Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - Distributions > Slackware > Slackware - Installation
User Name
Slackware - Installation This forum is for the discussion of installation issues with Slackware.


  Search this Thread
Old 09-03-2013, 11:22 AM   #1
Registered: Nov 2010
Location: Tucson, Arizona US
Distribution: Slackware Current, custom kernel, amd64, Beyond LinuxFromScratch
Posts: 130
Blog Entries: 1

Rep: Reputation: Disabled
gnu automake security alert CVE-2012-3386

Not sure if this is the correct place to put such notices, but the chaps over at GNU posted some sort of security fix for automake:

"Please note that Automake 1.12.2 and Automake 1.11.6 fix a security issue (CVE-2012-3386)..."

Further explanation:
"It is important to stress that this vulnerability impacts not only the Automake package itself, but all packages with Automake-generated makefiles. For an effective fix it is necessary to regenerate the files with a fixed Automake version.

The most recent version of automake I could find in current at is 1.11.5 from 24Jun2012. I figure the distcheck issues is no big deal, which is why we didn't upgrade to 1.11.6? Only folks that use it are those who compile packages from source code, which is probably on a box immune to such nonsense.

"GNU Automake 1.12.2 as well as 1.11.6 fix a locally-exploitable security-related race condition that affects "make distcheck" for all packages that use Automake."

I only mention it because I came across a deprecated form of that needs an autoupdate massage.
Old 09-14-2013, 06:06 PM   #2
Registered: Apr 2009
Location: Oz
Distribution: slackware64-14.0
Posts: 867

Rep: Reputation: 265Reputation: 265Reputation: 265
In all my years of using Linux and compiling various packages from source I can not say I have ever invoked "make distcheck"

Checking out the docs for it and it looks like the only people who would ever use this are the developers of various programs themselves to ensure that their resulting source tarball behaves itself.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices when a cve alert is issued for software on your machine YankeePride13 Linux - Server 2 08-14-2013 02:54 PM
Broken CVE links in latest security updates? FeyFre Slackware 2 03-27-2013 03:18 PM
LXer: Chakra GNU/Linux 2012.09 Has KDE 4.9.1 LXer Syndicated Linux News 0 09-10-2012 06:20 AM
LXer: Chakra GNU/Linux 2012.04 Has KDE SC 4.8.2 LXer Syndicated Linux News 0 04-17-2012 01:30 PM
LXer: Chakra GNU/Linux 2012.02 Has KDE SC 4.8 LXer Syndicated Linux News 0 02-12-2012 07:31 PM > Forums > Linux Forums > Linux - Distributions > Slackware > Slackware - Installation

All times are GMT -5. The time now is 05:53 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration