anybody wanting to have a look at fcron review?
Patrice Dumas
pertusus at free.fr
Tue Jun 13 16:19:21 UTC 2006
> I take it the two CVEs from February are fixed in the packaged
> version?
>
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-0575
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-0539
Yes, at least it is what is said upstream about those issues. Moreover
the vulnerable program, convert-fcrontab isn't shipped in the package
submitted to fedora extras, so it is not vulnerable.
--
Pat
More information about the fedora-extras-list
mailing list