Accepted cron 3.0pl1-106 (source i386)

To: debian-devel-changes@lists.debian.org
Subject: Accepted cron 3.0pl1-106 (source i386)
From: Javier Fernandez-Sanguino Pen~a <jfs@debian.org>
Date: Wed, 13 May 2009 00:32:03 +0000
Message-id: <[🔎] E1M42OB-0007us-8Y@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 13 May 2009 01:05:41 +0200
Source: cron
Binary: cron
Architecture: source i386
Version: 3.0pl1-106
Distribution: unstable
Urgency: high
Maintainer: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Changed-By: Javier Fernandez-Sanguino Pen~a <jfs@debian.org>
Description: 
 cron       - process scheduling daemon
Closes: 405474 413962 452460 468262 485452 497699 500610 502650 511684 514062 514721 528434
Changes: 
 cron (3.0pl1-106) unstable; urgency=high
 .
    * SECURITY UPDATE: cron does not check the return code of setgid() and
    initgroups(), which under certain circumstances could cause
    applications to run with elevated group privileges. Note that the more
    serious issue of not checking the return code of setuid() was fixed already
    in 3.0pl1-64.  (Closes: #528434)
     - do_command.c: check return code of setgid() and initgroups()
     - This fixes (hopefully completely) CVE-2006-2607
    * crontab.c:
       - close the temporary file after it is edited and
         before calling cleanup_tmp_crontab() to behave properly on NFS
         mounted / (Closes: #413962)
       - if crontab is run without argument then it will read stdin to replace
         the users crontab. This way it is POSIXLY_CORRECT. More information at
         http://www.opengroup.org/onlinepubs/9699919799/utilities/crontab.html
         (Closes: #514062)
    * crontab.5 :
       - Add details about multiple recipients in MAILTO (LP: #235464)
         (Closes: #502650)
       - Indicate that it also reads environment from /etc/environment
       - Substitute ATT for AT&T (Closes: #405474)
    * Proper fix for PAM configuration to make cron read the system
      environment (Closes: #511684)
    * debian/cron.init:
        - Add support for 'status' in the init.d (Closes: #514721)
        - Use 'cron' instead of 'crond' (Closes: #497699)
    * Change lockfile-progs from Suggests: to Recommends: and remove wording
      related to dselect, which is no longer relevant (Closes: #452460, #468262)
    * Change the (outdated) wording of the description based on an example
      provided by Justin B Rye (Closes: 485452)
    * Change the postinst so that update-rc.d is only run if /etc/init.d/cron is
      executable (Closes: #500610)
Checksums-Sha1: 
 e126ee949966e4ad31bf4fe8446391944ef6e3d1 1057 cron_3.0pl1-106.dsc
 f4581b993d48c6dce3ce34dbd8ff61030f9986f4 70760 cron_3.0pl1-106.diff.gz
 1a6fba880e467bebaa67dbbbf7408b566be39789 82630 cron_3.0pl1-106_i386.deb
Checksums-Sha256: 
 92bfb781a65d06a75eaa2bdf713f164ad5bcad20fcd3a599196a25149362f0cb 1057 cron_3.0pl1-106.dsc
 bbec885b1c783756385aff56162df528a21296e8f6561e5717a9190a34fe5ebb 70760 cron_3.0pl1-106.diff.gz
 7c4c22b8101403ad9b97e158c69e475aaf67c63fb9ef61c20013d5641b08c9d4 82630 cron_3.0pl1-106_i386.deb
Files: 
 44eb5eb1046cf2e77034a2f94198b779 1057 admin important cron_3.0pl1-106.dsc
 490fa1083359db207a9b8678fc505190 70760 admin important cron_3.0pl1-106.diff.gz
 bdef1e0aa346a217fa6cba8873fb967c 82630 admin important cron_3.0pl1-106_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKChDqsandgtyBSwkRAoBLAJ9/Io7a+VEspBl0NC6NF0XcFTBengCcCnn+
5kbwiezbFZiYz/zhitX+CEc=
=U+PT
-----END PGP SIGNATURE-----


Accepted:
cron_3.0pl1-106.diff.gz
  to pool/main/c/cron/cron_3.0pl1-106.diff.gz
cron_3.0pl1-106.dsc
  to pool/main/c/cron/cron_3.0pl1-106.dsc
cron_3.0pl1-106_i386.deb
  to pool/main/c/cron/cron_3.0pl1-106_i386.deb

Reply to:

Prev by Date: Accepted qemu 0.10.4-1 (source amd64)
Next by Date: Accepted vr 7.2.47-1 (source i386)
Previous by thread: Accepted qemu 0.10.4-1 (source amd64)
Next by thread: Accepted vr 7.2.47-1 (source i386)
Index(es):
- Date
- Thread