automake (SL5)

Synopsis: Low: automake security update
Advisory ID: SLSA-2014:1243-1
Issue Date: 2014-09-16
CVE Numbers: CVE-2012-3386

It was found that the distcheck rule in Automake-generated Makefiles made
a directory world-writable when preparing source archives. If a malicious,
local user could access this directory, they could execute arbitrary code
with the privileges of the user running “make distcheck”. (CVE-2012-3386)


– Scientific Linux Development Team