Merge branch 'master' into ng/master (with fix for CVE-2012-3386)

This makes the fix for a locally-exploitable security vulnerability
(CVE-2012-3386) available to the Automake master branch.

* master:
  sync: update files from upstream with "make fetch"
  news: improve wording in entry about CVE-2012-3386
  maint: post-release minor version bump
  release: stable release 1.12.2
  distcheck: never make part of $(distdir) world-writable
  compat: automake should substitute @mkdir_p@, for backward compatibility
  fixup: t/README: it's ./runtest, not ./t/ax/runtest

Signed-off-by: Stefano Lattarini <stefano.lattarini@gmail.com>

diff --cc lib/am/distdir.am
Simple merge

diff --cc lib/am/header-vars.am
Simple merge

diff --cc m4/init.m4
Simple merge

diff --cc t/README
index 50feafacbd810ae4804991689bf694fc35fff7a5,60b4252799bad01e7e67c14e5cd622c2161c4385..1f2470b4009c173aacd479e363f6b5e077b9e95b
--- 1/t/README
--- 2/t/README
+++ b/t/README
@@@ -90,11 -91,11 +90,10 @@@ Supported shell
    '/bin/my-sh':
  
      # Running through the makefile test driver.
 -    make check AM_TEST_RUNNER_SHELL=/bin/my-sh         (GNU make)
 -    AM_TEST_RUNNER_SHELL=/bin/my-sh make -e check      (non-GNU make)
 +    make check AM_TEST_RUNNER_SHELL=/bin/my-sh
  
      # Run a test directly from the command line.
-     AM_TEST_RUNNER_SHELL=/bin/my-sh ./t/ax/runtest t/foo.sh
- 
+     AM_TEST_RUNNER_SHELL=/bin/my-sh ./runtest t/foo.sh
  
    The test scripts are written with portability in mind, and should run
    with any decent POSIX shell.  However, it is worth nothing that older