Signed-off-by: Stefano Lattarini <stefano.lattar...@gmail.com> --- NEWS | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/NEWS b/NEWS index 800c7eb..8475ac2 100644 --- a/NEWS +++ b/NEWS @@ -99,12 +99,12 @@ Bugs fixed in 1.12.2: * SECURITY VULNERABILITIES! - - The recipe of the 'distcheck' no longer grants anymore temporary - world-wide write permissions on the extracted distdir. Even if such - rights were only granted for a vanishingly small time window, the - implied race condition proved to be enough to allow a local attacker - to run arbitrary code with the privileges of the user running "make - distcheck". This is CVE-2012-3386. + - The 'distcheck' recipe no longer grants temporary world-write + permissions on the extracted distdir. Even if such rights were + only granted for a vanishingly small time window, the implied + race condition proved to be enough to allow a local attacker + to run arbitrary code with the privileges of the user running + "make distcheck". This is CVE-2012-3386. * Long-standing bugs: -- 1.7.9.5