-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2009-05-12 12:36:21 UTC
-
Revision ID:
james.westby@ubuntu.com-20090512123621-g6ofzfmswllec2k0
Tags: 3.0pl1-100ubuntu2.1
* SECURITY UPDATE: cron does not check the return code of setgid() and
initgroups(), which under certain circumstances could cause applications
to run with elevated group privileges. Note that the more serious issue
of not checking the return code of setuid() was fixed in 3.0pl1-64.
(LP: #46649)
- do_command.c: check return code of setgid() and initgroups()
- CVE-2006-2607