---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-320
2005-04-15
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : vixie-cron
Version     : 4.1                      
Release     : 33_FC3                  
Summary     : The Vixie cron daemon for executing specified programs at set times.
Description :
The vixie-cron package contains the Vixie version of cron.  Cron is a
standard UNIX daemon that runs specified programs at scheduled times.
Vixie cron adds better security and more powerful configuration
options to the standard version of cron.

--------------------------------------------------------------------- o Fixes security vulnerability CAN-2005-1038 
   (  )
 
 o Makes filename and command line length constraints
   correspond to system limits

 o Improved PAM support

---------------------------------------------------------------------* Thu Apr 14 2005 Jason Vas Dias  - 4.1-33_FC3

- fix bug 154922 / CAN-2005-1038: check that new crontab is 
      regular file after editor session ends.
- fix bug 154575: use PATH_MAX (4096) as max filename length; also make 
      limits on command line and env.var. lengths sensible (131072).

* Fri Apr  8 2005 Jason Vas Dias  - 4.1-33_FC3

- do pam_close_session and pam_setcred(pamh, PAM_DELETE_CRED)
- if fork fails

* Thu Apr  7 2005 Jason Vas Dias  - 4.1-33_FC3

- fix bug 154065: crontab's job control broken: by 
-     xpid = waitpid(pid,&waiter,WUNTRACED);... 
-     if( WIFSTOPPED(waiter) )... kill(getpid(),WSTOPSIG(waiter));
- crontab should not kill itself with SIGSTOP if its child
- gets SIGSTOP; hence it does not need the waitpid WUNTRACED flag.

* Tue Apr  5 2005 Jason Vas Dias  - 4.1-33_FC3

- Required for EAL Audit certification: 
- If pam_setcred should fail, the pam_session could fail to be
- closed, leaving autofs user directories still mounted.

* Tue Mar 15 2005 Jason Vas Dias  - 4.1-33_FC3

- fix bug 151145: segfault if cronjob runs without any SELinux user 
- security context (eg. in a broken chroot environment)

* Fri Feb 25 2005 Jason Vas Dias  - 4.1-24_FC3

- Add an /etc/sysconfig/crond file for containing CRONDARGS and
- settings like CRON_VALIDATE_MAILRCPTS .

* Fri Feb 25 2005 Jason Vas Dias  - 4.1-24_FC3

- Fix bug 147636 - disable silly mail recipient name checking 
- (do_command.c's safe_p()) by default . Can be enabled by 
- presence of CRON_VALIDATE_MAILRCPTS variable in crond's 
- environment - also '_'s in MAILTOs are allowed.

* Tue Jan 25 2005 Jason Vas Dias  - 4.1-21_FC3

- Fix bug 146073 - allow the 'pam_access' module to be used with
- cron - set 'PAM_TTY' item to 'cron' .

* Mon Dec 20 2004 Jason Vas Dias  - 4.1-20_FC3

- fix bug 142953 : allow read-only crontabs + provide -p 
- 'permit all crontabs' option to disable mode checking. 
- bug 135845 fix required 'ch' to be initialized in crontab.c line 322
- (bug 141760)

* Mon Dec 20 2004 Jason Vas Dias  - 4.1-20_FC3

- fixed all uninitialized variable warnings

* Fri Oct 15 2004 Jason Vas Dias  - 4.1-19

- crontab -e should only strip NHEADER_LINES comments 
- (NHEADER_LINES==0), not at least one header comment line.
- (bug 135845)

* Sat Oct  9 2004 Florian La Roche  - 4.1-18

- no need to make user installed crontabs readable

* Thu Sep 30 2004 Jason Vas Dias  - 4.1-17

- Users not allowed to use 'crontab mycrontab', while
- 'crontab < mycrontab' allowed; this is because misc.c's
- swap_uids_back() was not using save_euid / save_egid .
- Thanks to Mads Martin Joergensen  for pointing this out.

* Wed Sep 29 2004 Jason Vas Dias  - 4.1-16

- Just found out in testing that if neither /etc/cron.{deny,allow}
- exist, root is unable to use crontab - I'm sure root could before,
- but is in any case meant to be able to. Allowing root to use crontab.

* Wed Sep 29 2004 Jason Vas Dias  - 4.1-14

- Fix for bug 130102 got dropped somehow from latest CVS.
- This is now restored - in %post, if neither /etc/cron.{deny,allow}
- exist, touch /etc/cron.deny, to allow all users to use crontab,
- as was previous default vixie-cron behaviour.

