[libvirt PATCH 3/9] syntax-check: drop vulnerable Makefile checks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



As foretold, fixed automake is so common nowadays even Ubuntu 16.04
and Debian 9 have 1.11.6 as the oldest available version.

Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx>
---
 build-aux/syntax-check.mk | 30 ------------------------------
 1 file changed, 30 deletions(-)

diff --git a/build-aux/syntax-check.mk b/build-aux/syntax-check.mk
index 58a24b6276..52a6062ad5 100644
--- a/build-aux/syntax-check.mk
+++ b/build-aux/syntax-check.mk
@@ -130,17 +130,6 @@ syntax-check: $(local-check)
 
 _test_script_regex = \<test-lib\.sh\>
 
-# Most developers don't run 'make distcheck'.  We want the official
-# dist to be secure, but don't want to penalize other developers
-# using a distro that has not yet picked up the automake fix.
-# FIXME remove this ifeq (making the syntax check unconditional)
-# once fixed automake (1.11.6 or 1.12.2+) is more common.
-ifeq ($(filter dist%, $(MAKECMDGOALS)), )
-local-checks-to-skip +=	sc_vulnerable_makefile_CVE-2012-3386
-else
-distdir: sc_vulnerable_makefile_CVE-2012-3386.z
-endif
-
 # Files that should never cause syntax check failures.
 VC_LIST_ALWAYS_EXCLUDE_REGEX = \
   (^(docs/(news(-[0-9]*)?\.html\.in|.*\.patch))|\.(po|fig|gif|ico|png))$$
@@ -1957,25 +1946,6 @@ sc_prohibit_path_max_allocation:
 	halt='Avoid stack allocations of size PATH_MAX'			\
 	  $(_sc_search_regexp)
 
-sc_vulnerable_makefile_CVE-2009-4029:
-	@prohibit='perm -777 -exec chmod a\+rwx|chmod 777 \$$\(distdir\)' \
-	in_files='(^|/)Makefile\.in$$'					\
-	halt=$$(printf '%s\n'						\
-	  'the above files are vulnerable; beware of running'		\
-	  '  "make dist*" rules, and upgrade to fixed automake'		\
-	  '  see https://bugzilla.redhat.com/show_bug.cgi?id=542609 for details') \
-	  $(_sc_search_regexp)
-
-sc_vulnerable_makefile_CVE-2012-3386:
-	@prohibit='chmod a\+w \$$\(distdir\)'				\
-	in_files='(^|/)Makefile\.in$$'					\
-	halt=$$(printf '%s\n'						\
-	  'the above files are vulnerable; beware of running'		\
-	  '  "make distcheck", and upgrade to fixed automake'		\
-	  '  see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3386 for details') \
-	  $(_sc_search_regexp)
-
-
 ifneq ($(_gl-Makefile),)
 syntax-check: spacing-check test-wrap-argv \
 	prohibit-duplicate-header mock-noinline group-qemu-caps \
-- 
2.24.1





[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux