Accepted fcron 2.9.5.1-1 (i386 source)

Fri, 19 Nov 2004 04:55:49 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 19 Nov 2004 10:20:44 -0200
Source: fcron
Binary: fcron
Architecture: source i386
Version: 2.9.5.1-1
Distribution: unstable
Urgency: high
Maintainer: Russell Coker <[EMAIL PROTECTED]>
Changed-By: Henrique de Moraes Holschuh <[EMAIL PROTECTED]>
Description: 
 fcron      - cron-like scheduler with extended capabilities
Closes: 281436
Changes: 
 fcron (2.9.5.1-1) unstable; urgency=high
 .
   * New upstream source:
      * SECURITY FIX: Due to design errors in the fcronsighup program, Fcron
        may allow a local user to bypass access restrictions (CAN-2004-1031),
        view the contents of root owned files (CAN-2004-1030), remove
        arbitrary files or create empty files (CAN-2004-1032), and send a
        SIGHUP to any process.  A vulnerability also exists in fcrontab which
        may allow local users to view the contents of fcron.allow and
        fcron.deny (CAN-2004-1033).
        Ref: iDEFENSE Security Advisory 11.15.04.
        (closes: #281436)
   * Thanks to Gentoo's GLSA 200411-27 for providing the above text ;-)
   * Add myself to uploaders
   * Use $(MAKE) distclean on clean: target
   * Clean up autom4te.cache directory on clean: target
   * Rename fcron-update-crontabs.1 to fcron-update-crontabs.8, since it
     is in section 8 anyway
   * Add non-virtual-package packages to dependencies on virtual packages
     (syslog-daemon and mail-transport-agent).  Use packages that are
     priority standard or higher for that
   * Fix initscript so that it will start a stopped daemon on "restart"
   * Now compliant to standards-version 3.6.1, bump control file entry
     accordingly
Files: 
 4de4126d9ce1291013e96a3d216e512c 664 admin extra fcron_2.9.5.1-1.dsc
 bf39dcef6d0c452f167f5a31a1231e4e 398400 admin extra fcron_2.9.5.1.orig.tar.gz
 17140e8dc005be1e92d125890b4864bd 10545 admin extra fcron_2.9.5.1-1.diff.gz
 e8e1ad79870a5cca477e6dd3eb5e783f 150498 admin extra fcron_2.9.5.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBnehX7iXePxzbD+MRAqDPAKCMINRKe5+xFohJPrheYYzbfvcbzQCeJcSQ
IApTn8RrozV5eIHLajf3xss=
=W6NO
-----END PGP SIGNATURE-----


Accepted:
fcron_2.9.5.1-1.diff.gz
  to pool/main/f/fcron/fcron_2.9.5.1-1.diff.gz
fcron_2.9.5.1-1.dsc
  to pool/main/f/fcron/fcron_2.9.5.1-1.dsc
fcron_2.9.5.1-1_i386.deb
  to pool/main/f/fcron/fcron_2.9.5.1-1_i386.deb
fcron_2.9.5.1.orig.tar.gz
  to pool/main/f/fcron/fcron_2.9.5.1.orig.tar.gz


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to