Advisories » MGASA-2013-0377

Updated fcron package fixes security vulnerability and init script

Publication date: 18 Dec 2013
Modification date: 18 Dec 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2010-0792

Description

fcrontab in fcron before 3.0.5 allows local users to read arbitrary files
via a symlink attack on an unspecified file (CVE-2010-0792).

An error in the init script as also been corrected.
                

References

• https://lists.fedoraproject.org/pipermail/package-announce/2010-March/038150.html
• https://bugs.mageia.org/show_bug.cgi?id=11784
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0792

SRPMS

3/core

• fcron-3.0.6-1.1.mga3