ALAS-2014-401


Amazon Linux AMI Security Advisory: ALAS-2014-401
Advisory Release Date: 2014-09-19 12:01 Pacific
Severity: Low
References: CVE-2012-3386 

Issue Overview:

It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck".


Affected Packages:

automake19


Issue Correction:
Run yum update automake19 to update your system.

New Packages:
noarch:
    automake19-1.9.6-3.12.amzn1.noarch

src:
    automake19-1.9.6-3.12.amzn1.src