-
cron (3.0pl1-184) unstable; urgency=medium
* created a new file /etc/supercat/spcrc-crontab-light for light
backgrounds, and modified /etc/supercat/spcrc-crontab for dark
backgrounds. Closes: #1061164
* demoted supercat from Recommends: to Suggests:. Closes: #1061196
-- Georges Khaznadar <email address hidden> Sun, 21 Jan 2024 12:10:45 +0100
-
cron (3.0pl1-183) unstable; urgency=medium
* deleted the patch features/Coloring_the_ouput_of_crontab_l.patch,
enhanced the patch docs/more_examples_for_crontab.patch, added
the file spcrc-crontab and recommended the package supercat, to
give an opportunity to colorize the output of `crontab -l`, while
keeping this output accessible. Closes: #1059828
-- Georges Khaznadar <email address hidden> Thu, 18 Jan 2024 09:51:30 +0100
-
cron (3.0pl1-182) unstable; urgency=medium
* patched crontab.5 to document the possible use of leading zeroes,
in order to line up columns. Closes: #946382
-- Georges Khaznadar <email address hidden> Mon, 25 Dec 2023 19:13:06 +0100
-
cron (3.0pl1-179) unstable; urgency=medium
* improved crontab.c: it now emits a COLOR_RESET escape sequence before
sending '\n' to ttys. Closes: #1055197
-- Georges Khaznadar <email address hidden> Sun, 12 Nov 2023 20:11:18 +0100
-
cron (3.0pl1-178) unstable; urgency=medium
* checked that debian/crontab.main keeps /bin and /sbin in the PATH.
Closes: #1051138
* modified crontab.c, so `crontab -l` emits a COLOR_RESET escape sequence
to a tty unconditionaly at the end of the lines, to prevent prompt
corruption later. Closes: #1054327
-- Georges Khaznadar <email address hidden> Wed, 01 Nov 2023 17:56:35 +0100
-
cron (3.0pl1-177) unstable; urgency=medium
* Included Alexander Schwinn's PR: this is about checking steps in crontabs,
to prevent insane divisions, like dividing one hour in more than 60 steps
for example
* added a new test 'step_size_out_of_bound' to check the previous change
* modified the fake editor debian/tests/cronfiller.py so it can take in
account an environment variable LINES to append some lines to a
crontab file.
* made a longer sleep (now 4 seconds) in the test
'check-messages-sent-by-cron' to prevent random failures due to a
heavily loaded host
-- Georges Khaznadar <email address hidden> Thu, 19 Oct 2023 18:41:20 +0200
-
cron (3.0pl1-176) unstable; urgency=medium
* added the switch -n in the synopsis line of cron.8
* enable debug by default (it must still be triggered by -x when
calling cron); enabled the -N switch when DEBUGGING is enabled for
cron.
* documented the -x switch in cron.8
* declared myself as maintainer
* made a roud trip with `gbp pq import/export`, which modifies the
debian patches (adding some information, like for example a summary
for every modified file)
* modified the patch features/Coloring_the_ouput_of_crontab_l.patch
in order to touch the background color when the foregroud color is
changed, and keep an acceptable contrast. Closes: #1053288
* added SyslogFacility=cron in the file cron.service. Closes: #1051619
-- Georges Khaznadar <email address hidden> Tue, 10 Oct 2023 19:45:44 +0200
-
cron (3.0pl1-175) unstable; urgency=medium
* removed the line SHELL=/usr/bin/sh from an example in crontab.5; this,
Closes: #166533
* according to Message-ID: <email address hidden> sent to
<email address hidden>, this bug should be closed now ??
Closes: #915289 anyway.
* uncommented EXTRA_OPTS="" in debian/cron.default; Closes: #1050702
-- Georges Khaznadar <email address hidden> Sun, 03 Sep 2023 12:30:35 +0200
-
cron (3.0pl1-174) unstable; urgency=medium
* modified the debian patch features/cron_now.patch. Removed the script
make_cron_now.py. Added a new switch (-N) to the cron command, which
makes it run the cron jobs once, like when a tick happens, an exit.
Documented the new features in cron.8, removed the command cron_now and
its manpage. Added an entry in debian/cron.NEWS. Simplified debian/rules.
Removed the dependency on libselinux1. Closes: #1050482
* modified the test suite to use `cron -N` instead of cron_now
-- Georges Khaznadar <email address hidden> Sun, 27 Aug 2023 19:30:24 +0200
-
cron (3.0pl1-173) unstable; urgency=medium
* fixed the code which colorizes the output of `crontab -l`
* added an autopkgtest for this feature
-- Georges Khaznadar <email address hidden> Thu, 24 Aug 2023 18:31:00 +0200
-
cron (3.0pl1-171) unstable; urgency=medium
* applied one change proposed by Helge Kreutzmann (thanks!).
Closes: #964386
-- Georges Khaznadar <email address hidden> Thu, 24 Aug 2023 13:13:11 +0200
-
cron (3.0pl1-170) unstable; urgency=medium
* removed the reference to the missing file debian/make_cron_now.py
in debian/copyright, since this file is created by a debian patch now.
* added an entry to NEWS.Debian
* taken in account Vincent Lefevre's last reply about bug #1049964:
simplified _PATH_DEFPATH in pathnames.h and restored debian/crontab.main
to a reasonable content. Closes: #1049964
-- Georges Khaznadar <email address hidden> Sat, 19 Aug 2023 17:15:58 +0200
-
cron (3.0pl1-169) unstable; urgency=medium
* modified the patch fixes/Usr-bin-sbin.patch in order to add the
older path /sbin, necessary for some commands.
Closes: #1049964
* checked that the sentence « The system administrator may create cron
jobs in /etc/cron.d/ with file names like "local" or "local-foo" » is
part of the file cron.8 when it is patched. Closes: #1035914
-- Georges Khaznadar <email address hidden> Sat, 19 Aug 2023 10:12:05 +0200
-
cron (3.0pl1-168) unstable; urgency=medium
* modified the patch fixes/Usr-bin-sbin.patch in order to add the
older path /bin, still necessary for the command /bin/run-parts.
Closes: 1049969
-- Georges Khaznadar <email address hidden> Fri, 18 Aug 2023 08:22:02 +0200
-
cron (3.0pl1-167) unstable; urgency=medium
* adopted Daniel Lewart's suggestion for cron.8; Closes: #035914
* fixed crontab.5 for the example showing how to analyze the date
for a fine timing. Closes: #1032823
* modified debian/watch, so uscan does no longer report version 4.1 from
Vixie as the latest to consider.
