[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] maint: add a syntax-check rule to check for vulnerable Makef
From: |
Eric Blake |
Subject: |
Re: [PATCH] maint: add a syntax-check rule to check for vulnerable Makefile.in |
Date: |
Wed, 27 Jan 2010 18:34:28 -0700 |
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.23) Gecko/20090812 Thunderbird/2.0.0.23 Mnenhy/0.7.6.666 |
According to Jim Meyering on 1/27/2010 2:42 PM:
> I've just pushed this to coreutils.
> I propose to move the rule to gnulib's maint.mk.
> Why? Just noticed that Fedora 11 is still using a vulnerable
> version of automake-1.11, and that some projects don't require
> automake-1.11.1.
>
> Any objections or suggestions?
I like it. It lets projects stick with automake 1.10.3, or even a
vendor-patched 1.9.6+, without falling prey to unpatched 1.10.2 or 1.11.
coreutils, and any other package that already requires 1.11 features (like
building configure scripts that accept --enable-silent-rules) only benefit
by avoiding 1.11, but they can likewise do that by requiring 1.11.1. But
packages that intend to support older automake releases definitely
benefit, so I say move it to gnulib's maint.mk.
+ 'see http://bugzilla.redhat.com/542609 for details' \
That bug report only lists a handful of comments to the public; are we
missing anything in the remaining comments that were screened for security?
--
Don't work too hard, make some time for fun as well!
Eric Blake address@hidden
signature.asc
Description: OpenPGP digital signature