Security fix by requiring newer automake features.

* configure.ac (AM_INIT_AUTOMAKE): Add dist-xz, color-tests,
parallel-tests, and silent-rules.
(AC_PREREQ): Bump autoconf requirement to 2.62, per automake.
* HACKING: Update minimum requirements.
* NEWS: Document the fix.

Signed-off-by: Eric Blake <ebb9@byu.net>

4 files changed, 17 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 2e08b0e1..da50c551 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
 2010-01-05  Eric Blake  <ebb9@byu.net>
 
+	Security fix by requiring newer automake features.
+	* configure.ac (AM_INIT_AUTOMAKE): Add dist-xz, color-tests,
+	parallel-tests, and silent-rules.
+	(AC_PREREQ): Bump autoconf requirement to 2.62, per automake.
+	* HACKING: Update minimum requirements.
+	* NEWS: Document the fix.
+
 	Drop hard-coding of GPG id.
 	* gnulib: Update to latest.
 	* m4/gnulib-cache.m4: Regenerate.
diff --git a/HACKING b/HACKING
index 86f9192d..2b090f08 100644
--- a/HACKING
+++ b/HACKING
@@ -42,8 +42,8 @@ and is not part of a release distribution.
 
 * Before you can build from git, you need to bootstrap.  This requires:
   - A pre-installed version of GNU M4 1.4 or later, built from a package
-  - Autoconf 2.60 or later
-  - Automake 1.10.1 or later
+  - Autoconf 2.62 or later
+  - Automake 1.11.1 or later
   - Help2man 1.29 or later
   - Xz 4.999.8beta or later (from <http://tukaani.org/xz/>)
   - Texinfo 4.8 or later
diff --git a/NEWS b/NEWS
index eb51b112..56051444 100644
--- a/NEWS
+++ b/NEWS
@@ -2,7 +2,7 @@ GNU M4 NEWS - User visible changes.
 Copyright (C) 1992, 1993, 1994, 2004, 2005, 2006, 2007, 2008, 2009, 2010
 Free Software Foundation, Inc.
 
-* Noteworthy changes in Version 1.4.14 (2009-??-??) [stable]
+* Noteworthy changes in Version 1.4.14 (2010-??-??) [stable]
   Released by Eric Blake, based on git version 1.4.13.*
 
 ** Fix regression introduced in 1.4.12 where executing with stdout closed
@@ -12,6 +12,10 @@ Free Software Foundation, Inc.
    closed file descriptors could interfere with child execution, and where
    a child status of 127 made m4 print a spurious message to stderr.
 
+** Fix a security hole in 'make dist', present since at least M4 1.4, that
+   could affect anybody attempting to redistribute modified sources (see
+   Automake CVE-2009-4029).
+
 ** A number of portability improvements inherited from gnulib.
 
 * Noteworthy changes in Version 1.4.13 (2009-04-01) [stable]
diff --git a/configure.ac b/configure.ac
index c93d9d4e..63e3ae0c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -17,12 +17,13 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-AC_PREREQ([2.60])
+AC_PREREQ([2.62])
 AC_INIT([GNU M4], m4_esyscmd([build-aux/git-version-gen .tarball-version]),
   [bug-m4@gnu.org])
 AC_CONFIG_AUX_DIR([build-aux])
 
-AM_INIT_AUTOMAKE([1.10.1 dist-bzip2 gnu])
+AM_INIT_AUTOMAKE([1.11.1 dist-bzip2 dist-xz color-tests parallel-tests
+silent-rules gnu])
 
 m4_pattern_forbid([^M4_[A-Z]])