--- automake-1.11.2/NEWS.orig	2012-07-10 05:55:08.774803866 -0700
+++ automake-1.11.2/NEWS	2012-07-10 05:55:40.618794747 -0700
@@ -90,6 +90,15 @@
   - The AM_COND_IF macro also works if the shell expression for the
     conditional is no longer valid for the condition.
 
+* SECURITY VULNERABILITIES!
+
+  - The recipe of the 'distcheck' no longer grants anymore temporary
+    world-wide write permissions on the extracted distdir.  Even if such
+    rights were only granted for a vanishingly small time window, the
+    implied race condition proved to be enough to allow a local attacker
+    to run arbitrary code with the privileges of the user running "make
+    distcheck".  This is CVE-2012-3386.
+
 * Long-standing bugs:
 
   - The order of Yacc and Lex flags is fixed to be consistent with other
--- automake-1.11.2/lib/am/distdir.am.orig	2012-07-10 05:57:02.481964158 -0700
+++ automake-1.11.2/lib/am/distdir.am	2012-07-10 05:57:54.509361759 -0700
@@ -441,7 +441,7 @@
 ## Make the new source tree read-only.  Distributions ought to work in
 ## this case.  However, make the top-level directory writable so we
 ## can make our new subdirs.
-	chmod -R a-w $(distdir); chmod a+w $(distdir)
+	chmod -R a-w $(distdir); chmod u+w $(distdir)
 	mkdir $(distdir)/_build
 	mkdir $(distdir)/_inst
 ## Undo the write access.