* Adam D. Barratt (adam@adam-barratt.org.uk) wrote: > On Wed, 2012-07-25 at 00:32 -0400, Eric Dorland wrote: > > Sorry Jonathan, due to some personal commitments and the flu I haven't > > gotten to this yet. But I'll prepare these by the end of the week. > > It appears this was uploaded already, as it's now sitting in p-u-NEW. > Now that that's happened, it will get processed in due course, but for > any future issues, please bear in mind that Jonathan's message said: > > > > Please prepare a minimal-changes upload targetting each of these suites, > > > and submit a debdiff to the Release Team [0] for consideration. They will > > > offer additional guidance or instruct you to upload your package. > [...] > >> 0: debian-release@lists.debian.org > > We should consider changing that to be a request to file a bug, but in > any case the discussion is intended to happen /before/ the upload, not > as a result of it. Sorry about that. I didn't reread the instructions when I was preparing the package and forgot this step. Attached is the debdiff. I still need to upload automake1.10, automake1.9 and automake1.7. Would you like to see those diffs as well? They will be the same. -- Eric Dorland <eric@kuroneko.ca> ICQ: #61138586, Jabber: hooty@jabber.com
diff -Nru automake1.11-1.11.1/debian/changelog automake1.11-1.11.1/debian/changelog --- automake1.11-1.11.1/debian/changelog 2010-01-18 00:49:09.000000000 -0500 +++ automake1.11-1.11.1/debian/changelog 2012-07-29 03:20:29.000000000 -0400 @@ -1,3 +1,10 @@ +automake1.11 (1:1.11.1-1+squeeze1) stable; urgency=low + + * lib/am/distdir.am: Fixes CVE-2012-3386 "Temporary worldwide write + permissions during make distcheck". (Closes: #681097) + + -- Eric Dorland <eric@debian.org> Sun, 29 Jul 2012 03:19:19 -0400 + automake1.11 (1:1.11.1-1) unstable; urgency=low * New upstream release. Contains fix for CVE-2009-4029, which created diff -Nru automake1.11-1.11.1/debian/patches/debian-changes automake1.11-1.11.1/debian/patches/debian-changes --- automake1.11-1.11.1/debian/patches/debian-changes 2010-01-18 00:57:26.000000000 -0500 +++ automake1.11-1.11.1/debian/patches/debian-changes 2012-07-29 03:37:59.000000000 -0400 @@ -1,4 +1,15 @@ Please use the git repo for development. +--- automake1.11-1.11.1.orig/lib/am/distdir.am ++++ automake1.11-1.11.1/lib/am/distdir.am +@@ -441,7 +441,7 @@ distcheck: dist + ## Make the new source tree read-only. Distributions ought to work in + ## this case. However, make the top-level directory writable so we + ## can make our new subdirs. +- chmod -R a-w $(distdir); chmod a+w $(distdir) ++ chmod -R a-w $(distdir); chmod u+w $(distdir) + mkdir $(distdir)/_build + mkdir $(distdir)/_inst + ## Undo the write access. --- automake1.11-1.11.1.orig/lib/Automake/Makefile.in +++ automake1.11-1.11.1/lib/Automake/Makefile.in @@ -37,14 +37,7 @@ subdir = lib/Automake
Attachment:
signature.asc
Description: Digital signature