* merged Alexandre Detiste's pull request
https://salsa.debian.org/debian/cron/-/merge_requests/11
Closes: #1049353
-- Georges Khaznadar <email address hidden> Wed, 16 Aug 2023 12:53:31 +0200
-
cron (3.0pl1-166) unstable; urgency=medium
* upgraded Standards-Version: 4.6.2
* modified the patch for crontab.5, according to Christian Buhtz' work,
thanks! see: https://salsa.debian.org/buhtz/cron
* reverted some of the changes brought by crontab_5_manpage.patch,
particularly those which broke the changes made by the patch
No-multiple-timezones.patch. Closes: #1025536
* marked cron-daemon-common package as Multi-Arch: foreign.
Closes: #1035314
* modified debian/cron.init in order to consider /etc/localtime, and the
patch features/Debian-manpage-and-doc-updates.patch
Closes: #1038836
* created the new patch debian/Usr-bin-sbin.patch, and mofified
debian/crontab.main, to modernize PATHs. Closes: #1042894
-- Georges Khaznadar <email address hidden> Mon, 14 Aug 2023 11:43:02 +0200
-
cron (3.0pl1-165) unstable; urgency=medium
* increased the sleep time up to 2 seconds in an autopkgtest, to let
the MTA finalize cron_now's actions on every architecture, more
securely.
-- Georges Khaznadar <email address hidden> Mon, 14 Aug 2023 11:05:57 +0200
-
cron (3.0pl1-164) unstable; urgency=medium
* added a new command named cron_now; it is meant to launch cron
jobs immediately, quite exactly as when one minute has elapsed
with cron. A debian patch provides the file contrib/make_cron_now.py
which derives a file cron_now.c from the source cron.c
* wrote a man page for the command cron_now
* modified one test for autopkgtest, to make use of cron_now
* added a build-dependency on python3 (needed to build cron_now.c),
and modified debian/rules to compile cron_now.
-- Georges Khaznadar <email address hidden> Mon, 07 Aug 2023 22:30:01 +0200
-
cron (3.0pl1-163) unstable; urgency=medium
* Checked that the patch debian/patches/fixes/crontab_5_manpage.patch
confirms that all features about @reboot were removed. Closes: #779845;
checked that crontab(5) manual page is no longer outdated as
Tobias Köck used to notice it. Closes: #1037442
* adopted Daniel Lewart's patch (thanks!), which improves debian patch
No-multiple-timezones.patch. Closes: #1025536
* modified debian/cron.postinst in a way which allows script lines added
by debhelper to be considered. Closes: #1038938
-- Georges Khaznadar <email address hidden> Wed, 26 Jul 2023 15:01:18 +0200
-
cron (3.0pl1-162) unstable; urgency=medium
* moved "Breaks: systemd-cron(<<1.15.19-5~)" to the package
cron-daemon-common. Closes: #1031231
-- Georges Khaznadar <email address hidden> Thu, 02 Mar 2023 08:33:55 +0100
-
cron (3.0pl1-161) unstable; urgency=medium
* added "Breaks: systemd-cron(<<1.15.19-5~)"; Closes: #1031231
-- Georges Khaznadar <email address hidden> Thu, 23 Feb 2023 12:10:17 +0100
-
cron (3.0pl1-160) unstable; urgency=medium
* disregard /etc/cron.yearly in debian/tests/compare-with-old-cron-files
* defined a "-n" switch for crontab, which means "dry run". This allows
one to call `crontab -n foo` which will check the file foo for its
syntax and report something, without writing any crontab.
Closes: #979578, thanks to 積丹尼 Dan Jacobson
* defined a "-h" switch for crontab, which makes it display the help
information and quit. Closes: #946383, thanks to 積丹尼 Dan Jacobson
-- Georges Khaznadar <email address hidden> Mon, 13 Feb 2023 13:46:47 +0100
-
cron (3.0pl1-159) unstable; urgency=medium
* included 積丹尼 Dan Jacobson's nice example into crontab.5
Closes: #955452
-- Georges Khaznadar <email address hidden> Mon, 13 Feb 2023 12:36:56 +0100
-
cron (3.0pl1-156) unstable; urgency=medium
* reverted the previous change (dependency on dpkg)
* in debian/crontab.postrm, lanch dpkg-statoverride --remove only when
dpkg-statoverride --list return some override; Closes: #1027476
-- Georges Khaznadar <email address hidden> Wed, 11 Jan 2023 16:12:26 +0100
-
cron (3.0pl1-155) unstable; urgency=medium
* added a dependency on dpkg. Closes: #1027476
-- Georges Khaznadar <email address hidden> Mon, 09 Jan 2023 21:32:55 +0100
-
cron (3.0pl1-154) unstable; urgency=medium
* fixed a date discrepancy occurring in d/cron.NEWS, about
Christian Kastner's changes which touched version 3.0pl1-119,
and another one in d/NEWS which touched version 3.0pl1-134.
* merged file debian/NEWS into debian/cron.NEWS.
* signaled some lintian overrides for package cron-daemon-common: hidden
files .placeholder should not raise warnings about
missing-systemd-timer-for-cron-script
* fixed spelling in debian/changelog, with US/English dictionary.
* used Reuben Thomas' patch to fix crontab(5); Thanks! Closes: #980374
-- Georges Khaznadar <email address hidden> Thu, 08 Dec 2022 17:30:31 +0100
-
cron (3.0pl1-153) unstable; urgency=medium
* patched crontab.5, in order to provide an example of a workaround
for people who would like to address the multiple timezone issue.
Closes: #166533
-- Georges Khaznadar <email address hidden> Mon, 28 Nov 2022 16:31:51 +0100
-
cron (3.0pl1-152) unstable; urgency=medium
* new patch debian/patches/fixes/Check_for_timezone_changes.patch:
check the timezone inconditionnaly. Closes: #1019716
-- Georges Khaznadar <email address hidden> Sun, 27 Nov 2022 20:41:35 +0100
-
cron (3.0pl1-151) unstable; urgency=medium
* bumped a breaks+replace clause, now against cronie (<< 1.6.1-5)
Closes: #1023325
-- Georges Khaznadar <email address hidden> Sun, 13 Nov 2022 17:26:56 +0100
-
cron (3.0pl1-150) unstable; urgency=medium
[ Georges Khaznadar ]
* documented a little more debian/patches/features/protect-list.patch
* included changes made by Janitor:
+ Trim trailing whitespace.
+ Update standards version to 4.6.1
[ Johannes Schauer Marin Rodrigues ]
* Remove dependency on lsb-base (Closes: #1020603)
-- Georges Khaznadar <email address hidden> Sun, 02 Oct 2022 18:54:39 +0200
-
cron (3.0pl1-149) unstable; urgency=medium
* manage characters \r and \b in a special way, since one could use
them to obfuscate a crontab. This patch closes: #585552.
