[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Automake-commit] [SCM] GNU Automake branch, master, updated. v1.12.2-10
|
From: |
Stefano Lattarini |
|
Subject: |
[Automake-commit] [SCM] GNU Automake branch, master, updated. v1.12.2-108-gbdb984b |
|
Date: |
Mon, 09 Jul 2012 17:36:29 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Automake".
http://git.sv.gnu.org/gitweb/?p=automake.git;a=commitdiff;h=bdb984ba47508ac1d44d173d8d99c95254ef98e9
The branch, master has been updated
via bdb984ba47508ac1d44d173d8d99c95254ef98e9 (commit)
via 1c8bf11bc8db57ef8e33cff04cb6029143b93ac8 (commit)
via 5243fda46ffffef0762098ce1aa2039db43ce479 (commit)
via 44521c1e38255efad6fc3eabc40b1d5b9639b1e5 (commit)
via 6a49a1b75b392a4b5c139fc2b6de3e4ca56fbdbb (commit)
via 784b3e6ccc7c72a1c95c340cbbe8897d6b689d76 (commit)
via bab7065f75bb9680df8c782da06a8312e5fa95a6 (commit)
via 25510217c2844deccf469db8dc2b1f03072e858c (commit)
via 3187debeb65ca767511cbc1720551c8db4b8e577 (commit)
from 15b8b62ac20add6de8954053335487a7a492a462 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bdb984ba47508ac1d44d173d8d99c95254ef98e9
Merge: 15b8b62 1c8bf11
Author: Stefano Lattarini <address@hidden>
Date: Mon Jul 9 19:33:03 2012 +0200
Merge branch 'maint' (with fix for CVE-2012-3386)
This makes the fix for a locally-exploitable security vulnerability
(CVE-2012-3386) available to the Automake master branch.
* maint:
sync: update files from upstream with "make fetch"
news: improve wording in entry about CVE-2012-3386
maint: post-release minor version bump
release: stable release 1.12.2
distcheck: never make part of $(distdir) world-writable
compat: automake should substitute @mkdir_p@, for backward compatibility
fixup: t/README: it's ./runtest, not ./t/ax/runtest
Signed-off-by: Stefano Lattarini <address@hidden>
-----------------------------------------------------------------------
Summary of changes:
NEWS | 19 ++++++++++++-------
lib/am/distdir.am | 2 +-
lib/am/header-vars.am | 5 -----
lib/config.guess | 6 +++++-
lib/config.sub | 4 ++--
lib/texinfo.tex | 33 +++++++++++++++++++++++++++++++--
m4/init.m4 | 5 +++++
t/README | 3 +--
t/mkdir_p.sh | 12 ++++++++----
9 files changed, 65 insertions(+), 24 deletions(-)
diff --git a/NEWS b/NEWS
index d51a0af..c5ea50f 100644
--- a/NEWS
+++ b/NEWS
@@ -170,6 +170,15 @@ New in 1.12.2:
Bugs fixed in 1.12.2:
+* SECURITY VULNERABILITIES!
+
+ - The 'distcheck' recipe no longer grants temporary world-write
+ permissions on the extracted distdir. Even if such rights were
+ only granted for a vanishingly small time window, the implied
+ race condition proved to be enough to allow a local attacker
+ to run arbitrary code with the privileges of the user running
+ "make distcheck". This is CVE-2012-3386.
+
* Long-standing bugs:
- The "recheck" targets behaves better in the face of build failures
@@ -180,13 +189,9 @@ Bugs fixed in 1.12.2:
* Bugs introduced by 1.12.1:
- - Automake generated Makefiles define once again the $(mkdir_p) make
- variable (simple ans an alias for $(MKDIR_P)), for better backward
- compatibility. The '@mkdir_p@' substitution is however not enabled
- by default anymore; anyone needing it should call the AM_PROG_MKDIR
- m4 macro explicitly (beware that this macro has been deprecated since
- the previous Automake release 1.12.1, and will be removed in Automake
- 1.13).
