Viewing all changes in revision 13.
- Committer: Bazaar Package Importer
- Date: 2009-05-12 12:36:21 UTC
- Revision ID: james.westby@ubuntu.com-20090512123621-g6ofzfmswllec2k0
* SECURITY UPDATE: cron does not check the return code of setgid() and
initgroups(), which under certain circumstances could cause applications
to run with elevated group privileges. Note that the more serious issue
of not checking the return code of setuid() was fixed in 3.0pl1-64.
(LP: #46649)
- do_command.c: check return code of setgid() and initgroups()
- CVE-2006-2607
initgroups(), which under certain circumstances could cause applications
to run with elevated group privileges. Note that the more serious issue
of not checking the return code of setuid() was fixed in 3.0pl1-64.
(LP: #46649)
- do_command.c: check return code of setgid() and initgroups()
- CVE-2006-2607
- files modified:
- debian/changelog
expand all
collapse all
added
removed