Now one can insert characters \r and \b into a crontab's shell command,
`crontab -l` will show those characters in escaped format; so the
obfuscation is more difficult to create.
* introduced the debian patch d/patches/features/protect-list.patch and
the test d/tests/check-listings-protection to create the feature and
check that it works as expected
-- Georges Khaznadar <email address hidden> Mon, 25 Jul 2022 15:43:43 +0200
-
cron (3.0pl1-148) unstable; urgency=medium
* moved the dependency on adduser from packahe cron to package
cron-daemon-common. Closes: #1013916; thanks, Mark Hindley!
-- Georges Khaznadar <email address hidden> Mon, 18 Jul 2022 12:52:27 +0200
-
cron (3.0pl1-147) unstable; urgency=medium
* added a test for d/fixes/Pam-group-after-fork.patch
* merged Jorge Gualtieri's pull request, so this test is working.
* added a text utility to display text surronded by a frame
* grouped the two tests which are waiting for a crontab job in the
same file, so there is one single delay
* modified dependencies for the tests
-- Georges Khaznadar <email address hidden> Mon, 11 Jul 2022 10:33:30 +0200
-
cron (3.0pl1-145) unstable; urgency=medium
* included Jorge Rocha Gualtieri's patch, and shifted the change
by many lines (closes: #983817)
* moved part of debian/cron.postrm to debian/cron-daemon-common.postrm,
added a condition in debian/cron-daemon-common.postrm: systemd-cron
must not be installed, to let it remove /etc/cron.allow and
/etc/cron.deny (closes: #773095)
-- Georges Khaznadar <email address hidden> Mon, 04 Jul 2022 09:37:15 +0200
-
cron (3.0pl1-144) unstable; urgency=medium
* added versioned Conflicts/Replaces clauses for bcron and systemd-cron
Closes: #1012596
* added Conflicts/Replaces clauses between cron and other packages providing
cron-daemon.
-- Georges Khaznadar <email address hidden> Mon, 13 Jun 2022 18:33:28 +0200
-
cron (3.0pl1-143) unstable; urgency=medium
* modified the test "do_not_modify_previous_crontabs" in order to
prevent its output of the sentence "debconf: delaying package
configuration, since apt-utils is not installed" to stderr.
-- Georges Khaznadar <email address hidden> Thu, 09 Jun 2022 14:51:19 +0200
-
cron (3.0pl1-142) unstable; urgency=medium
* added a test to check that older configuration files are preserved
when cron-daemon-common is installed. This test is successfully run by
Salsa'CI.
-- Georges Khaznadar <email address hidden> Wed, 08 Jun 2022 18:44:58 +0200
-
cron (3.0pl1-139) unstable; urgency=medium
* applied simplifications proposed by Debian Janitor:
- removed the dependency on debianutils,
- removed the version constraints for dependencies lsb-base, libpam-runtime
- removed the version constraint for the suggestion anacron
-- Georges Khaznadar <email address hidden> Sun, 15 May 2022 20:17:22 +0200
-
cron (3.0pl1-138) unstable; urgency=medium
* Added myself as an Uploader
* Add bitstring.h as a dependency to CRON_OBJ and CRONTAB_OBJ
* applied changes proposed by debian Janitor
(https://salsa.debian.org/debian/cron/-/merge_requests/2/diffs)
- fixed a line length in d/changelog
- bumped Standards-Version: 4.6.0, debhelper-compat (= 13)
- erased debian/cron.prerm, which contined nothing useful.
* replaced a sequence of spaces by a tab in line 18 of debian/crontab.main,
so line 18 has the same syntax as following lines of the same file.
Closes: #930765
* added the command `dpkg-statoverride --remove /usr/bin/crontab`, to
be called when the package is purged. Closes: #984586
-- Georges Khaznadar <email address hidden> Sun, 08 May 2022 15:14:55 +0200
-
cron (3.0pl1-137.1) unstable; urgency=medium
* Non-maintainer upload.
* authorized characters like "=", "/" in email addresses.
the modified file is debian/patches/features/Add-MAILFROM-environment-variable.patch
Closes: #990026
-- Georges Khaznadar <email address hidden> Tue, 13 Jul 2021 11:04:41 +0200
-
cron (3.0pl1-137) unstable; urgency=medium
[ Laurent Combe ]
* Add patch Add-MAILFROM-environment-variable.patch
(Closes: #898177, #1750051)
[ Christian Kastner ]
* Modify the above patch to use cronie's safe_p() function for email
validation
* Remove myself from Uploaders
-- Christian Kastner <email address hidden> Mon, 22 Feb 2021 23:43:24 +0100
-
cron (3.0pl1-136) unstable; urgency=medium
* Convert package to source format 3.0 (quilt). Finally.
The conversion was mostly manual, and the process was documented in
debian/source-format-3.md. (Closes: #806225)
* Bump Standards-Version to 4.5.0 (no changes needed)
-- Christian Kastner <email address hidden> Mon, 10 Feb 2020 20:16:06 +0100
-
cron (3.0pl1-135) unstable; urgency=medium
[ Laurent Bigonville ]
* Stop using obsolete SELinux API (Closes: #924716)
[ Christian Kastner ]
* d/control: Bump Standards-Version to 4.4.0 (no changes needed)
* cron.8: Add missing reference to .dpkg-old. Thanks, Vincent Lefevre!
(Closes: #926713)
[ Jakub Wilk ]
* crontab.5: Fix misuse of en-dash in examples, and remove stray character
from the LIMITATIONS example. (Closes: #934543)
-- Christian Kastner <email address hidden> Sun, 15 Sep 2019 09:13:43 +0200
-
cron (3.0pl1-134) unstable; urgency=medium
* Increase maximum crontab length to 10,000 lines.
The previous limit proved to be too low for users with edge cases.
(Closes: #925276)
* Add NEWS entry for crontab line limit increase.
-- Christian Kastner <email address hidden> Sun, 23 Jun 2019 19:49:01 +0200
-
cron (3.0pl1-133) unstable; urgency=medium
* SECURITY: Fix bypass of /etc/cron.{allow,deny} on failure to open
If these files exist, then they must be readable by the user executing
crontab(1). Users will now be denied by default if they aren't.
(LP: #1813833)
* SECURITY: Fix for possible DoS by use-after-free
A user reported a use-after-free condition in the cron daemon, leading to a
possible Denial-of-Service scenario by crashing the daemon.
(Closes: #809167)
* SECURITY: DoS: Fix unchecked return of calloc()
Florian Weimer discovered that a missing check for the return value of
calloc() could crash the daemon, which could be triggered by a very
large crontab created by a user.