+ - Automake provides once again the '$(mkdir_p)' make variable and the
+ '@mkdir_p@' substitution (both as simple aliases for '$(MKDIR_P)'),
+ for better backward-compatibility.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/lib/am/distdir.am b/lib/am/distdir.am
index bfe0f31..3063b8a 100644
--- a/lib/am/distdir.am
+++ b/lib/am/distdir.am
@@ -422,7 +422,7 @@ distcheck: dist
## Make the new source tree read-only. Distributions ought to work in
## this case. However, make the top-level directory writable so we
## can make our new subdirs.
- chmod -R a-w $(distdir); chmod a+w $(distdir)
+ chmod -R a-w $(distdir); chmod u+w $(distdir)
mkdir $(distdir)/_build
mkdir $(distdir)/_inst
## Undo the write access.
diff --git a/lib/am/header-vars.am b/lib/am/header-vars.am
index c65e08c..ba4aa0b 100644
--- a/lib/am/header-vars.am
+++ b/lib/am/header-vars.am
@@ -77,11 +77,6 @@ NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
-# For better backward compatibility. To be removed once Automake 1.9.x
-# dies out for good. For more background, see:
-# <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
-mkdir_p = $(MKDIR_P)
-
## dejagnu.am uses these variables. Some users might rely on them too.
?BUILD?build_triplet = @build@
?HOST?host_triplet = @host@
diff --git a/lib/config.guess b/lib/config.guess
index c0adba9..aa04f04 100755
--- a/lib/config.guess
+++ b/lib/config.guess
@@ -4,7 +4,7 @@
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011, 2012 Free Software Foundation, Inc.
-timestamp='2012-06-10'
+timestamp='2012-06-17'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -200,6 +200,10 @@ case
"${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
echo "${machine}-${os}${release}"
exit ;;
+ *:Bitrig:*:*)
+ UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'`
+ echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE}
+ exit ;;
*:OpenBSD:*:*)
UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'`
echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE}
diff --git a/lib/config.sub b/lib/config.sub
index 6205f84..aa2cf19 100755
--- a/lib/config.sub
+++ b/lib/config.sub
@@ -4,7 +4,7 @@
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
# 2011, 2012 Free Software Foundation, Inc.
-timestamp='2012-04-18'
+timestamp='2012-06-17'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@@ -1352,7 +1352,7 @@ case $os in
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
- | -openbsd* | -solidbsd* \
+ | -bitrig* | -openbsd* | -solidbsd* \
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
diff --git a/lib/texinfo.tex b/lib/texinfo.tex
index a5a7b2b..2b646dd 100644
--- a/lib/texinfo.tex
+++ b/lib/texinfo.tex
@@ -3,7 +3,7 @@
% Load plain if necessary, i.e., if running under initex.
\expandafter\ifx\csname fmtname\endcsname\relax\input plain\fi
%
-\def\texinfoversion{2012-06-05.14}
+\def\texinfoversion{2012-07-03.16}
%
% Copyright 1985, 1986, 1988, 1990, 1991, 1992, 1993, 1994, 1995,
% 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
@@ -4206,7 +4206,7 @@ end
}
\def\ifsetfail{\doignore{ifset}}
-% @ifclear VAR ... @end ifclear reads the `...' iff VAR has never been
+% @ifclear VAR ... @end executes the `...' iff VAR has never been
% defined with @set, or has been undefined with @clear.
%
% The `\else' inside the `\doifset' parameter is a trick to reuse the
@@ -4217,6 +4217,35 @@ end
\def\ifclear{\parsearg{\doifset{\else \let\next=\ifclearfail}}}
\def\ifclearfail{\doignore{ifclear}}
+% @ifcommandisdefined CMD ... @end executes the `...' if CMD (written
+% without the @) is in fact defined. We can only feasibly check at the
+% TeX level, so something like `mathcode' is going to considered
+% defined even though it is not a Texinfo command.
