Nom du paquet
vixie-cron
Date
2001-05-10
Advisory ID
MDKSA-2001:050
Affected versions
8.0 i586 , 7.2 i586 , 7.1 i586 , CS1.0 i586

Problem description

A recent security fix to cron introduced a new problem with giving up privileges before invoking the editor. A malicious local user could exploit this to gain root acces.

Updated packages

8.0 i586

 c464b6c019defb09c8749800f3ecef79  8.0/RPMS/vixie-cron-3.0.1-51.1mdk.i586.rpm
f5fb6b648d1d87578c9cd7e44ec909ea  8.0/SRPMS/vixie-cron-3.0.1-51.1mdk.src.rpm

7.2 i586

 ad448a558a7466c08ac90a7c8de15e5d  7.2/RPMS/vixie-cron-3.0.1-46.3mdk.i586.rpm
2454ea0ed26c3b1dfb1335c522fe8c40  7.2/SRPMS/vixie-cron-3.0.1-46.3mdk.src.rpm

7.1 i586

 53b4beefcd4582e0dfe885c82f1221e9  7.1/RPMS/vixie-cron-3.0.1-46.4mdk.i586.rpm
51e96cbcfc44216eb099f514b2a01eff  7.1/SRPMS/vixie-cron-3.0.1-46.4mdk.src.rpm

CS1.0 i586

 53b4beefcd4582e0dfe885c82f1221e9  1.0.1/RPMS/vixie-cron-3.0.1-46.4mdk.i586.rpm
51e96cbcfc44216eb099f514b2a01eff  1.0.1/SRPMS/vixie-cron-3.0.1-46.4mdk.src.rpm

References