* Enforce maximum crontab line count of 1000 to prevent a malicious user
from creating an excessivly large crontab. The daemon will log a warning
for existing files, and crontab(1) will refuse to create new ones.
* Add d/NEWS altering to the new 1000 lines limit.
* Move /var/run/crond.reboot to /run/crond.reboot.
* crontab.5: Reverse the info on tilde expansion. When setting PATH, most
shells will not expand a tilde. Thanks, Tim Landscheidt, for the analysis.
(Closes: #801328)
* Fixes for numerous man page issues. Remove trailing whitespace, use proper
escapes, etc. Thanks, Bjarni Ingi Gislason! (Closes: #893575, #893579)
* crontab.1: Drop duplicate DIAGNOSTICS header.
* daemon: Only support the 'x' debug option in debug builds.
-- Christian Kastner <email address hidden> Sun, 10 Mar 2019 17:49:18 +0100
-
cron (3.0pl1-132) unstable; urgency=medium
[ Christian Kastner ]
* postinst: Properly test for regular file
cron.postinst checked for a regular file by parsing the stat output,
instead of simply relying on test(1)
* Mark package cron as Multi-Arch: foreign (Closes: #878363)
[ Stéphane Blondon ]
* Add forgotten '\n' to a line in the crontab header (Closes: #898119)
-- Christian Kastner <email address hidden> Sun, 24 Feb 2019 21:56:40 +0100
-
cron (3.0pl1-131) unstable; urgency=medium
[ Boyuan Yang ]
* debian/control:
- Merge duplicated build-dependency entry for debhelper
- Update Vcs-* fields and use git repo under Salsa Debian group
(Closes: #913484)
- Add dependency to sensible-utils (Closes: #913483)
* debian/rules: Do not explicitly invoke dpkg-architecture for architecture
variables. Instead we are now using /usr/share/dpkg/architecture.mk to
provide them
[ Bjarni Ingi Gislason ]
* crontab.1: Some format fixes in the manual. (Closes: #893576)
[ Christian Kastner ]
* d/control:
- Switch Build-Depends from debhelper to debhelper-compat
- Add Rules-Requires-Root: no
We don't need (fake)root for building the package
- Drop ancient dpkg Pre-Depends and Breaks
The versioned dependencies are older than oldoldstable
- Bump debhelper compatibility level to 12
- Switch to https in Homepage field
- Bump Standards-Version to 4.3.0
- binary package cron:
+ Add Pre-Depends: ${misc:Pre-Depends} for init-system-helpers
+ Switch cron MTA Recommends to default-mta | mail-transport-agent
Recommend these virtual packages rather than specific MTAs
+ Move unqualified debhelper control files to from * to cron.*
* Remove now obsolete d/compat
* d/rules:
- systemd sequence has been removed in compatibility level 11
- Drop override_dh_compress
Examples are no longer compressed in compatibility level 12
* d/copyright:
- Switch URL to official MRCF 1.0 policy
- Ustream-Contact -> Upstream-Contact
* Remove ancient cruft from maintainer scripts
This cruft dealt with conffile tasks from before oldoldstable. As we don't
provide a direct upgrade path from older releases, this is just maintenance
overhead
* Drop empty preinst maintainer script, as a result of the cruft removal
* d/watch
- Update to format version 4
- Switch to https
* Remove trailing whitespace from changelog
* Remove trailing whitespace from debian/control
-- Christian Kastner <email address hidden> Wed, 20 Feb 2019 17:44:49 +0100
-
cron (3.0pl1-130) unstable; urgency=medium
* debian/postinst: Do not do check if /var/spool/cron/crontabs if empty
(Closes: 892720, 892721, 892724)
* debian/cron.service:
- Add dependency on nss-user-lookup.target in the definition which
properly fixes the issues when cron is started before centralised user
repositories are available (e.g. LDAP or Active Directory). This
should avoid errors in syslog similar to the following:
"crond[PID]: (CRON) bad username (/etc/cron.d/JOBNAME)"
(Closes: #767016, #801384, #783665) (LP: #1593317)
- Also remove Type=idle change added in previous upload, which was not
the correct fix to apply.
- Add automatic restart on failure (Closes: #834728)
* debian/cron.init: Revert previous change - instead of adding $all, add sssd
to the services that should be started/stopped before/after cron.
* crontab.5:
- Add improvements and fixes to manpage provided by Philip Hands
(Closes: #792572)
- Document that system wide defaults run from 6 am to 7 am.
(Closes: #757191)
- Document how asterisks are processed in dom and dow fields using
patch provided by Christian Pekeler (Closes: #840601)
Also see https://treats.wdt.io/cron-bug.html
* debian/crontab.main, crontab.5: Add documentation comments similarly as to
how Fedora / Red Hat Enterprise Linux documents (crontab package). This
comments more descriptive and provides inexperienced users with a better
understanding of the syntax. (Closes: #705570)
-- Javier Fernández-Sanguino Peña <email address hidden> Mon, 12 Mar 2018 22:00:01 +0100
-
cron (3.0pl1-129) unstable; urgency=medium
* Acknowledge NMU
* debian/cron.init, debian/cron.service: Make sure cron is started last and
stopped first, with patch provided by Harald Dunke
(Closes: #767016, #801384, #783665) (LP: #1593317)
* crontab.1: Document limitation due to account renaming as described in
Ubuntu's bug 73398
* crontab.5: Document the need to set the DISPLAY environment when running
scheduled tasks that interact with the user's desktop environment
(LP: #891869)
* cron.8: Fix typo (Closes: 819832)
* debian/control: Replace dh-systemd dependency with debhelper (lintian fix)
* debian/README.Debian: Update maintainer address
[ Christian Kastner ]
* debian/postinst: Fix for CVE-2017-9525: group crontab to root escalation via postinst
as described by Alexander Peslyak (Solar Designer) in
http://www.openwall.com/lists/oss-security/2017/06/08/3
(Closes: 864466)
-- Javier Fernández-Sanguino Peña <email address hidden> Sun, 11 Mar 2018 22:38:06 +0100
-
cron (3.0pl1-128.1) unstable; urgency=medium
* Non-maintainer upload.
* Properly transition system jobs to system_cronjob_t SELinux context and
stop relying on refpolicy specific identifiers (Closes: #857662)
-- Laurent Bigonville <email address hidden> Tue, 03 Oct 2017 15:38:27 +0200
-
cron (3.0pl1-128) unstable; urgency=medium
* d/cron.service: Use KillMode=process to kill only the daemon.
