Accepted fcron 2.9.5.1-1 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 19 Nov 2004 10:20:44 -0200
Source: fcron
Binary: fcron
Architecture: source i386
Version: 2.9.5.1-1
Distribution: unstable
Urgency: high
Maintainer: Russell Coker <russell@coker.com.au>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description:
fcron - cron-like scheduler with extended capabilities
Closes: 281436
Changes:
fcron (2.9.5.1-1) unstable; urgency=high
.
* New upstream source:
* SECURITY FIX: Due to design errors in the fcronsighup program, Fcron
may allow a local user to bypass access restrictions (CAN-2004-1031),
view the contents of root owned files (CAN-2004-1030), remove
arbitrary files or create empty files (CAN-2004-1032), and send a
SIGHUP to any process. A vulnerability also exists in fcrontab which
may allow local users to view the contents of fcron.allow and
fcron.deny (CAN-2004-1033).
Ref: iDEFENSE Security Advisory 11.15.04.
(closes: #281436)
* Thanks to Gentoo's GLSA 200411-27 for providing the above text ;-)
* Add myself to uploaders
* Use $(MAKE) distclean on clean: target
* Clean up autom4te.cache directory on clean: target
* Rename fcron-update-crontabs.1 to fcron-update-crontabs.8, since it
is in section 8 anyway
* Add non-virtual-package packages to dependencies on virtual packages
(syslog-daemon and mail-transport-agent). Use packages that are
priority standard or higher for that
* Fix initscript so that it will start a stopped daemon on "restart"
* Now compliant to standards-version 3.6.1, bump control file entry
accordingly
Files:
4de4126d9ce1291013e96a3d216e512c 664 admin extra fcron_2.9.5.1-1.dsc
bf39dcef6d0c452f167f5a31a1231e4e 398400 admin extra fcron_2.9.5.1.orig.tar.gz
17140e8dc005be1e92d125890b4864bd 10545 admin extra fcron_2.9.5.1-1.diff.gz
e8e1ad79870a5cca477e6dd3eb5e783f 150498 admin extra fcron_2.9.5.1-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBnehX7iXePxzbD+MRAqDPAKCMINRKe5+xFohJPrheYYzbfvcbzQCeJcSQ
IApTn8RrozV5eIHLajf3xss=
=W6NO
-----END PGP SIGNATURE-----
Accepted:
fcron_2.9.5.1-1.diff.gz
to pool/main/f/fcron/fcron_2.9.5.1-1.diff.gz
fcron_2.9.5.1-1.dsc
to pool/main/f/fcron/fcron_2.9.5.1-1.dsc
fcron_2.9.5.1-1_i386.deb
to pool/main/f/fcron/fcron_2.9.5.1-1_i386.deb
fcron_2.9.5.1.orig.tar.gz
to pool/main/f/fcron/fcron_2.9.5.1.orig.tar.gz
Reply to: