Your message dated Sat, 23 Apr 2005 11:30:08 -0500 with message-id <[EMAIL PROTECTED]> and subject line Bug#306004: cron: CAN-2005-1038 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 23 Apr 2005 14:20:15 +0000 >From [EMAIL PROTECTED] Sat Apr 23 07:20:15 2005 Return-path: <[EMAIL PROTECTED]> Received: from mrelay3.uni-hannover.de [130.75.2.41] (root) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DPLUU-0000W4-00; Sat, 23 Apr 2005 07:20:14 -0700 Received: from mail.itp.uni-hannover.de (mail.itp.uni-hannover.de [130.75.25.242]) by mrelay3.uni-hannover.de (8.12.10/8.12.10) with ESMTP id j3NEK99e001571 for <[EMAIL PROTECTED]>; Sat, 23 Apr 2005 16:20:09 +0200 (MEST) Received: from pleione.itp.uni-hannover.de (pleione.itp.uni-hannover.de [130.75.25.99]) by mail.itp.uni-hannover.de (Postfix) with ESMTP id 6DCAD1B5ED; Sat, 23 Apr 2005 16:20:04 +0200 (CEST) Received: by pleione.itp.uni-hannover.de (Postfix, from userid 237) id 4548E5F48; Sat, 23 Apr 2005 16:20:04 +0200 (CEST) From: Helge Kreutzmann <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: cron: CAN-2005-1038 X-Mailer: reportbug 1.50 Date: Sat, 23 Apr 2005 16:20:04 +0200 Message-Id: <[EMAIL PROTECTED]> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.2.2 (mrelay3.uni-hannover.de [130.75.2.41]); Sat, 23 Apr 2005 16:20:09 +0200 (MEST) X-Scanned-By: MIMEDefang 2.42 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: cron Version: 3.0pl1-72 Severity: grave Tags: security, woody, sarge Justification: user security hole The report on http://lwn.net/Articles/132380/ (and in the CVE) states, that this problem only relates to version 4.1. If this is the case, then plase add CAN-2005-1038 to http://www.debian.org/security/nonvulns-woody and http://www.debian.org/security/nonvulns-sarge On the other hand, the reporter (as cited in the CVE report) states in http://www.securityfocus.com/archive/1/395093 that he *used* this version for the exploit, not that it is possible only there. As the CVE-report also states, this might be a duplicate CVE-2001-0235. If this is indeed the case, please update the above nonvulns pages as well to avoid future confusion. -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux pleione 2.4.26-grsec #1 Tue Aug 10 15:42:40 CEST 2004 i686 Locale: LANG=en_US, LC_CTYPE=en_US Versions of packages cron depends on: ii debianutils 1.16.2woody1 Miscellaneous utilities specific t ii libc6 2.2.5-11.8 GNU C Library: Shared libraries an ii libpam0g 0.72-35 Pluggable Authentication Modules l --------------------------------------- Received: (at 306004-done) by bugs.debian.org; 23 Apr 2005 16:30:13 +0000 >From [EMAIL PROTECTED] Sat Apr 23 09:30:13 2005 Return-path: <[EMAIL PROTECTED]> Received: from fury.moregruel.net [64.62.190.193] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DPNWH-0005qp-00; Sat, 23 Apr 2005 09:30:13 -0700 Received: from speedy.private (206.180.155.39.adsl.hal-pc.org [206.180.155.39]) by fury.moregruel.net (Postfix) with ESMTP id 2789F18BBC; Sat, 23 Apr 2005 11:30:09 -0500 (CDT) Received: by speedy.private (Postfix, from userid 1000) id 0631614141; Sat, 23 Apr 2005 11:30:08 -0500 (CDT) Date: Sat, 23 Apr 2005 11:30:08 -0500 From: Steve Greenland <[EMAIL PROTECTED]> To: Helge Kreutzmann <[EMAIL PROTECTED]>, [EMAIL PROTECTED] Cc: debian-www@lists.debian.org Subject: Re: Bug#306004: cron: CAN-2005-1038 Message-ID: <[EMAIL PROTECTED]> Reply-To: Steve Greenland <[EMAIL PROTECTED]> Mail-Followup-To: Steve Greenland <[EMAIL PROTECTED]>, Helge Kreutzmann <[EMAIL PROTECTED]>, [EMAIL PROTECTED], debian-www@lists.debian.org References: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <[EMAIL PROTECTED]> Organization: Not my strong point User-Agent: Mutt/1.5.9i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: On 23-Apr-05, 09:20 (CDT), Helge Kreutzmann <[EMAIL PROTECTED]> wrote: > The report on http://lwn.net/Articles/132380/ (and in the CVE) states, > that this problem only relates to version 4.1. If this is the case, > then plase add CAN-2005-1038 to > > http://www.debian.org/security/nonvulns-woody > > and > > http://www.debian.org/security/nonvulns-sarge I don't have any control over those pages. I've cc'd debian-www@lists.debian.org: web folks: we're not vulnerable to this. Anyway, this was fixed long ago, as a perusal of the changelog will show: cron (3.0pl1-62) unstable; urgency=medium [*snip*] * Protect against reading other people's crontabs via temp file symlink in crontab -e. -- Steve Greenland <[EMAIL PROTECTED]> Sat, 27 Jan 2001 17:01:43 -0600 As for the older CVE, a few minutes investigation shows that this was fixed in -57.2, as per Debian DSA-024, back in potato days, thus it doesn't belong on the woody or sarge nonvulns page. Oh, and thanks to Mr. Gran for checking sarge and sid. Steve -- Steve Greenland The irony is that Bill Gates claims to be making a stable operating system and Linus Torvalds claims to be trying to take over the world. -- seen on the net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]