Nom du paquet
vixie-cron
Date
2007-12-03
Advisory ID
MDKSA-2007:234
Affected versions
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , 2008.0 x86_64 , 2008.0 i586 , 2007.1 x86_64

Problem description

Raphael Marichez discovered a denial of service bug in how vixie-cron
verifies crontab file integrity. A local user with the ability
to create a hardlink to /etc/crontab could prevent vixie-cron from
executing certain system cron jobs.

The updated packages have been patched to correct this issue.

Updated packages

2007.0 x86_64

 e797aa1deb1aa45a3ac31967341d4271  2007.0/x86_64/vixie-cron-4.1-9.1mdv2007.0.x86_64.rpm 
 682d18fa3ebec317be382fb40c140745  2007.0/SRPMS/vixie-cron-4.1-9.1mdv2007.0.src.rpm

2007.1 i586

 901d627bc295b396d1b9d331a7b538cd  2007.1/i586/vixie-cron-4.1-9.1mdv2007.1.i586.rpm 
 e08498cdcb6f66fd167e6cd22d6c7c6b  2007.1/SRPMS/vixie-cron-4.1-9.1mdv2007.1.src.rpm

2007.0 i586

 123b5f8f021f12d910a4348e9a557ec7  2007.0/i586/vixie-cron-4.1-9.1mdv2007.0.i586.rpm 
 682d18fa3ebec317be382fb40c140745  2007.0/SRPMS/vixie-cron-4.1-9.1mdv2007.0.src.rpm

2008.0 x86_64

 ebcf2fcf7c88dd88688eb4aa9f8a6bb2  2008.0/x86_64/vixie-cron-4.1-9.1mdv2008.0.x86_64.rpm 
 148738b227103c0b1ee25e5f6ca747eb  2008.0/SRPMS/vixie-cron-4.1-9.1mdv2008.0.src.rpm

2008.0 i586

 1b273c4f69665e22bf56f3da76c52556  2008.0/i586/vixie-cron-4.1-9.1mdv2008.0.i586.rpm 
 148738b227103c0b1ee25e5f6ca747eb  2008.0/SRPMS/vixie-cron-4.1-9.1mdv2008.0.src.rpm

2007.1 x86_64

 dba8945a07a6c835bc58d33884b1f50b  2007.1/x86_64/vixie-cron-4.1-9.1mdv2007.1.x86_64.rpm 
 e08498cdcb6f66fd167e6cd22d6c7c6b  2007.1/SRPMS/vixie-cron-4.1-9.1mdv2007.1.src.rpm

References