LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 3 Update: vixie-cron-4.1-20_FC3 Print E-mail
User Rating:      How can I rate this item?
Posted by Joseph Shakespeare   
Fedora Updated vixie-cron package.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-032
2005-01-19
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : vixie-cron
Version     : 4.1                      
Release     : 20_FC3                  
Summary     : The Vixie cron daemon for executing specified programs at set times.
Description :
The vixie-cron package contains the Vixie version of cron.  Cron is a
standard UNIX daemon that runs specified programs at scheduled times.
Vixie cron adds better security and more powerful configuration
options to the standard version of cron.

---------------------------------------------------------------------
Update Information:

Updated vixie-cron package.
---------------------------------------------------------------------
* Mon Dec 20 2004 Jason Vas Dias  - 4.1-20_FC3

- fix bug 142953 : allow read-only crontabs + provide -p 
- 'permit all crontabs' option to disable mode checking. 
- bug 135845 fix required 'ch' to be initialized in crontab.c line 322
- (bug 141760)

* Mon Dec 20 2004 Jason Vas Dias  - 4.1-20_FC3

- fixed all uninitialized variable warnings

* Fri Oct 15 2004 Jason Vas Dias  - 4.1-19

- crontab -e should only strip NHEADER_LINES comments 
- (NHEADER_LINES==0), not at least one header comment line.
- (bug 135845)

* Sat Oct 09 2004 Florian La Roche  - 4.1-18

- no need to make user installed crontabs readable

* Thu Sep 30 2004 Jason Vas Dias  - 4.1-17

- Users not allowed to use 'crontab mycrontab', while
- 'crontab < mycrontab' allowed; this is because misc.c's
- swap_uids_back() was not using save_euid / save_egid .
- Thanks to Mads Martin Joergensen  for pointing this out.

* Wed Sep 29 2004 Jason Vas Dias  - 4.1-16

- Just found out in testing that if neither /etc/cron.{deny,allow}
- exist, root is unable to use crontab - I'm sure root could before,
- but is in any case meant to be able to. Allowing root to use crontab.

* Wed Sep 29 2004 Jason Vas Dias  - 4.1-14

- Fix for bug 130102 got dropped somehow from latest CVS.
- This is now restored - in %post, if neither /etc/cron.{deny,allow}
- exist, touch /etc/cron.deny, to allow all users to use crontab,
- as was previous default vixie-cron behaviour.

* Fri Sep 17 2004 Jason Vas Dias  - 4.1-12

- Merged Dan's patch with vixie-cron-4.1-11 which was not 
- latest version according to new CVS ?!?!

* Fri Sep 17 2004 Dan Walsh   - 4.1-12

- Updated SELinux patch to use checkPasswdAccess

* Tue Aug 31 2004 Jason Vas Dias   - 4.1-11

- Fixed SIGSEGV in free_user when !is_selinux_enabled() and crontab
- has no valid jobs (bug 131390).

* Wed Aug 18 2004 Jason Vas Dias   - 4.1.10

- Fixed bug 130102: Restored default behaviour if neither 
- /etc/cron.deny nor /etc/cron.allow exist - 'touch /etc/cron.deny'
- in %post

* Wed Aug 11 2004 Jason Vas Dias   - 4.1.9

- Removed 0600 mode enforcement as per Florian La Roche's request

* Tue Aug 10 2004 Jason Vas Dias   - 4.1.8

- Allowed editors such as 'gedit' which do not modify original
- file, but which rename(2) a temp file to original, to be used
- by crontab -e (bug 129170).

* Tue Aug 10 2004 Jason Vas Dias   - 4.1.8

- Added '-i' option to crontab to prompt the user before deleting
- crontab with '-r'.

* Tue Aug 10 2004 Jason Vas Dias   - 4.1.8

- Added documentation for '@' nicknames to crontab.5
- (bugs 107542, 89899). Also removed 'second when' (bug 59802).

* Sun Aug 01 2004 Jason Vas Dias   - 4.1.7

- fixed bug 128924: 'cron' log facility not being used

* Fri Jul 30 2004 Jason Vas Dias   - 4.1.6

- Added PAM 'auth sufficient pam_rootok.so' to /etc/pam.d/crond
- (fixes bug 128843) - on dwalsh's advice.

* Thu Jul 29 2004 Jason Vas Dias   - 4.1-5

- Added Buildrequires: pam-devel

* Wed Jul 28 2004 Dan Walsh  - 4.1-4

- Fix crontab to do SELinux checkaccess

* Wed Jul 28 2004 Jason Vas Dias   - 4.1-3

- Fixed bug 128701: cron fails to parse user 6th field in
- system crontabs (patch15)

* Tue Jul 27 2004 Jason Vas Dias   - 4.1-2

- Changed 'Requires' dependency from 'pam-devel' to 'pam'.

* Mon Jul 26 2004 Jason Vas Dias   - 4.1-1

- Added PAM access control support.

