CVE security fixes
Michael Schwendt
mschwendt at gmail.com
Wed Oct 24 17:54:53 UTC 2007
On 24/10/2007, Chris Kottaridis <chriskot at quietwind.net> wrote:
> I don't have a lot of fedora experience. I am checking what I have
> against the security status page to see if I am up to date with the
> various known security issues.
>
> I am trying to find how to get the patches for some of the security
> fixes mentioned on the security status page. Right now, specifically for
> the vixie-cron package. I found these three CVE reports:
>
> vixie-cron:
> fc7: CVE-2007-1856 backport (vixie-cron) #235882
> vixie-cron-4.1-hardlink.patch
> fc7: CVE-2006-2607 backport (vixie-cron)
> vixie-cron-4.1-_48-security.patch
> fc7: CVE-2005-1038 backport (vixie-cron)
> vixie-cron-4.1-CAN-2005-1038-fix-race.patch
>
> In the srpm I have I see the vixie-cron-4.1-_48-security.patch and the
> vixie-cron-4.1-CAN-2005-1038-fix-race.patch, but I don't see the
> vixie-cron-4.1-hardlink.patch.
>
> I would prefer to get the individual hardlink patch at this point as
> opposed to upgrading to some new version.
>
> Where does one find the patches mentioned in the security status pages ?
>
> Can they be found individually or would I have to unpack them from some
> newer SRPM ?
Fedora package CVS or the updates src.rpm packages.
More information about the fedora-list
mailing list