The default of KillMode=control-group kills all the processes in the control
group, for example when restarting the daemon. This is a deviation from past
behavior we do not want. Thanks, Alexandre Detiste! Closes: #783683
-- Christian Kastner <email address hidden> Sun, 03 May 2015 15:25:18 +0200
-
cron (3.0pl1-127) unstable; urgency=medium
* Drop $READ_ENV from cron's command line. It does not belong there.
Closes: #766779
-- Christian Kastner <email address hidden> Sat, 25 Oct 2014 20:47:09 +0200
-
cron (3.0pl1-126) unstable; urgency=low
* Packaging (general): removed unused files from the source that had been
already removed in 3.0pl1-117 but got reintroduced due to a merge.
-- Javier Fernández-Sanguino Peña <email address hidden> Fri, 24 Oct 2014 23:01:59 +0200
-
cron (3.0pl1-125) unstable; urgency=medium
* Acknowledge NMUs. Thanks, Laurent Bigonville and Ansgar Burchardt.
Closes: #749271
[ Christian Kastner ]
* debian/control:
- Bump Standards-Version to 3.9.6 (no changes needed)
- Canonicalize Vcs-* URLs
* debian/copyright:
- Bump years
- Don't use spaces in License short name
* debian/source/lintian-overrides:
- Drop overrides from pre-UTF-8 debian/control era
* debian/rules:
- Extend documentation
* debian/cron.init:
- Include winbind in Should-Start/Stop. Closes: #732203
* crontab.5:
- Don't use hyphen as a minus sign
* cron.8:
- Drop stray words in cron.8. Thanks, Regid Ichira! Closes: #702091
- Fix misspelled 'sytem'. Thanks, green! Closes: #753775
* cron.c,crontab.c:
- Use basename of argv[0] as syslog tag. Closes: #752750
* cron.c:
- Use case-insensitive comparison in charset selection. Thanks,
Malcolm Scott! LP: #1169160
* entry.c:
- Detect invalid entry: step specified without a range. Thanks,
Justin T. Pryzby! Closes: #733478
- Error out when a command field is too long instead of silently
truncating it. Closes: #686223, LP: #826702
* do_command.c:
- Fix initialization and increment of mailed bytes counter.
Closes: #691488
* cron.c, do_command.c:
- Add an option -n to include FQDN in mail subject. Closes: #570423
[ brian m. carlson ]
* config.h, do_command.c:
- Send proper 8-bit emails by including an appropriate MIME-Version and
adjusting the Content-Transfer-Encoding header accordingly.
Closes: #694686
[ Javier Fernández-Sanguino ]
* Change systemd definition in order for the daemon to read an honor
/etc/default/cron (Closes: #754279)
-- Javier Fernández-Sanguino Peña <email address hidden> Fri, 24 Oct 2014 16:17:56 +0200
-
cron (3.0pl1-124.2) unstable; urgency=medium
* Non-maintainer upload.
* debian/cron.service: Set IgnoreSIGPIPE=false. (Closes: #756047)
* debian/cron.service: Add Documentation field.
-- Ansgar Burchardt <email address hidden> Mon, 04 Aug 2014 21:44:00 +0200
-
cron (3.0pl1-124.1) unstable; urgency=medium
* Non-maintainer upload.
* Add pam_loginuid module to the PAM session stack (Closes: #677443)
* Add systemd service file. Thanks to Michael Stapelberg (Closes: #652440)
-- Laurent Bigonville <email address hidden> Sun, 25 May 2014 21:21:19 +0200
-
cron (3.0pl1-124) unstable; urgency=medium
[ Release targeted to Wheezy including fixes for critical/important bugs ]
* debian/{preinst,postinst,postrm}: remove obsolete /etc/cron.daily/standard
on upgrade. (Closes: #679062)
* debian/cron.init: Have the init.d file remove cron's pidfile if it
exists after killing the process. The pidfile should be removed
by cron itself (but it isn't) through its SIGhandler as done in later
versions in cron (4.1 and cronie). This fix is, however, simpler and less
intrusive. (Closes: 679106, 615855)
* debian/control:
- Reword last paragraph since cron does not provide any standard tasks
anymore. (Closes: 674192)
- Update to Standards-Version: 3.9.3 - which BTW includes an indication
on which are the valid cron filenames.
- Depend on debhelper >= 9 (lintian warning)
-- Javier Fernández-Sanguino Peña <email address hidden> Thu, 28 Jun 2012 12:08:09 +0200
-
cron (3.0pl1-123) unstable; urgency=low
* debian/standard.daily: Apply patch from Steve Allison to prevent checking
two times the same filesystem. This prevents bogus warnings about missing
lost+found in schroot bind mounts (Closes: #660879)
* debian/rules: Apply patch from Steve Langasek to add cross compiler
support to cron (Closes: #666892)
* debian/cron.default, debian/standard.daily, debian/rules: Remove
the lost+found check as this is no longer required and causes
issues with some filesystems (e.g. bind mounts, locally mounted USB
drives). Additionally, in some filesystems the directory
will be generated when required. (Closes: #620164, #658743, #662605,
#660879, #579640)
-- Javier Fernández-Sanguino Peña <email address hidden> Sat, 23 Jun 2012 08:28:27 +0200
-
cron (3.0pl1-121) unstable; urgency=low
* debian/control:
- Put the maintainer address in UTF-8 encoding
* debian/postinst:
- Only go ahead when configuring the package (Closes: #653304)
* debian/source/lintian-overrides:
- Removed, no longer required
* crontab.5:
- Escape the '%' in the examples so that they can work when copied over to
crontab (Closes: #642309)
- Remove tabs from manpage since they are not formatted properly in the
nonfill area
* cron.8, crontab.1, crontab.5:
- Fix formatting errors in manual pages with patch provided by David
Prévot (Closes: #643603)
* debian/cron.default:
- Fix typo (Closes: #643897)
* debian/compat:
- Set to compatibility version 9 to enable hardened build flags
(Closes: #653720)
-- Javier Fernández-Sanguino Peña <email address hidden> Mon, 19 Sep 2011 00:20:17 +0200
-
cron (3.0pl1-120) unstable; urgency=low
* do_command.c, cron.h, cron.8: Change the behaviour when logging the
information of the child processes. A new loglevel (8) is introduced and
documented in cron.8. The previous log format is kept unless the sysadmin
choses to select this new option. (Closes: 637295)
* debian/examples/cron-stats.pl: Adjust the script with the
changes introduced in the logging behaviour.
* cron.8: Fix minor formatting errors
* debian/cron.bug-script:
- Report properly on the EDITOR variable
- Report the permissions and contents of all relevant cron directories
* debian/changelog: Typo fixes and missing information
* crontab.5:
- Document limitations of the periods that can be defined in crontab
syntax and provide workarounds (Closes: 640086)
- Document limitation of the use of @reboot due to the definition
of the boot sequence as suggested by Regid Ichira.
