CVSROOT: /cvs Module name: src Changes by: bl...@cvs.openbsd.org 2024/08/19 09:13:45
Modified files: usr.sbin/cron : Tag: OPENBSD_7_5 entry.c Log message: Fix CVE-2024-43688, buffer underflow for very large step values In get_number(), reject values that are so large that they are interpreted as negative numbers. In set_range(), step values smaller than one or larger than the "stop" value are ignored. This prevents bit_nset() from being called with out-of-range values. from millert@; Bug found by Dave G. of Supernetworks. this is errata/7.5/006_cron.patch.sig