From Mageia wiki
MGASA-2013-0023
| Date: | February 6th, 2013 |
| Affected releases: | 2 |
| Media: | Core |
Description:
Updated cronie package fixes the following issue:
It was reported that cronie 1.4.8 would leak certain file descriptors.
On systems where /etc/crontab is not world-readable this could be an
information disclosure concern (CVE-2012-6097).
Updated Packages:
i586:
cronie-1.4.8-5.1.mga2.i586.rpm
cronie-anacron-1.4.8-5.1.mga2.i586.rpm
x86_64:
cronie-1.4.8-5.1.mga2.x86_64.rpm
cronie-anacron-1.4.8-5.1.mga2.x86_64.rpm
SRPMS:
cronie-1.4.8-5.1.mga2.src.rpm
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6097
https://bugzilla.redhat.com/show_bug.cgi?id=893661
https://bugs.mageia.org/show_bug.cgi?id=8652