* debian/source/lintian-overrides: Add overrides file for lintian
required because the maintainer name in debian/changelog and in
debian/control do not match due to encoding.
[ Christian Kastner ]
* debian/control:
- Fix broken Vcs-* URLs
* debian/NEWS: Remove previous spurious entry from 3.0pl1-110.
-- Javier Fernández-Sanguino Peña <email address hidden> Fri, 09 Sep 2011 23:25:35 +0200
-
cron (3.0pl1-119) unstable; urgency=low
* The development team has migrated from Subversion to git, with the latter
becoming authoritative immediately. A log of the migration process can be
found in debian/svn-git-migration.txt.
[ Javier Fernandez-Sanguino ]
* debian/NEWS:
- Remove the entry introduced in the previous version until an agreement is
reached on the desired behaviour (Reopens: #508774)
* debian/standard.daily:
- Work properly if mount points have a space (Closes: #633972)
- Sanity check mount point value before generating an error
* Add one new example script:
- cron-tasks-review.sh: Reviews the files that exist in /etc/cron.d
and in /etc/cron.{hourly,daily,weekly,monthly} to find those that
will not be run by cron due to some error.
* debian/copyright:
- Adjust debian/copyright to acknowledge the (c) and license of the new
example script.
* debian/control:
- Remove Steve from the Uploaders field, no longer needed there
* cron.8:
- Document the Debian specific changes in a separate section, describing
how /etc/cron.{hourly,daily,weekly,monthly} and /etc/cron.d behave
and should be used.
[ Christian Kastner ]
* debian/control:
- Updated Vcs-* URLs to point to the new git repository
* debian/cron.c, database.c:
- Interpret the "-L" option of the daemon as a bitmask, and add initial
support for three selectors: start, stop, end
* database.c, cron.c, cron.h, debian/copyright:
- Check orphaned crontabs for adoption. Fix taken from Fedora cronie.
Closes: #634926
* do_command.c:
- When logging a job run, prefix the command text with the PID of the
process. Closes: #609780
* debian/NEWS:
- Added entry documenting the change of the "-L" option as well as the
dropping of LSBNAMES in -117.
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Wed, 08 Jun 2011 20:44:49 +0200
-
cron (3.0pl1-118) unstable; urgency=low
* debian/control - Limited Build-Depends for libaudit-dev to linux-any. I erroneously assumed it applied to other OSes as well. * debian/rules - DEB_BUILD_OPTIONS for audit support is limited to Linux platforms [ Javier Fernandez-Sanguino] * debian/NEWS - Document the new behaviour of cron regarding logging of non-zero exit status cronjobs (Closes: #608874) -- Christian Kastner <email address hidden> Tue, 31 May 2011 14:50:34 +0200
-
cron (3.0pl1-117) unstable; urgency=low
* Makefile: - Fixed integration of cron-internal debug code into the package building process. Instead of having to modify debian/rules, this can now driven by DEB_BUILD_OPTIONS=debug - Removed hard-coded compiler flags, honoring those provided by dpkg-buildflags instead * do_command.c: - When logging the end of cron jobs, log the PID of the actually exec'ed user command, not the PID of the parent. Closes: #609780 * database.c: - Split crontab security checks (type, owner, mode, links) into separate tests with individual error messages instead of the cryptic message "WRONG INODE INFO". Closes: #625493 - Extended the ability to recover from broken symlinks (added in -110) to also recover from failed security checks above. Fixes to these were not being detected as cron only looks at mtime. Closes: #625495 - Also recover from syntax errors. Fixes to these did change mtime, but were ignored as cron permanently removes broken crontabs from its database of files to check. Closes: #627859 * cron.8: - Documented the fact that /etc/crontab and files in /etc/cron.d must not be group- or other-writable. Closes: #625491, LP: #741979 * crontab.5: - Specify parse order of crontabs (thanks, Jonathan Amery). Closes: #622645 * debian/control: - Bumped Standards-Version to 3.9.2 (no changes needed) - Added missing Build-Depends on libaudit-dev - Removed Conflicts for nonexistent package suidmanager - Removed Conflicts for lockfile-progs (which should have been a Breaks anyway) as we no longer rely on it, we use flock from util-linux instead - Changed architecture-specific Build-Depends on libselinux1-dev to linux-any instead of negating all other OSes * debian/cron.default: - Merged the LSBNAMES option with EXTRA_OPTS. Both where used to pass options to the daemon, making one of them redundant - Added the ability to disable the daily lost+found check by setting the new variable CHECK_LOSTFOUND to "no". Closes: #579640 * debian/cron.init: - Don't call start-stop-daemon directly, use LSB init functions instead. Among other things, this works around the cron daemon not deleting its pidfile from /var/run/. Closes: #615855 - Added $network to Should-Start * debian/rules: - Converted to dh syntax. This included replacing some manually executed steps with debhelper file-automated ones (eg: cron.man, cron.examples) to lessen clutter - Completely rewrote the PAM/SELinux/audit integration parts. PAM support was being skipped on kfreebsd and hurd, and audit support was completely broken. From now on: + PAM is enabled by default on all platforms + SELinux is enabled by default on linux-any + audit is disabled by default on all platforms All of these can be driven by DEB_BUILD_OPTIONS (see debian/rules) - Do not compress example perl scripts * debian/{prerm,postrm,postinst}: - Let dh_installinit manage stopping/(re)starting of jobs instead of calling invoke-rc.d ourselves * debian/standard.daily: - Backup of /etc/{passd,group} is no longer performed by cron; the task was handed over to src:shadow (see #554170). In Squeeze, this task will be performed redundantly by both packages (as discussed on debian-release) - Rewrite locking and lost+found-checking code, based on a submission to the BTS by Justin B. Rye. Closes: #478967, #537073, LP: #257367 - Parse /etc/mtab instead of /proc/mounts; the former makes handling bind mounts easier. Closes: #578856 - Pull in /etc/cron/default for CHECK_LOSTFOUND (see above) * debian/copyright: - Convert to DEP5 format (r173) * debian/watch: - Added watch file to silence a lintian warning, even though the last upstream release was in 2004 * Packaging (general): removed a lot of cruft which seems to have accumulated over time. This included all the cron-se stuff, which appears to have been a remnant from the SELinux integration process, and was either not being used anymore or completely broken. Also, the patches/ directory was removed, as that location has a specific meaning and the patches in there were no longer relevant. -- Christian Kastner <email address hidden> Sun, 08 May 2011 01:21:15 +0200
-
cron (3.0pl1-116) unstable; urgency=high
* Upload with approval from Release Team to get RC bug fixes in Squeeze (see http://lists.debian.org/debian-release/2010/12/msg00719.html) * do_command.c, popen.c: - Use fork() instead of vfork(). * do_command.c: - Close an unused stream in the fork()ed child prior to exec'ing the user's command, thereby avoiding an fd leak. Closes: #604181, LP: #665912 Previously to this, in conjunction with LVM, the fd leak may have the effect of the user being spammed by warnings every time a cron job was executed. * crontab.5: - Fixed the example demonstrating how to run a job on a certain weekday of the month (date range was off-by-one). Also, the same example contained a superfluous escape, resulting in wrong output. Closes: #606325 * cron.init: - Added $named to Should-Start, in case @reboot jobs need DNS resolution. Closes: #602903 - Added nslcd to Should-Start. LP: #27520 -- Christian Kastner <email address hidden> Wed, 10 Nov 2010 21:13:19 +0100
-
cron (3.0pl1-115) unstable; urgency=high
* cron.c: set LC_COLLATE to 'C' in order to properly work when locales
are set that change the collation order expected by the regular
expressions used in load_database(). By setting locale we were
skipping some crontabs unexpectedly due to [a-z] not matching all the ascii
characters in some languages (such as Estonian). (Closes: #600310)
Thanks to Michael Tokarev for spotting this issue and for
Bastian Blank for pointing for the fix.
