Low: automake (SL6)

Synopsis: Low: automake security update
Issue Date: 2013-02-21
CVE Numbers: CVE-2012-3386

It was found that the distcheck rule in Automake-generated Makefiles made a
directory world-writable when preparing source archives. If a malicious, local
user could access this directory, they could execute arbitrary code with the
privileges of the user running “make distcheck”. (CVE-2012-3386)


– Scientific Linux Development Team