|
| Current Newswire:
Debian Security Advisory: New version of cron releasedJan 29, 2001, 08:51 (0 Talkback[s])(Other stories by Martin Schulze) Date: Sat, 27 Jan 2001 23:49:54 +0100 Debian Security Advisory DSA-024-1 security@debian.org http://www.debian.org/security/ Martin Schulze January 27, 2001 Package : cron Vulnerability : local insecure crontab handling Debian-specific: noThe FreeBSD team has found a bug in the way new crontabs were handled which allowed malicious users to display arbitrary crontab files on the local system. This only affects valid crontab files so can't be used to get access to /etc/shadow or something. crontab files are not especially secure anyway, as there are other ways they can leak. No passwords or similar sensitive data should be in there. We recommend you upgrade your cron packages.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures. Source archives: Intel ia32 architecture: Motorola 680x0 architecture: Sun Sparc architecture: Alpha architecture: PowerPC architecture: ARM architecture: These files will be moved into ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . For apt-get: deb http://security.debian.org/
stable/updates main
0 Talkback[s]
(click to add your comment)
|