* debian/cron.init:
- Fix typo that prevented it from properly loading LC_CTYPE (Closes:
#600082)
- Force LC_COLLATE to 'C' regardless of user locale settings.
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Sat, 16 Oct 2010 13:05:02 +0200
-
cron (3.0pl1-114) unstable; urgency=low
* Cleanup of the package in preparation of the next Debian release.
- Notice that only one change introduces new behaviour (debian/cron.pam),
the other changes are just documentation fixes or cleanups to the
packaging.
* debian/cron.pam:
- In addition to the reading /etc/security/pam_env.conf and
/etc/environment (obsolete config file) previous default,
cron will now also read /etc/default/locale in order to setup
the proper localisation environment for tasks.
[ Documentation fixes ]
* debian/cron.{default,init}, cron.8, crontab.5:
- Updated documentation (comments in scripts and manpageS) regarding the
reading and setting of locale information for the cron daemon and for
cron tasks to document the new behaviour due to the above change.
* debian/{preinst,postinst,postrm}:
- Since /etc/cron.monthly/standard does not provide any worthwhile task
anymore, remove obsolete /etc/cron.monthly/standard after upgrading
(local changes are preserved, however). Closes: #585680
* crontab.1
- Minor typo fixes to the manpage.
* crontab.5:
- Added an example submitted by jidanni (thanks!), showing how to run a
command on the second Saturday of the month. Closes: #584514
- Minor fixes
[ Fixes to the packaging ]
* debian/control:
- Bumped Standards-Version to 3.9.1 (no changes needed)
- Added Pre-Depends for dpkg (<= 1.15.7.2) for a dpkg-maintscript-helper
with support for safely removing conffiles
- Added Homepage: field
- Added Vcs-* fields
- Upgraded debhelper dependency version for dh_bugscripts
* debian/rules:
- Replace deprecated dh_clean -k with dh_prep
* debian/NEWS:
- Apply Steve Langasek's patch to remove non-newsworthy content, avoiding
unnecessary output from apt-listchanges during upgrade. Closes: #591005
* debian/source/format:
- Make source format explicit (1.0)
-- Christian Kastner <email address hidden> Sun, 18 Jul 2010 22:51:21 +0200
-
cron (3.0pl1-113) unstable; urgency=medium
[ Christian Kastner / Javier Fernandez-Sanguino ]
* debian/postinst:
- Now that permissions and ownership of crontabs are changed unconditionally,
do not attempt to chown user crontabs if none are present. Closes: #585636
- Only change permissions if the crontabs directory exist
-- Christian Kastner <email address hidden> Sat, 12 Jun 2010 18:25:59 +0200
-
cron (3.0pl1-112) unstable; urgency=low
[ Christian Kastner ]
* do_command.c:
- Don't send mail when a job exits non-zero, only send mail if the job sent
output to stderr. This behaviour was introduced erroneously; while it
does have merit, it is completly against standard cron behaviour.
Closes: #581612
* debian/compat:
- Bumped debhelper compatibility to 7
* debian/control:
- Bumped Standards-Version to 3.8.4 (no change needed)
- Build-Depend on debhelper (>= 7.0.50~)
- Added dependency on ${misc:Depends} to package cron
* debian/cron.init:
- Changed Default-Stop from (1) to (empty). rc0 and rc6 were removed in
3.0pl1-101 because the stop action -- sending SIGTERM/SIGKILL to cron
on shutdown/reboot -- was redundant. This, however, also applies to
rc1, because killprocs will do that for us.
* debian/postinst:
- Removed obsolete dpkg file backup code, this has been handed over to dpkg
in 3.0pl1-109
- Removed last remaining stop action (for rc1) from upate-rc.d (see above)
- Add dpkg-statoverride for /usr/bin/crontab, and unconditionally change
permissions of /var/spool/cron/crontabs. Closes: #304036, #460095
* debian/standard.monthly:
- Removed because it had been empty for years and therefore served no
purpose
* debian/cron.bug-{control,script}
- Added to extend information submitted by reportbug
* debian/rules:
- Applied changes for standard.monthly and cron.bug-{control,script} above
* debian/copyright:
- Updated to reflect recent contributions
* debian/README:
- Updated ancient information with the current status (PAM support, SELinux
support, etc.)
* debian/TODO:
- Added new entry regarding clarification of the purpose behind /etc/cron.d
* debian/REFS:
- Summary of links to relevant development threads; re-added for
informational purposes.
[ Javier Fernandez-Sanguino ]
* debian/cron.init:
- Fix typo (Closes: #585399)
-- Christian Kastner <email address hidden> Thu, 10 Jun 2010 15:21:39 +0200
-
cron (3.0pl1-111) unstable; urgency=low
[ Christian Kastner ]
* debian/cron.init:
- When both /etc/environment and /etc/default/locale contain locale
information, warn that variables from /etc/environment will be ignored.
Closes: #543895, #580942
- Add autofs and NIS+ to Should-Starts, because especially NIS+ must be run
before cron, if present. Closes: #511757
- init script should be stopped in runlevel 0 and 6, too
[ Javier Fernandez-Sanguino ]
* do_command.c: Revert change so that mails are not sent if MAILTO
is null. Closes: #580938
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Sun, 16 May 2010 15:16:24 +0200
-
cron (3.0pl1-109) unstable; urgency=medium
* cron.c:
- Apply patch derived from OpenBSD's cron by Petya Kohts to
handle properly DST and avoid running cron jobs twice, or
skip cron jobs when there is a savings time change.
