diff -u automake1.9-1.9.6+nogfdl/Makefile.in automake1.9-1.9.6+nogfdl/Makefile.in --- automake1.9-1.9.6+nogfdl/Makefile.in +++ automake1.9-1.9.6+nogfdl/Makefile.in @@ -408,7 +408,8 @@ || exit 1; \ fi; \ done - -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ + -find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \ diff -u automake1.9-1.9.6+nogfdl/debian/changelog automake1.9-1.9.6+nogfdl/debian/changelog --- automake1.9-1.9.6+nogfdl/debian/changelog +++ automake1.9-1.9.6+nogfdl/debian/changelog @@ -1,3 +1,20 @@ +automake1.9 (1.9.6+nogfdl-3.1ubuntu1) natty; urgency=low + + * Merge with Debian; remaining changes: + - Fix m4/python.m4 (AM_PATH_PYTHON). + - Don't bump the priority for the alternatives. + + -- Matthias Klose Wed, 24 Nov 2010 17:52:15 +0100 + +automake1.9 (1.9.6+nogfdl-3.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fixed CVE-2009-4029: do not assign insecure permissions to directories in + build tree. + + + -- Giuseppe Iuculano Mon, 08 Mar 2010 23:29:32 +0100 + automake1.9 (1.9.6+nogfdl-3ubuntu3) karmic; urgency=low * python.m4: Update to the patch integrated upstream. LP: #377584. only in patch2: unchanged: --- automake1.9-1.9.6+nogfdl.orig/xxx +++ automake1.9-1.9.6+nogfdl/xxx @@ -0,0 +1,63 @@ +diff -pruN 1.9.6+nogfdl-3/debian/automake1.9.postinst 1.9.6+nogfdl-3ubuntu3/debian/automake1.9.postinst +--- 1.9.6+nogfdl-3/debian/automake1.9.postinst 2009-05-17 17:20:01.000000000 +0100 ++++ 1.9.6+nogfdl-3ubuntu3/debian/automake1.9.postinst 2009-05-17 17:18:09.000000000 +0100 +@@ -1,7 +1,7 @@ + #!/bin/sh -e + + ver=1.9 +-prio=27 ++prio=25 + + update-alternatives --install /usr/bin/automake automake \ + /usr/bin/automake-$ver $prio \ +diff -pruN 1.9.6+nogfdl-3/m4/python.m4 1.9.6+nogfdl-3ubuntu3/m4/python.m4 +--- 1.9.6+nogfdl-3/m4/python.m4 2005-07-01 22:39:16.000000000 +0100 ++++ 1.9.6+nogfdl-3ubuntu3/m4/python.m4 2009-05-17 17:18:09.000000000 +0100 +@@ -117,8 +117,21 @@ python2.1 python2.0 python1.6 python1.5] + dnl doesn't work. + AC_CACHE_CHECK([for $am_display_PYTHON script directory], + [am_cv_python_pythondir], +- [am_cv_python_pythondir=`$PYTHON -c "from distutils import sysconfig; print sysconfig.get_python_lib(0,0,prefix='$PYTHON_PREFIX')" 2>/dev/null || +- echo "$PYTHON_PREFIX/lib/python$PYTHON_VERSION/site-packages"`]) ++ [if test "x$prefix" = xNONE ++ then ++ am_py_prefix=$ac_default_prefix ++ else ++ am_py_prefix=$prefix ++ fi ++ am_cv_python_pythondir=`$PYTHON -c "import sys; from distutils import sysconfig; sys.stdout.write(sysconfig.get_python_lib(0,0,prefix='$am_py_prefix'))" 2>/dev/null || ++ echo "$PYTHON_PREFIX/lib/python$PYTHON_VERSION/site-packages"` ++ case $am_cv_python_pythondir in ++ $am_py_prefix*) ++ am__strip_prefix=`echo "$am_py_prefix" | sed 's|.|.|g'` ++ am_cv_python_pythondir=`echo "$am_cv_python_pythondir" | sed "s,^$am__strip_prefix,$PYTHON_PREFIX,"` ++ ;; ++ esac ++ ]) + AC_SUBST([pythondir], [$am_cv_python_pythondir]) + + dnl pkgpythondir -- $PACKAGE directory under pythondir. Was +@@ -134,8 +147,21 @@ python2.1 python2.0 python1.6 python1.5] + dnl doesn't work. + AC_CACHE_CHECK([for $am_display_PYTHON extension module directory], + [am_cv_python_pyexecdir], +- [am_cv_python_pyexecdir=`$PYTHON -c "from distutils import sysconfig; print sysconfig.get_python_lib(1,0,prefix='$PYTHON_EXEC_PREFIX')" 2>/dev/null || +- echo "${PYTHON_EXEC_PREFIX}/lib/python${PYTHON_VERSION}/site-packages"`]) ++ [if test "x$exec_prefix" = xNONE ++ then ++ am_py_exec_prefix=$am_py_prefix ++ else ++ am_py_exec_prefix=$exec_prefix ++ fi ++ am_cv_python_pyexecdir=`$PYTHON -c "import sys; from distutils import sysconfig; sys.stdout.write(sysconfig.get_python_lib(1,0,prefix='$am_py_exec_prefix'))" 2>/dev/null || ++ echo "$PYTHON_EXEC_PREFIX/lib/python$PYTHON_VERSION/site-packages"` ++ case $am_cv_python_pyexecdir in ++ $am_py_exec_prefix*) ++ am__strip_prefix=`echo "$am_py_exec_prefix" | sed 's|.|.|g'` ++ am_cv_python_pyexecdir=`echo "$am_cv_python_pyexecdir" | sed "s,^$am__strip_prefix,$PYTHON_EXEC_PREFIX,"` ++ ;; ++ esac ++ ]) + AC_SUBST([pyexecdir], [$am_cv_python_pyexecdir]) + + dnl pkgpyexecdir -- $(pyexecdir)/$(PACKAGE) only in patch2: unchanged: --- automake1.9-1.9.6+nogfdl.orig/lib/am/distdir.am +++ automake1.9-1.9.6+nogfdl/lib/am/distdir.am @@ -192,11 +192,7 @@ endif %?DIST-TARGETS% ## ## This complex find command will try to avoid changing the modes of -## links into the source tree, in case they're hard-linked. It will -## also make directories writable by everybody, because some -## brain-dead tar implementations change ownership and permissions of -## a directory before extracting the files, thus becoming unable to -## extract them. +## links into the source tree, in case they're hard-linked. ## ## Ignore return result from chmod, because it might give an error ## if we chmod a symlink. @@ -209,7 +205,8 @@ ## the file in place in the source tree. ## if %?TOPDIR_P% - -find $(distdir) -type d ! -perm -777 -exec chmod a+rwx {} \; -o \ + -find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(SHELL) $(install_sh) -c -m a+r {} {} \; \