Bug#681408: Change "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386

Aníbal Monsalve Salazar Thu, 12 Jul 2012 19:22:01 -0700

Package: libpng
Version: 1.2.49-1
Severity: important
Tags: security

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3386
http://security-tracker.debian.org/tracker/CVE-2012-3386


Change "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386

diff -urNp libpng-1.2.49/Makefile.in libpng-1.2.50/Makefile.in
--- a/Makefile.in       2012-03-29 15:47:09.000000000 +1100
+++ b/Makefile.in       2012-07-10 10:37:13.000000000 +1000
@@ -1146,7 +1146,7 @@ distcheck: dist
        *.zip*) \
          unzip $(distdir).zip ;;\
        esac
-       chmod -R a-w $(distdir); chmod a+w $(distdir)
+       chmod -R a-w $(distdir); chmod u+w $(distdir)
        mkdir $(distdir)/_build
        mkdir $(distdir)/_inst
        chmod a-w $(distdir)



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#681408: Change "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386

Reply via email to