[Prev][Next][Index][Thread]

Debian cron serious security hole fix



Hi,

The message below sounded urgent enough to warrant a forward
to the list.

Cheers,

--Amos

-----------------------------------------------------------------------

Subject: cron3.0pl1-36.1 uploaded - major security hole fixed
   Date: Wed, 18 Dec 1996 22:15:44 +0000 (GMT)
   From: Jon Rabone <93jkr@eng.cam.ac.uk>
     To: debian-changes <debian-changes@lists.debian.org>
     CC: maor@debian.org


This is a non-maintainer release to mend the buffer overrun bug in cron.

Guy - please move this into the archive immediately and let the
Linux security people know so they can publish the details. 

Thanks,

Jon.

-----BEGIN PGP SIGNED MESSAGE-----

Format: 1.5
Date: Wed, 18 Dec 1996 21:38:33 +0000
Source: cron
Binary: cron
Architecture: source i386
Version: 3.0pl1-36.1
Distribution: stable unstable
Urgency: high
Maintainer: Jon Rabone <jkr@master.debian.org>
Description: 
 cron       - management of regular background processing
Changes: 
 cron (3.0pl1-36.1) stable unstable; urgency=HIGH
 .
   * Mended `find' invocation in debian/rules.
   * Serious security hole (buffer overrun) fixed.
   * Silly suidmanager stuff added by debmake.  Pah.
-- 
--Amos Shapira                  | "Of course Australia was marked for
                                |  glory, for its people had been chosen
amos@dsi.co.il                  |  by the finest judges in England."
                                |                         -- Anonymous