Closes: #217836, #458123, #474157, LP: #36690
* crontab.c:
- Revert the behaviour that prevented 'alias crontab="crontab -i"' from
working. Now the -i flag is allowed regardless of other command line
switches. (Closes: #513379)
- Be more verbose in the example provided for first-time users than run
'crontab -e'
- Check if the crontab exists before attempting its removal and before
prompting the user (whe using -i)
- When prompting, tell the user which chars are expected
* crontab.1:
- Change usage to match crontab's output
- Clarify use of the cron.allow and cron.deny files (Closes: #511782)
* crontab.5:
- Describe a known limitation related to the lack of the cron daemon's
per-user timezone support (Closes: #497741, 353246, 166533)
- Describe the use of tilde (~) as a substitute for $HOME (Closes: 477198)
- Describe the lack of replacements of variables (Closes: #493636)
* popen.c: Check return call of initgroups(), associated with
CVE-2006-2607 fix. Thanks to Christian Kastner for the heads up.
* cron.8:
- Describe how the environment is managed in Debian
* debian/cron.init: Also use /etc/timezone to setup the timezone environment
(TZ) if not set.
* debian/standard.daily:
- Do not make a backup copy of dpkg files anymore since dpkg (1.15.4) does
this already (when #541412 was fixed) (Closes: #541415)
- Fix a bug in lost+found reporting. Files in lost+found were never +
actually reported. [ Patch from Teemu Kiviniemi ]
- Added ext4 for lost+found searches. [ Patch from Teemu Kiviniemi ]
Closes LP: #367383
* debian/control:
- Add a Breaks dpkg (<< 1.15.4) to ensure that one always has the backup
functionality either via cron or via dpkg.
- Provides: cron-daemon, which was reinstated in the virtual package
list in November 2009 (Closes: #349170)
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Sat, 10 Apr 2010 12:48:42 +0200
-
cron (3.0pl1-108) unstable; urgency=high
* Add a Depends: on libpam-runtime (>= 1.0.1-11) since this
is required for the use of common-session-noninteractive
(Closes: 575342)
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Fri, 26 Mar 2010 00:17:02 +0100
-
cron (3.0pl1-107) unstable; urgency=low
* debian/cron.pam: Use common-session-noninteractive in pam.d configuration
instead of common-session so that libpam-ssh is not run. If libpam-ssh was
installed the previous configuration resulted in cron spawning
many ssh-agent processes (Closes: #572292)
* debian/cron.init: Add Should-Start/Stop dependency to slapd so that cron
* can start up tasks for users define in an LDAP (Closes: #557659, #546367)
* Fix the use of perror so that the error message is correct when
printing the reason why an operation failed. Thanks to
Justin Pryzby for the patch. (Closes: 470587)
* pathnames.h: Use /usr/bin/sensible-editor instead of /usr/bin/editor when
calling crontab -e (Closes: #482284)
* Fix debian/control description, thanks to Justin B Rye for the patch
(Closes: #535227)
* crontab.c: Produce a different warning message when root tries to setup a
crontab for a user that is not allowed to do so, and do not log the
action (Closes: #505288)
* Only allow -i if -r has been specified previously (Closes: #513379)
* Update debian/README.Debian to indicate that the package is
being maintained at Alioth, thanks Tomas Pospisek for the patch
(Closes: #511740)
* crontab.c: Update the usage() call so that it refers to the use
of -i when removing (-r)
* crontab.1: Update the manpage:
- Use the same option listing as in the crontab usage() call
- Remove 'tweaked', explain what -u does in each context.
- Remove V3, use 'Vixie Cron' instead
(Closes: #572249)
- Update the manpage years (Closes: #563296)
- Describe the usage of the crontab group wrt /var/spool/cron/crontabs
(Closes: #539182)
* Use debhelper compatibility version 5
* Include cross build support with patch to debian/rules provided by Neil
Williams (Closes: #465077)
* Change maintainer's email address
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Tue, 16 Mar 2010 22:55:26 +0100
-
cron (3.0pl1-106) unstable; urgency=high
* SECURITY UPDATE: cron does not check the return code of setgid() and
initgroups(), which under certain circumstances could cause
applications to run with elevated group privileges. Note that the more
serious issue of not checking the return code of setuid() was fixed already
in 3.0pl1-64. (Closes: #528434)
- do_command.c: check return code of setgid() and initgroups()
- This fixes (hopefully completely) CVE-2006-2607
* crontab.c:
- close the temporary file after it is edited and
before calling cleanup_tmp_crontab() to behave properly on NFS
mounted / (Closes: #413962)
- if crontab is run without argument then it will read stdin to replace
the users crontab. This way it is POSIXLY_CORRECT. More information at
http://www.opengroup.org/onlinepubs/9699919799/utilities/crontab.html
(Closes: #514062)
* crontab.5 :
- Add details about multiple recipients in MAILTO (LP: #235464)
(Closes: #502650)
- Indicate that it also reads environment from /etc/environment
- Substitute ATT for AT&T (Closes: #405474)
* Proper fix for PAM configuration to make cron read the system
environment (Closes: #511684)
* debian/cron.init:
- Add support for 'status' in the init.d (Closes: #514721)
- Use 'cron' instead of 'crond' (Closes: #497699)
* Change lockfile-progs from Suggests: to Recommends: and remove wording
related to dselect, which is no longer relevant (Closes: #452460, #468262)
* Change the (outdated) wording of the description based on an example
provided by Justin B Rye (Closes: 485452)
* Change the postinst so that update-rc.d is only run if /etc/init.d/cron is
executable (Closes: #500610)
-- Javier Fernandez-Sanguino Pen~a <email address hidden> Wed, 13 May 2009 01:05:41 +0200
-
cron (3.0pl1-105) unstable; urgency=low
* Non-maintainer upload with permission.
* Fixes an uninitialised data problem in the SE Linux code, also fixes a
similar compile warning in code which is not related to SE Linux which
isn't a bug (to avoid confusion).
Closes: #472938
* Updates the SE Linux patch to work with the new code base, the previous
version was almost totally unusable with Lenny SE Linux.
Closes: #499518
* Fixes inadequate security checks in the SE Linux code path, the previous
code might be vulnerable to exploit at some future time.
Closes: #499584
-- Russell Coker <email address hidden> Sun, 28 Sep 2008 19:23:50 +1000
