Debian Security Advisory: New version of cron releasedJan 29, 2001, 08:51 (0 Talkback[s])
(Other stories by Martin Schulze)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
Date: Sat, 27 Jan 2001 23:49:54 +0100
Debian Security Advisory DSA-024-1 email@example.com http://www.debian.org/security/ Martin Schulze January 27, 2001
Package : cron Vulnerability : local insecure crontab handling Debian-specific: noThe FreeBSD team has found a bug in the way new crontabs were handled which allowed malicious users to display arbitrary crontab files on the local system. This only affects valid crontab files so can't be used to get access to /etc/shadow or something. crontab files are not especially secure anyway, as there are other ways they can leak. No passwords or similar sensitive data should be in there.
We recommend you upgrade your cron packages.
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures.
Intel ia32 architecture:
Motorola 680x0 architecture:
Sun Sparc architecture:
These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
For apt-get: deb http://security.debian.org/
0 Talkback[s] (click to add your comment)