newsNews: Upload security verification

 
 
Show feedback again
Latest News
New SSL certificate posted by gray, Tue 12 Jul 2016 08:33:53 PM EEST - 0 replies
Planned maintenance: stage 2 posted by gray, Thu 12 Mar 2015 02:07:09 PM EET - 0 replies
Planned maintenance posted by gray, Thu 12 Mar 2015 02:04:30 PM EET - 0 replies
Out-of-band notification service posted by gray, Wed 19 Feb 2014 11:17:56 AM EET - 0 replies
New SSL certificate posted by gray, Tue 22 Oct 2013 08:54:51 AM EEST - 0 replies
[24 news in archive]

Upload security verification

Item posted by Sergey Poznyakoff <gray> on Sun 03 Jan 2010 12:53:20 PM EET.

In response to the discovery of a potential security problem in Automake versions up to 1.11 (CVE-2009-4029), Puszcza now enforces a security verification procedure on distribution uploads. Any uploaded tarball whose top-level Makefile.in contains this security hole will be rejected. Please, make sure the tarballs you upload are created using Automake v. 1.11.1 (or later).

For more information on CVE-2009-4029, refer to http://thread.gmane.org/gmane.comp.sysutils.autotools.announce/131.

Comments:

No messages in Upload security verification

 

Show feedback again

Back to the top


Powered by Savane 3.1-cleanup+gray