anybody wanting to have a look at fcron review?

Jason L Tibbitts III tibbs at math.uh.edu
Tue Jun 13 16:00:48 UTC 2006


>>>>> "PD" == Patrice Dumas <pertusus at free.fr> writes:

PD> It includes setuid/setgid programs, so there are potential
PD> security risks. Maybe it could replace cron/anacron in core, so it
PD> may be better if it is rightly reviewed.

I take it the two CVEs from February are fixed in the packaged
version?

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-0575
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-0539

 - J<




More information about the fedora-extras-list mailing list