newsNews: Upload security verification

 
 
Show feedback again
Latest News
Pound version 4.14 posted by gray, Sun Oct 13 19:15:01 2024 - 0 replies
GNU Rush Version 2.4 posted by gray, Fri Aug 9 12:36:19 2024 - 0 replies
Tallyman version 1.5 posted by gray, Fri Aug 9 11:31:55 2024 - 0 replies
genrc version 1.5.3 posted by gray, Tue Jul 16 13:49:21 2024 - 0 replies
genrc version 1.5.2 posted by gray, Tue Jul 16 05:15:43 2024 - 0 replies
[44 news in archive]

Upload security verification

Item posted by Sergey Poznyakoff <gray> on Sun Jan 3 10:53:20 2010.

In response to the discovery of a potential security problem in Automake versions up to 1.11 (CVE-2009-4029), Puszcza now enforces a security verification procedure on distribution uploads. Any uploaded tarball whose top-level Makefile.in contains this security hole will be rejected. Please, make sure the tarballs you upload are created using Automake v. 1.11.1 (or later).

For more information on CVE-2009-4029, refer to http://thread.gmane.org/gmane.comp.sysutils.autotools.announce/131.

Comments:

No messages in Upload security verification

 

Show feedback again

Back to the top


Copyright © 2005 – 2021 Sergey Poznyakoff
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.

Powered by Savane 3.1-cleanup+gray