diff options
Diffstat (limited to 'sys-devel/automake/files/automake-1.8.5-CVE-2009-4029.patch')
| -rw-r--r-- | sys-devel/automake/files/automake-1.8.5-CVE-2009-4029.patch | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/sys-devel/automake/files/automake-1.8.5-CVE-2009-4029.patch b/sys-devel/automake/files/automake-1.8.5-CVE-2009-4029.patch deleted file mode 100644 index 9e42e52c80bd..000000000000 --- a/sys-devel/automake/files/automake-1.8.5-CVE-2009-4029.patch +++ /dev/null @@ -1,60 +0,0 @@ -http://bugs.gentoo.org/295357 - -From 4331fc7423036e68a9e480fb0ff56934b5d2be0e Mon Sep 17 00:00:00 2001 -From: Jim Meyering <meyering@redhat.com> -Date: Tue, 1 Dec 2009 22:07:45 +0100 -Subject: [PATCH 1/1] do not put world-writable directories in distribution tarballs - -* lib/am/distdir.am (distdir): Do not make all directories -group- or world-writable. Instead, use 755. - -Signed-off-by: Ralf Wildenhues <Ralf.Wildenhues@gmx.de> ---- - Makefile.in | 3 ++- - lib/am/distdir.am | 9 +++------ - 4 files changed, 17 insertions(+), 8 deletions(-) - -diff --git a/Makefile.in b/Makefile.in -index f6971b4..c753eaa 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -389,7 +389,8 @@ distdir: $(DISTFILES) - || exit 1; \ - fi; \ - done -- -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ -+ -find "$(distdir)" -type d ! -perm -755 \ -+ -exec chmod u+rwx,go+rx {} \; -o \ - ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \ -diff --git a/lib/am/distdir.am b/lib/am/distdir.am -index 0ed0593..91dbe6b 100644 ---- a/lib/am/distdir.am -+++ b/lib/am/distdir.am -@@ -190,11 +190,7 @@ if %?DIST-TARGETS% - endif %?DIST-TARGETS% - ## - ## This complex find command will try to avoid changing the modes of --## links into the source tree, in case they're hard-linked. It will --## also make directories writable by everybody, because some --## brain-dead tar implementations change ownership and permissions of --## a directory before extracting the files, thus becoming unable to --## extract them. -+## links into the source tree, in case they're hard-linked. - ## - ## Ignore return result from chmod, because it might give an error - ## if we chmod a symlink. -@@ -207,7 +203,8 @@ endif %?DIST-TARGETS% - ## the file in place in the source tree. - ## - if %?TOPDIR_P% -- -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ -+ -find "$(distdir)" -type d ! -perm -755 \ -+ -exec chmod u+rwx,go+rx {} \; -o \ - ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ - ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \ --- -1.6.5.4 - |