* Fri Sep 17 2004 Jason Vas Dias  - 4.1-12

- Merged Dan's patch with vixie-cron-4.1-11 which was not 
- latest version according to new CVS ?!?!

* Fri Sep 17 2004 Dan Walsh   - 4.1-12

- Updated SELinux patch to use checkPasswdAccess

* Tue Aug 31 2004 Jason Vas Dias   - 4.1-11

- Fixed SIGSEGV in free_user when !is_selinux_enabled() and crontab
- has no valid jobs (bug 131390).

* Wed Aug 18 2004 Jason Vas Dias   - 4.1.10

- Fixed bug 130102: Restored default behaviour if neither 
- /etc/cron.deny nor /etc/cron.allow exist - 'touch /etc/cron.deny'
- in %post

* Wed Aug 11 2004 Jason Vas Dias   - 4.1.9

- Removed 0600 mode enforcement as per Florian La Roche's request

* Tue Aug 10 2004 Jason Vas Dias   - 4.1.8

- Allowed editors such as 'gedit' which do not modify original
- file, but which rename(2) a temp file to original, to be used
- by crontab -e (bug 129170).

* Tue Aug 10 2004 Jason Vas Dias   - 4.1.8

- Added '-i' option to crontab to prompt the user before deleting
- crontab with '-r'.

* Tue Aug 10 2004 Jason Vas Dias   - 4.1.8

- Added documentation for '@' nicknames to crontab.5
- (bugs 107542, 89899). Also removed 'second when' (bug 59802).

* Sun Aug  1 2004 Jason Vas Dias   - 4.1.7

- fixed bug 128924: 'cron' log facility not being used

* Fri Jul 30 2004 Jason Vas Dias   - 4.1.6

- Added PAM 'auth sufficient pam_rootok.so' to /etc/pam.d/crond
- (fixes bug 128843) - on dwalsh's advice.

* Thu Jul 29 2004 Jason Vas Dias   - 4.1-5

- Added Buildrequires: pam-devel

* Wed Jul 28 2004 Dan Walsh  - 4.1-4

- Fix crontab to do SELinux checkaccess

* Wed Jul 28 2004 Jason Vas Dias   - 4.1-3

- Fixed bug 128701: cron fails to parse user 6th field in
- system crontabs (patch15)

* Tue Jul 27 2004 Jason Vas Dias   - 4.1-2

- Changed 'Requires' dependency from 'pam-devel' to 'pam'.

* Mon Jul 26 2004 Jason Vas Dias   - 4.1-1

- Added PAM access control support.

* Thu Jul 22 2004 Jason Vas Dias   - 4.1-1

- Changed post-install to change mode of existing crontabs to
- 0600 to allow run by new ISC cron 4.1

* Thu Jul 22 2004 Jason Vas Dias   - 4.1-1

- Upgraded to ISC cron 4.1

* Thu Jul  1 2004 Jens Petersen  - 3.0.1-94

- add vixie-cron-3.0.1-cron-descriptors-125110.patch to close std descriptors
  when forking (Bernd Schmidt, 121280)
- add vixie-cron-3.0.1-no-crontab-header-89809.patch to not prepend header to
  crontab files (Damian Menscher, 103899)
- fix use of RETVAL in init.d script (Enrico Scholz, 97784)
- add safer malloc call to vixie-cron-3.0.1-sprintf.patch 
- add cron-3.0.1-crontab-syntax-error-114386.patch to fix looping on crontab
  syntax error (Miloslav Trmac, 89937)

* Fri Jun 25 2004 Dan Walsh  - 3.0.1-93

- Add fixes from NSA

* Tue Jun 22 2004 Dan Walsh  - 3.0.1-92

- Add fixes from NSA

* Tue Jun 15 2004 Dan Walsh  - 3.0.1-91

- Change patch to check SElinux properly, go back to using fname instead of uname

* Tue Jun 15 2004 Elliot Lee 

- rebuilt

* Fri Jun  4 2004 Dan Walsh  - 3.0.1-89

- Fix patch

* Fri Jun  4 2004 Dan Walsh  - 3.0.1-88

- Add patch to allow it to run in permissive mode.