+%
+\makecond{ifcommanddefined}
+\def\ifcommanddefined{\parsearg{\doifcmddefined{\let\next=\ifcmddefinedfail}}}
+%
+\def\doifcmddefined#1#2{{%
+ \makevalueexpandable
+ \let\next=\empty
+ \expandafter\ifx\csname #2\endcsname\relax
+ #1% If not defined, \let\next as above.
+ \fi
+ \expandafter
+ }\next
+}
+\def\ifcmddefinedfail{\doignore{ifcommanddefined}}
+
+% @ifcommandnotdefined CMD ... handlded similar to @ifclear above.
+\makecond{ifcommandnotdefined}
+\def\ifcommandnotdefined{%
+ \parsearg{\doifcmddefined{\else \let\next=\ifcmdnotdefinedfail}}}
+\def\ifcmdnotdefinedfail{\doignore{ifcommandnotdefined}}
+
+% Set the `txicommandconditionals' variable, so documents have a way to
+% test if the @ifcommand...defined conditionals are available.
+\set txicommandconditionals
+
% @dircategory CATEGORY -- specify a category of the dir file
% which this file should belong to. Ignore this in TeX.
\let\dircategory=\comment
diff --git a/m4/init.m4 b/m4/init.m4
index 6fb8bee..d841320 100644
--- a/m4/init.m4
+++ b/m4/init.m4
@@ -69,6 +69,11 @@ AM_MISSING_PROG([MAKEINFO], [makeinfo])
AC_REQUIRE([AM_PROG_INSTALL_SH])dnl
AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl
AC_REQUIRE([AC_PROG_MKDIR_P])dnl
+# For better backward compatibility. To be removed once Automake 1.9.x
+# dies out for good. For more background, see:
+# <http://lists.gnu.org/archive/html/automake/2012-07/msg00001.html>
+# <http://lists.gnu.org/archive/html/automake/2012-07/msg00014.html>
+AC_SUBST([mkdir_p], ['$(MKDIR_P)'])
# We need awk for the "check" target. The system "awk" is bad on
# some platforms.
AC_REQUIRE([AC_PROG_AWK])dnl
diff --git a/t/README b/t/README
index 25fd735..60b4252 100644
--- a/t/README
+++ b/t/README
@@ -95,8 +95,7 @@ Supported shells
AM_TEST_RUNNER_SHELL=/bin/my-sh make -e check (non-GNU make)
# Run a test directly from the command line.
- AM_TEST_RUNNER_SHELL=/bin/my-sh ./t/ax/runtest t/foo.sh
-
+ AM_TEST_RUNNER_SHELL=/bin/my-sh ./runtest t/foo.sh
The test scripts are written with portability in mind, and should run
with any decent POSIX shell. However, it is worth nothing that older
diff --git a/t/mkdir_p.sh b/t/mkdir_p.sh
index 624365c..2cc68a3 100755
--- a/t/mkdir_p.sh
+++ b/t/mkdir_p.sh
@@ -27,17 +27,21 @@ END
cat > Makefile.am << 'END'
SUBDIRS = sub
all-local:
- $(mkdir_p) . dir1/dir2
+ $(mkdir_p) . dir1/a
+ @mkdir_p@ . dir2/b
check-local: all
- test -d dir1/dir2
- test -d dir1/dir3
+ test -d dir1/a
+ test -d dir2/b
+ test -d dir3/c
+ test -d dir3/d
END
mkdir sub
cat > sub/Makefile.am << 'END'
# '$(mkdir_p)' should continue to work even in subdir makefiles.
all-local:
- $(mkdir_p) .. ../dir1/dir3
+ $(mkdir_p) .. ../dir3/c
+ @mkdir_p@ .. ../dir3/d
END
$ACLOCAL
hooks/post-receive
--
GNU Automake
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Automake-commit] [SCM] GNU Automake branch, master, updated. v1.12.2-108-gbdb984b,
Stefano Lattarini <=