Back to list
Oct 27 2010 03:03PM
rPath Update Announcements (announce-noreply rpath com)
rPath Security Advisory: 2010-0071-1
rPath Linux 2
Exposure Level Classification:
Local User Non-deterministic Unauthorized Access
rPath Issue Tracking System:
In previous versions of automake, when producing a distribution
tarball for a package that uses Automake, insecure permissions
were assigned to directories in the build tree, which introduces
a race condition that allows local users to modify the contents of
package files before the build is complete. This has been fixed.
Copyright 2010 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
[ reply ]
Copyright 2010, SecurityFocus