* Fri Feb 13 2004 Elliot Lee 

- rebuilt

* Wed Feb  4 2004 Dan Walsh  - 3.0.1-86

- Add security_getenforce check.

* Mon Jan 26 2004 Dan Walsh  - 3.0.1-85

- Fix call to is_selinux_enabled()

* Mon Dec  8 2003 Dan Walsh  - 3.0.1-84

- change daemon flag to 1

* Wed Dec  3 2003 Dan Walsh  - 3.0.1-83

- Add daemon to make sure child is clean

* Fri Nov  7 2003 Jens Petersen  - 3.0.1-82

- add vixie-cron-3.0.1-pie.patch to build crond as pie (#108414)
  [Ulrich Drepper]
- require libselinux and buildrequire libselinux-devel

* Thu Oct 30 2003 Dan Walsh  - 3.0.1-81.sel

- turn on selinux

* Tue Sep 30 2003 Jens Petersen  - 3.0.1-80

- add vixie-cron-3.0.1-vfork-105616.patch to use fork instead of vfork
  (#105616) [report and patch from ian@caliban.org]
- update vixie-cron-3.0.1-redhat.patch not to change DESTMAN redundantly
  (it is overrriden in the spec file anyway)

* Fri Sep  5 2003 Dan Walsh  - 3.0.1-79

- turn off selinux

* Fri Sep  5 2003 Dan Walsh  - 3.0.1-78.sel

- turn on selinux

* Tue Jul 29 2003 Dan Walsh  - 3.0.1-77

- Patch to run on SELinux

* Wed Jun  4 2003 Elliot Lee 

- rebuilt

* Wed Mar 19 2003 Jens Petersen  - 3.0.1-75

- add vixie-cron-3.0.1-root_-u-85879.patch from Valdis Kletnieks to allow
  root to run "crontab -u " even for users that aren't allowed to

* Wed Feb 19 2003 Jens Petersen  - 3.0.1-74

- fix preun script typo (#75137) [reported by Peter Bieringer]

* Tue Feb 11 2003 Bill Nottingham  3.0.1-73

- don't set SIGCHLD to SIG_IGN and then try and wait... (#84046)

* Fri Feb  7 2003 Nalin Dahyabhai  3.0.1-72

- adjust cron.d patch so that it ignores file with names that begin with '#'
  or end with '~', '.rpmorig', '.rpmsave', or '.rpmnew'
- merge hunk of buffer overflow patch into the cron.d patch

* Wed Jan 22 2003 Tim Powers 

- rebuilt

* Wed Dec 11 2002 Tim Powers  3.0.1-70

- rebuild on all arches

* Sat Jul 20 2002 Akira TAGOH  3.0.1-69

- vixie-cron-3.0.1-nonstrip.patch: applied to fix the stripped binary issue.

* Fri Jun 21 2002 Tim Powers 

- automated rebuild

* Mon Jun 10 2002 Bill Huang 

- Fix preun bugs.(#55340)
- Fix fprintf bugs.(#65209)

* Thu May 23 2002 Tim Powers 

- automated rebuild

* Mon Apr 15 2002 Bill Huang 

- Fixed #62963.

* Thu Apr  4 2002 James McDermott 

- Alter behavior of crontab to take stdin as the default
  behavior if no options are specified.

* Sun Jun 24 2001 Elliot Lee 

- Bump release + rebuild.

* Thu Mar  8 2001 Bill Nottingham 

- add patch from Alan Eldridge  to
  fix double execution of jobs (#29868)

* Sun Feb 11 2001 Bill Nottingham 

- fix buffer overflow in crontab

* Wed Feb  7 2001 Trond Eivind Glomsrød 

- fix usage string in initscript (#26533)

* Tue Feb  6 2001 Bill Nottingham 

- fix build with new glibc (#25931)

* Tue Jan 23 2001 Bill Nottingham 

- change i18n mechanism

* Fri Jan 19 2001 Bill Nottingham 

- log as 'crond', not 'CROND' (#19410)
- account for shifts in system clock (#23230, patch from )
- i18n-ize initscript

* Thu Aug 24 2000 Than Ngo 

- fix to set startup position correct at update

* Thu Aug 24 2000 Than Ngo 

- add /sbin/service to Prereq
- call /sbin/service instead service
- fix startup position (Bug #13353)