* Thu Jul 22 2004 Jason Vas Dias   - 4.1-1

- Changed post-install to change mode of existing crontabs to
- 0600 to allow run by new ISC cron 4.1

* Thu Jul 22 2004 Jason Vas Dias   - 4.1-1

- Upgraded to ISC cron 4.1

* Thu Jul 01 2004 Jens Petersen  - 3.0.1-94

- add vixie-cron-3.0.1-cron-descriptors-125110.patch to close std descriptors
  when forking (Bernd Schmidt, 121280)
- add vixie-cron-3.0.1-no-crontab-header-89809.patch to not prepend header to
  crontab files (Damian Menscher, 103899)
- fix use of RETVAL in init.d script (Enrico Scholz, 97784)
- add safer malloc call to vixie-cron-3.0.1-sprintf.patch 
- add cron-3.0.1-crontab-syntax-error-114386.patch to fix looping on crontab
  syntax error (Miloslav Trmac, 89937)

* Fri Jun 25 2004 Dan Walsh  - 3.0.1-93

- Add fixes from NSA

* Tue Jun 22 2004 Dan Walsh  - 3.0.1-92

- Add fixes from NSA

* Tue Jun 15 2004 Dan Walsh  - 3.0.1-91

- Change patch to check SElinux properly, go back to using fname instead of uname

* Tue Jun 15 2004 Elliot Lee 

- rebuilt

* Fri Jun 04 2004 Dan Walsh  - 3.0.1-89

- Fix patch

* Fri Jun 04 2004 Dan Walsh  - 3.0.1-88

- Add patch to allow it to run in permissive mode.

* Fri Feb 13 2004 Elliot Lee 

- rebuilt

* Wed Feb 04 2004 Dan Walsh  - 3.0.1-86

- Add security_getenforce check.

* Mon Jan 26 2004 Dan Walsh  - 3.0.1-85

- Fix call to is_selinux_enabled()

* Mon Dec 08 2003 Dan Walsh  - 3.0.1-84

- change daemon flag to 1

* Wed Dec 03 2003 Dan Walsh  - 3.0.1-83

- Add daemon to make sure child is clean

* Fri Nov 07 2003 Jens Petersen  - 3.0.1-82

- add vixie-cron-3.0.1-pie.patch to build crond as pie (#108414)
  [Ulrich Drepper]
- require libselinux and buildrequire libselinux-devel

* Thu Oct 30 2003 Dan Walsh  - 3.0.1-81.sel

- turn on selinux

* Tue Sep 30 2003 Jens Petersen  - 3.0.1-80

- add vixie-cron-3.0.1-vfork-105616.patch to use fork instead of vfork
  (#105616) [report and patch from ian@caliban.org]
- update vixie-cron-3.0.1-redhat.patch not to change DESTMAN redundantly
  (it is overrriden in the spec file anyway)

* Fri Sep 05 2003 Dan Walsh  - 3.0.1-79

- turn off selinux

* Fri Sep 05 2003 Dan Walsh  - 3.0.1-78.sel

- turn on selinux

* Tue Jul 29 2003 Dan Walsh  - 3.0.1-77

- Patch to run on SELinux

* Wed Jun 04 2003 Elliot Lee 

- rebuilt

* Wed Mar 19 2003 Jens Petersen  - 3.0.1-75

- add vixie-cron-3.0.1-root_-u-85879.patch from Valdis Kletnieks to allow
  root to run "crontab -u " even for users that aren't allowed to

* Wed Feb 19 2003 Jens Petersen  - 3.0.1-74

- fix preun script typo (#75137) [reported by Peter Bieringer]

* Tue Feb 11 2003 Bill Nottingham  3.0.1-73

- don't set SIGCHLD to SIG_IGN and then try and wait... (#84046)

* Fri Feb 07 2003 Nalin Dahyabhai  3.0.1-72

- adjust cron.d patch so that it ignores file with names that begin with '#'
  or end with '~', '.rpmorig', '.rpmsave', or '.rpmnew'
- merge hunk of buffer overflow patch into the cron.d patch

* Wed Jan 22 2003 Tim Powers 

- rebuilt

* Wed Dec 11 2002 Tim Powers  3.0.1-70

- rebuild on all arches

* Sat Jul 20 2002 Akira TAGOH  3.0.1-69

- vixie-cron-3.0.1-nonstrip.patch: applied to fix the stripped binary issue.

* Fri Jun 21 2002 Tim Powers 

- automated rebuild

* Mon Jun 10 2002 Bill Huang 

- Fix preun bugs.(#55340)
- Fix fprintf bugs.(#65209)

* Thu May 23 2002 Tim Powers 

- automated rebuild

* Mon Apr 15 2002 Bill Huang 

- Fixed #62963.

* Thu Apr 04 2002 James McDermott 

- Alter behavior of crontab to take stdin as the default
  behavior if no options are specified.

* Sun Jun 24 2001 Elliot Lee 

- Bump release + rebuild.

