49 lines
1.8 KiB
Text
49 lines
1.8 KiB
Text
Fix insecure permissions for directories in distfile build tree. CVE-2009-4029
|
|
|
|
--- automake.in.orig Sat Jul 27 22:55:58 2002
|
|
+++ automake.in Thu Nov 20 00:05:32 2014
|
|
@@ -983,7 +983,7 @@ sub finish_languages
|
|
|
|
# Compute the function name of the finisher and then call it.
|
|
$name = 'lang_' . $lang . '_finish';
|
|
- do $name ();
|
|
+ &$name ();
|
|
}
|
|
|
|
# If the project is entirely C++ or entirely Fortran 77, don't
|
|
@@ -1144,7 +1144,7 @@ sub handle_single_transform_list
|
|
# Found the language, so see what it says.
|
|
local ($subr) = 'lang_' . $lang . '_rewrite';
|
|
# Note: computed subr call.
|
|
- local ($r) = do $subr ($base, $extension);
|
|
+ local ($r) = &$subr ($base, $extension);
|
|
# Skip this entry if we were asked not to process it.
|
|
next if ! $r;
|
|
|
|
@@ -2012,7 +2012,7 @@ sub handle_texinfo
|
|
# dependency list.
|
|
@texi_deps = ();
|
|
push (@texi_deps, $info_cursor);
|
|
- push (@texi_deps, $vtexi) if $vtexi;
|
|
+ push (@texi_deps, '$(srcdir)/'.$vtexi) if $vtexi;
|
|
|
|
# Canonicalize name first.
|
|
($canonical = $infobase) =~ tr/A-Za-z0-9_/_/c;
|
|
@@ -2336,7 +2336,7 @@ sub handle_dist_worker
|
|
# Create dist directory.
|
|
$output_rules .= ("\t-rm -rf \$(distdir)\n"
|
|
. "\tmkdir \$(distdir)\n"
|
|
- . "\t-chmod 777 \$(distdir)\n");
|
|
+ . "\t-chmod 755 \$(distdir)\n");
|
|
}
|
|
|
|
# Only run automake in `dist' target if --include-deps and
|
|
@@ -2468,7 +2468,7 @@ sub handle_dist_worker
|
|
. "\t" . ' test -d $(distdir)/$$subdir ' . "\\\n"
|
|
. "\t" . ' || mkdir $(distdir)/$$subdir ' . "\\\n"
|
|
. "\t" . ' || exit 1; ' . "\\\n"
|
|
- . "\t" . ' chmod 777 $(distdir)/$$subdir; ' . "\\\n"
|
|
+ . "\t" . ' chmod 755 $(distdir)/$$subdir; ' . "\\\n"
|
|
. "\t" . ' (cd $$subdir'
|
|
. ' && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$('
|
|
. (($relative_dir eq '.') ? 'distdir' : 'top_distdir')
|