Accepted fcron 2.9.5.1-1 (i386 source)

To: debian-devel-changes@lists.debian.org
Subject: Accepted fcron 2.9.5.1-1 (i386 source)
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Fri, 19 Nov 2004 07:47:07 -0500
Message-id: <[🔎] E1CV8AN-0002zK-00@newraff.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 19 Nov 2004 10:20:44 -0200
Source: fcron
Binary: fcron
Architecture: source i386
Version: 2.9.5.1-1
Distribution: unstable
Urgency: high
Maintainer: Russell Coker <russell@coker.com.au>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description: 
 fcron      - cron-like scheduler with extended capabilities
Closes: 281436
Changes: 
 fcron (2.9.5.1-1) unstable; urgency=high
 .
   * New upstream source:
      * SECURITY FIX: Due to design errors in the fcronsighup program, Fcron
        may allow a local user to bypass access restrictions (CAN-2004-1031),
        view the contents of root owned files (CAN-2004-1030), remove
        arbitrary files or create empty files (CAN-2004-1032), and send a
        SIGHUP to any process.  A vulnerability also exists in fcrontab which
        may allow local users to view the contents of fcron.allow and
        fcron.deny (CAN-2004-1033).
        Ref: iDEFENSE Security Advisory 11.15.04.
        (closes: #281436)
   * Thanks to Gentoo's GLSA 200411-27 for providing the above text ;-)
   * Add myself to uploaders
   * Use $(MAKE) distclean on clean: target
   * Clean up autom4te.cache directory on clean: target
   * Rename fcron-update-crontabs.1 to fcron-update-crontabs.8, since it
     is in section 8 anyway
   * Add non-virtual-package packages to dependencies on virtual packages
     (syslog-daemon and mail-transport-agent).  Use packages that are
     priority standard or higher for that
   * Fix initscript so that it will start a stopped daemon on "restart"
   * Now compliant to standards-version 3.6.1, bump control file entry
     accordingly
Files: 
 4de4126d9ce1291013e96a3d216e512c 664 admin extra fcron_2.9.5.1-1.dsc
 bf39dcef6d0c452f167f5a31a1231e4e 398400 admin extra fcron_2.9.5.1.orig.tar.gz
 17140e8dc005be1e92d125890b4864bd 10545 admin extra fcron_2.9.5.1-1.diff.gz
 e8e1ad79870a5cca477e6dd3eb5e783f 150498 admin extra fcron_2.9.5.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBnehX7iXePxzbD+MRAqDPAKCMINRKe5+xFohJPrheYYzbfvcbzQCeJcSQ
IApTn8RrozV5eIHLajf3xss=
=W6NO
-----END PGP SIGNATURE-----


Accepted:
fcron_2.9.5.1-1.diff.gz
  to pool/main/f/fcron/fcron_2.9.5.1-1.diff.gz
fcron_2.9.5.1-1.dsc
  to pool/main/f/fcron/fcron_2.9.5.1-1.dsc
fcron_2.9.5.1-1_i386.deb
  to pool/main/f/fcron/fcron_2.9.5.1-1_i386.deb
fcron_2.9.5.1.orig.tar.gz
  to pool/main/f/fcron/fcron_2.9.5.1.orig.tar.gz

Reply to:

Prev by Date: Accepted asterisk-chan-misdn 0.0.3rc2-2 (i386 source)
Next by Date: Accepted misdn-user 0.0.0+cvs20041018-2 (i386 source)
Previous by thread: Accepted asterisk-chan-misdn 0.0.3rc2-2 (i386 source)
Next by thread: Accepted misdn-user 0.0.0+cvs20041018-2 (i386 source)
Index(es):
- Date
- Thread