Synopsis: Moderate: vixie-cron security update
Issue date: 2007-05-17
CVE Names: CVE-2007-1856
Raphael Marichez discovered a denial of service bug in the way
vixie-cron verifies crontab file integrity. A local user with the
ability to create a hardlink to /etc/crontab can prevent vixie-cron from
executing certain system cron jobs. (CVE-2007-1856)
SL 3.0.x
SRPMS:
vixie-cron-4.1-19.EL3.src.rpm
i386:
vixie-cron-4.1-19.EL3.i386.rpm
x86_64:
vixie-cron-4.1-19.EL3.x86_64.rpm
SL 4.x
SRPMS:
vixie-cron-4.1-47.EL4.src.rpm
i386:
vixie-cron-4.1-47.EL4.i386.rpm
x86_64:
vixie-cron-4.1-47.EL4.x86_64.rpm
SL 5.x
SRPMS:
vixie-cron-4.1-70.el5.src.rpm
i386:
vixie-cron-4.1-70.el5.i386.rpm
x86_64:
vixie-cron-4.1-70.el5.x86_64.rpm
-Connie Sieh
-Troy Dawson