* Thu Mar 08 2001 Bill Nottingham 

- add patch from Alan Eldridge  to
  fix double execution of jobs (#29868)

* Sun Feb 11 2001 Bill Nottingham 

- fix buffer overflow in crontab

* Wed Feb 07 2001 Trond Eivind Glomsrød 

- fix usage string in initscript (#26533)

* Tue Feb 06 2001 Bill Nottingham 

- fix build with new glibc (#25931)

* Tue Jan 23 2001 Bill Nottingham 

- change i18n mechanism

* Fri Jan 19 2001 Bill Nottingham 

- log as 'crond', not 'CROND' (#19410)
- account for shifts in system clock (#23230, patch from )
- i18n-ize initscript

* Thu Aug 24 2000 Than Ngo 

- fix to set startup position correct at update

* Thu Aug 24 2000 Than Ngo 

- add /sbin/service to Prereq
- call /sbin/service instead service
- fix startup position (Bug #13353)

* Mon Aug 07 2000 Bill Nottingham 

- fix crond logging patch (dan@doom.cmc.msu.ru)
- log via syslog (suggestion from jos@xos.nl)
- put system crontab location in crontab(5) (#14842)

* Fri Jul 28 2000 Bill Nottingham 

- fix condrestart

* Fri Jul 21 2000 Bill Nottingham 

- fix reload bug (#14065)

* Fri Jul 14 2000 Bill Nottingham 

- move initscript back

* Thu Jul 13 2000 Prospector 

- automatic rebuild

* Thu Jul 06 2000 Bill Nottingham 

- prereq /etc/init.d

* Mon Jul 03 2000 Bill Nottingham 

- fix %post; we do condrestart in %postun

* Thu Jun 29 2000 Bill Nottingham 

- oops, fix init script

* Tue Jun 27 2000 Bill Nottingham 

- require new initscripts, not prereq

* Mon Jun 26 2000 Bill Nottingham 

- initscript hacks

* Wed Jun 14 2000 Nalin Dahyabhai 

- tweak logrotate config

* Sun Jun 11 2000 Bill Nottingham 

- rebuild in new env.
- FHS fixes
- don't ship chkconfig links

* Fri Mar 31 2000 Bill Nottingham 

- fix non-root builds (#10490)

* Sun Mar 26 2000 Florian La Roche 

- do not remove log files

* Thu Feb 03 2000 Bill Nottingham 

- handle compressed man pages

* Fri Sep 10 1999 Bill Nottingham 

- chkconfig --del in %preun, not %postun

* Wed Aug 25 1999 Bill Nottingham 

- fix buffer overflow

* Mon Aug 16 1999 Bill Nottingham 

- initscript munging

* Fri Jul 30 1999 Michael K. Johnson 

- dayofmonth and month can't be 0

* Thu Jun 03 1999 Jeff Johnson 

- in cron.log use "kill -HUP pid" not killall to preserve errors (#2241).

* Wed Apr 14 1999 Michael K. Johnson 

- add note to man page about DST conversion causing strangeness
- documented cron.d patch

* Tue Apr 13 1999 Michael K. Johnson 

- improved cron.d patch

* Mon Apr 12 1999 Erik Troan 

- added cron.d patch

* Tue Mar 23 1999 Bill Nottingham 

- logrotate changes

* Tue Mar 23 1999 Preston Brown 

- clean up log files on deinstallation

* Sun Mar 21 1999 Cristian Gafton  

- auto rebuild in the new build environment (release 28)

* Wed Dec 30 1998 Cristian Gafton 

- build for glibc 2.1

* Wed Jun 10 1998 Prospector System 

- translations modified for de

* Wed Jun 10 1998 Jeff Johnson 

- reset SIGCHLD before grandchild execle (problem #732)

* Sat May 02 1998 Cristian Gafton 

- enhanced initscript

* Mon Apr 27 1998 Prospector System 

- translations modified for de, fr, tr

* Thu Dec 11 1997 Cristian Gafton 

- added a patch to get rid of the dangerous sprintf() calls
- added BuildRoot and Prereq: /sbin/chkconfig

* Sun Nov 09 1997 Michael K. Johnson 

- fixed cron/crond dichotomy in init file.

* Wed Oct 29 1997 Donnie Barnes 

- fixed bad init symlinks

* Thu Oct 23 1997 Erik Troan 

- force it to use SIGCHLD instead of defunct SIGCLD

* Mon Oct 20 1997 Erik Troan 

- updated for chkconfig
- added status, restart options to init script

* Tue Jun 17 1997 Erik Troan 

- built against glibc

* Wed Feb 19 1997 Erik Troan 

- Switch conditional from "axp" to "alpha"


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

fa42b840bb98da7202e1d35ea2353052  SRPMS/vixie-cron-4.1-20_FC3.src.rpm
45ddbd9ad1fb087ecc78bfa842b4526d  x86_64/vixie-cron-4.1-20_FC3.x86_64.rpm
711ba42e4996753d7f5ebcd4a10decc7  x86_64/debug/vixie-cron-debuginfo-4.1-20_FC3.x86_64.rpm
cbad971bb6a8b5f35e869ab99a5565b8  i386/vixie-cron-4.1-20_FC3.i386.rpm
3694483e362b28636b8197eeb06a5fe0  i386/debug/vixie-cron-debuginfo-4.1-20_FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built Iron Dome Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.