address@hidden>

commit 449d20aa12e13fefd848604225fc83d0c39c61d0
Author: Jim Meyering <address@hidden>
Date:   Tue Dec 1 22:48:15 2009 +0100

    do not put world-writable directories in distribution tarballs
    
    * automake.in (handle_dist_worker): Do not make all directories
    group- or world-writable.  Instead, use 755.
    * NEWS: Update.
    
    Signed-off-by: Ralf Wildenhues <address@hidden>

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog   |   11 +++++++++++
 Makefile.in |    4 ++--
 NEWS        |    6 ++++++
 automake.in |    4 ++--
 4 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 9451758..d7b91f0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2009-12-08  Ralf Wildenhues  <address@hidden>
+
+       * NEWS: Update.
+
+2009-11-28  Jim Meyering  <address@hidden>
+
+       do not put world-writable directories in distribution tarballs
+       * lib/am/distdir.am (distdir): Do not make all directories
+       group- or world-writable.  Instead, use 755.
+       * NEWS: Update.
+
 2002-07-27  Tom Tromey  <address@hidden>
 
        * configure.in: Updated version number.
diff --git a/Makefile.in b/Makefile.in
index 93da407..59eb9f4 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -456,7 +456,7 @@ dist-all: distdir
 distdir: $(DISTFILES)
        -rm -rf $(distdir)
        mkdir $(distdir)
-       -chmod 777 $(distdir)
+       -chmod 755 $(distdir)
        here=`cd $(top_builddir) && pwd`; \
        top_distdir=`cd $(distdir) && pwd`; \
        distdir=`cd $(distdir) && pwd`; \
@@ -477,7 +477,7 @@ distdir: $(DISTFILES)
            test -d $(distdir)/$$subdir \
            || mkdir $(distdir)/$$subdir \
            || exit 1; \
-           chmod 777 $(distdir)/$$subdir; \
+           chmod 755 $(distdir)/$$subdir; \
            (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(distdir) 
distdir=../$(distdir)/$$subdir distdir) \
              || exit 1; \
          fi; \
diff --git a/NEWS b/NEWS
index 09e4828..9ad0b9b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,9 @@
+New in 1.4-p6a:
+* The distribution is tarred up with mode 755 now by the `dist*' targets.
+  This fixes a race condition where untrusted users could modify files
+  in the $(PACKAGE)-$(VERSION) distdir before packing if the toplevel
+  build directory was world-searchable.  This is CVE-2009-4029.
+
 New in 1.4-p6:
 * Versioned install support back-ported from 1.6
 
diff --git a/automake.in b/automake.in
index 8eceea7..8f48236 100755
--- a/automake.in
+++ b/automake.in
@@ -2336,7 +2336,7 @@ sub handle_dist_worker
        # Create dist directory.
        $output_rules .= ("\t-rm -rf \$(distdir)\n"
                          . "\tmkdir \$(distdir)\n"
-                         . "\t-chmod 777 \$(distdir)\n");
+                         . "\t-chmod 755 \$(distdir)\n");
     }
 
     # Only run automake in `dist' target if --include-deps and
@@ -2468,7 +2468,7 @@ sub handle_dist_worker
             . "\t" . '    test -d $(distdir)/$$subdir ' . "\\\n"
             . "\t" . '    || mkdir $(distdir)/$$subdir ' . "\\\n"
             . "\t" . '    || exit 1; ' . "\\\n"
-            . "\t" . '    chmod 777 $(distdir)/$$subdir; ' . "\\\n"
+            . "\t" . '    chmod 755 $(distdir)/$$subdir; ' . "\\\n"
             . "\t" . '    (cd $$subdir'
             . ' && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$('
             . (($relative_dir eq '.') ? 'distdir' : 'top_distdir')


hooks/post-receive
-- 
GNU Automake

[Prev in Thread]

Current Thread

[Next in Thread]

[Automake-commit] [SCM] GNU Automake branch, branch-1-4, updated. Release-1-4-p6-3-gd35051b, Ralf Wildenhues <=

Prev by Date: [Automake-commit] [SCM] GNU Automake branch, master, updated. v1.11-90-gb3f8778
Next by Date: [Automake-commit] [SCM] GNU Automake branch, branch-1-6, updated. Release-1-6-3-4-gdd64c78
Previous by thread: [Automake-commit] [SCM] GNU Automake branch, master, updated. v1.11-90-gb3f8778
Next by thread: [Automake-commit] [SCM] GNU Automake branch, branch-1-6, updated. Release-1-6-3-4-gdd64c78
Index(es):
- Date
- Thread