Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!metro!metro!munnari.OZ.AU!news.Hawaii.Edu!news.lava.net!news.pixi.com!news.zeitgeist.net!news.sprintlink.net!news-stk-11.sprintlink.net!www.nntp.primenet.com!nntp.primenet.com!howland.erols.net!worldnet.att.net!newsxfer2.itd.umich.edu!uunet!in3.uu.net!192.75.213.193!xenitec!nic.wat.hookup.net!omega.metrics.com!omega.metrics.com!not-for-mail
From: polk@BSDI.COM (Jeff Polk)
Newsgroups: comp.unix.bsd.bsdi.announce
Subject: BSDI: New official patch for BSD/OS 2.1 (U210-031 -- SECURITY)
Followup-To: comp.unix.bsd.bsdi.misc
Date: 27 Dec 1996 13:44:35 -0500
Organization: Software Metrics Inc.
Lines: 34
Sender: tomh@omega.metrics.com
Approved: tomh@metrics.com
Message-ID: <5a15ej$be1@omega.metrics.com>
NNTP-Posting-Host: omega.metrics.com
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.announce:30
There is a new security patch (U210-031) which fixes the buffer
overflow problems in the cron and crontab programs. This problem
was recently reported by AUSCERT and has received press in
various other forums. It is being actively exploited,
so sites are encouraged to apply the patch as soon as possible.
The patch is available via ftp at:
ftp://ftp.bsdi.com/bsdi/patches/patches-2.1/U210-031
or via the <patches@BSDI.COM> email server.
Jeff
--
/\ Jeff Polk Berkeley Software Design, Inc. (BSDI)
/\/ \ polk@BSDI.COM 5575 Tech Center Dr. #110, Colo Spgs, CO 80919
===================================================================
PATCH:
U210-031
SUMMARY:
This patch updates cron(8) and crontab(1) to the BSD/OS 3.0 versions
which fixes some security problems from previous versions (including
those detailed in the recent AUSCERT advisory).
md5 checksum: 5590213ab641ff1efe85b596e23f69e9 U210-031
===================================================================
--
[ /tom haapanen -- tomh@metrics.com -- software metrics inc -- waterloo, ont ]
[ "you see things; and you say 'why?'; but i dream ]
[ things that never were, and i say 'why not?' -- george bernard shaw ]