Format: 1.8 Date: Fri, 29 Apr 2022 11:16:53 +0200 Source: cron Binary: cron Architecture: armhf Version: 3.0pl1-128.1ubuntu1.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: David Fernandez Gonzalez Description: cron - process scheduling daemon Changes: cron (3.0pl1-128.1ubuntu1.1) bionic-security; urgency=medium . * SECURITY UPDATE: privilege escalation in postinst script - Add sanity checks over the entries in spool directory and set up owner and group accordingly in debian/postinst - CVE-2017-9525 * SECURITY UPDATE: denial of service via large file - Add sanity check in case of running out of memory when parsing the file in entry.c - CVE-2019-9704 * SECURITY UPDATE: denial of service via large file - Add sanity check to ensure that no more than 1000 lines of length are allowed in crontabs in cron.h, crontab.c and user.c. - CVE-2019-9705 * SECURITY UPDATE: denial of service by use-after-free - Add return values when there is no memory available in database.c - CVE-2019-9706 Checksums-Sha1: 77a9e64184232295d8d636df9a15c8c1fcb80a54 84792 cron-dbgsym_3.0pl1-128.1ubuntu1.1_armhf.ddeb 8e2b2b39cc34a628f5aa7d358361e0a66ca3397b 5646 cron_3.0pl1-128.1ubuntu1.1_armhf.buildinfo d5f8ae80f33d46ca40b75e6e81e26331121c89da 65844 cron_3.0pl1-128.1ubuntu1.1_armhf.deb Checksums-Sha256: a1dae76f920d64b7eecfb75028cab24ebfdde0f5121975a55a37ba6363be5ae1 84792 cron-dbgsym_3.0pl1-128.1ubuntu1.1_armhf.ddeb 9b32573ed44c535a5807fe635f66a8f7490d41c5056c282f18a9d6389e7d4241 5646 cron_3.0pl1-128.1ubuntu1.1_armhf.buildinfo 477efaddd1b86538376cdbf543d9c00e2a607487227965e2c99843d650267db4 65844 cron_3.0pl1-128.1ubuntu1.1_armhf.deb Files: 68f17cfdff0fcd0107c3403b2048cd47 84792 debug optional cron-dbgsym_3.0pl1-128.1ubuntu1.1_armhf.ddeb e0ca2af463dca6a389e7dc78b87bcbd7 5646 admin important cron_3.0pl1-128.1ubuntu1.1_armhf.buildinfo 4a8acba649fc767b7a8387eba7f7d0d7 65844 admin important cron_3.0pl1-128.1ubuntu1.1_armhf.deb Original-Maintainer: Maintainer: Javier Fernández-Sanguino Peña