From 318aa88b67be3607023d306cba5747f38f1a6230 Mon Sep 17 00:00:00 2001
From: Danila Leontiev <danila.leontiev@rosalab.ru>
Date: Mon, 16 Jul 2012 16:44:10 +0400
Subject: [PATCH] Security fix

---
 automake-1.11.1-CVE-2012-3386.diff | 14 ++++++++++++++
 automake.spec                      | 11 ++++++++++-
 2 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 automake-1.11.1-CVE-2012-3386.diff

diff --git a/automake-1.11.1-CVE-2012-3386.diff b/automake-1.11.1-CVE-2012-3386.diff
new file mode 100644
index 0000000..98725c4
--- /dev/null
+++ b/automake-1.11.1-CVE-2012-3386.diff
@@ -0,0 +1,14 @@
+
+http://thread.gmane.org/gmane.comp.sysutils.automake.patches/8572
+
+--- lib/am/distdir.am	2009-12-08 18:15:40.000000000 +0000
++++ lib/am/distdir.am.oden	2012-07-12 09:50:14.000000000 +0000
+@@ -441,7 +441,7 @@ distcheck: dist
+ ## Make the new source tree read-only.  Distributions ought to work in
+ ## this case.  However, make the top-level directory writable so we
+ ## can make our new subdirs.
+-	chmod -R a-w $(distdir); chmod a+w $(distdir)
++	chmod -R a-w $(distdir); chmod u+w $(distdir)
+ 	mkdir $(distdir)/_build
+ 	mkdir $(distdir)/_inst
+ ## Undo the write access.
diff --git a/automake.spec b/automake.spec
index 75eb03f..36bb96d 100644
--- a/automake.spec
+++ b/automake.spec
@@ -1,5 +1,6 @@
 %define version 1.11.1
-%define release %mkrel 4
+%define subrel 1
+%define release %mkrel 5
 
 %define amversion 1.11
 
@@ -13,6 +14,7 @@ Release:	%{release}
 License:	GPLv2+
 Group:		Development/Other
 Source0:	ftp://ftp.gnu.org/gnu/automake/automake-%{version}.tar.bz2
+Patch0:		automake-1.11.1-CVE-2012-3386.diff
 # Adds 'make dist-xz' target, backport from git
 URL:		http://sources.redhat.com/automake/
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root
@@ -53,6 +55,7 @@ Autoconf package.
 
 %prep
 %setup -q -n automake-%{version}
+%patch0 -p0 -b .CVE-2012-3386
 
 %build
 # (Abel) config* don't understand noarch-mandriva-linux-gnu arch
@@ -121,6 +124,12 @@ fi
 
 
 %changelog
+* Mon Jul 16 2012 Danila Leontiev <danila.leontiev@rosalab.ru> 1.11.1-5.1
+- Rebuilded for ROSA
+
+* Thu Jul 12 2012 Oden Eriksson <oeriksson@mandriva.com> 1.11.1-3.1
+- P0: security fix for CVE-2012-3386
+
 * Mon May 02 2011 Oden Eriksson <oeriksson@mandriva.com> 1.11.1-3mdv2011.0
 + Revision: 662898
 - mass rebuild