* Mon Aug  7 2000 Bill Nottingham 

- fix crond logging patch (dan@doom.cmc.msu.ru)
- log via syslog (suggestion from jos@xos.nl)
- put system crontab location in crontab(5) (#14842)

* Fri Jul 28 2000 Bill Nottingham 

- fix condrestart

* Fri Jul 21 2000 Bill Nottingham 

- fix reload bug (#14065)

* Fri Jul 14 2000 Bill Nottingham 

- move initscript back

* Thu Jul 13 2000 Prospector 

- automatic rebuild

* Thu Jul  6 2000 Bill Nottingham 

- prereq /etc/init.d

* Mon Jul  3 2000 Bill Nottingham 

- fix %post; we do condrestart in %postun

* Thu Jun 29 2000 Bill Nottingham 

- oops, fix init script

* Tue Jun 27 2000 Bill Nottingham 

- require new initscripts, not prereq

* Mon Jun 26 2000 Bill Nottingham 

- initscript hacks

* Wed Jun 14 2000 Nalin Dahyabhai 

- tweak logrotate config

* Sun Jun 11 2000 Bill Nottingham 

- rebuild in new env.
- FHS fixes
- don't ship chkconfig links

* Fri Mar 31 2000 Bill Nottingham 

- fix non-root builds (#10490)

* Sun Mar 26 2000 Florian La Roche 

- do not remove log files

* Thu Feb  3 2000 Bill Nottingham 

- handle compressed man pages

* Fri Sep 10 1999 Bill Nottingham 

- chkconfig --del in %preun, not %postun

* Wed Aug 25 1999 Bill Nottingham 

- fix buffer overflow

* Mon Aug 16 1999 Bill Nottingham 

- initscript munging

* Fri Jul 30 1999 Michael K. Johnson 

- dayofmonth and month can't be 0

* Thu Jun  3 1999 Jeff Johnson 

- in cron.log use "kill -HUP pid" not killall to preserve errors (#2241).

* Wed Apr 14 1999 Michael K. Johnson 

- add note to man page about DST conversion causing strangeness
- documented cron.d patch

* Tue Apr 13 1999 Michael K. Johnson 

- improved cron.d patch

* Mon Apr 12 1999 Erik Troan 

- added cron.d patch

* Tue Mar 23 1999 Bill Nottingham 

- logrotate changes

* Tue Mar 23 1999 Preston Brown 

- clean up log files on deinstallation

* Sun Mar 21 1999 Cristian Gafton  

- auto rebuild in the new build environment (release 28)

* Wed Dec 30 1998 Cristian Gafton 

- build for glibc 2.1

* Wed Jun 10 1998 Prospector System 

- translations modified for de

* Wed Jun 10 1998 Jeff Johnson 

- reset SIGCHLD before grandchild execle (problem #732)

* Sat May  2 1998 Cristian Gafton 

- enhanced initscript

* Mon Apr 27 1998 Prospector System 

- translations modified for de, fr, tr

* Thu Dec 11 1997 Cristian Gafton 

- added a patch to get rid of the dangerous sprintf() calls
- added BuildRoot and Prereq: /sbin/chkconfig

* Sun Nov  9 1997 Michael K. Johnson 

- fixed cron/crond dichotomy in init file.

* Wed Oct 29 1997 Donnie Barnes 

- fixed bad init symlinks

* Thu Oct 23 1997 Erik Troan 

- force it to use SIGCHLD instead of defunct SIGCLD

* Mon Oct 20 1997 Erik Troan 

- updated for chkconfig
- added status, restart options to init script

* Tue Jun 17 1997 Erik Troan 

- built against glibc

* Wed Feb 19 1997 Erik Troan 

- Switch conditional from "axp" to "alpha"


---------------------------------------------------------------------This update can be downloaded from:
  
fbc4cd5b0250e100d7248a8918db3db2  SRPMS/vixie-cron-4.1-33_FC3.src.rpm
61dabc38f4d172c9324e1e5325967477  x86_64/vixie-cron-4.1-33_FC3.x86_64.rpm
97a09afc99217befd111ff3b6ec807d7  x86_64/debug/vixie-cron-debuginfo-4.1-33_FC3.x86_64.rpm
007fbd960d6905a8371cc30a11cbed93  i386/vixie-cron-4.1-33_FC3.i386.rpm
fa82ed54e99044febcfbaa00c8215763  i386/debug/vixie-cron-debuginfo-4.1-33_FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list