Hi team , I may have found a miss leading advisory about CVE-2017-9525 on your web site*1. The status of the vulnerability is still “needed” on Ubuntu 18.04 LTS (Bionic Beaver) . However, this is already fixed in version “3.0pl1-128.1ubuntu1” .
This vulnerability might be regarding maintenance script(such as posttest ) when I see Debian’s fixing *2. If it is, Ubuntu cron seems to be fixed at above version considering diffs on the version .*3 I apologize if I don’t follow reporting rules and if I mistake. *1 https://ubuntu.com/security/CVE-2017-9525 *2 https://salsa.debian.org/debian/cron/-/commit/a10ab4e346e941aaa92f4b671a96895392b917af <https://salsa.debian.org/debian/cron/-/commit/a10ab4e346e941aaa92f4b671a96895392b917af> *3 (around line 2992) https://launchpadlibrarian.net/345982798/cron_3.0pl1-128.1ubuntu1.diff.gz <https://launchpadlibrarian.net/345982798/cron_3.0pl1-128.1ubuntu1.diff.gz> Best regards
-- Ubuntu-motu mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
