2009
cron (3.0pl1-106) unstable; urgency=high
* SECURITY UPDATE: cron does not check the return code of setgid() and
initgroups(), which under certain circumstances could cause
applications to run with elevated group privileges. Note that the more
serious issue of not checking the return code of setuid() was fixed already
in 3.0pl1-64. (Closes: #528434)
- do_command.c: check return code of setgid() and initgroups()
- This fixes (hopefully completely) CVE-2006-2607
* crontab.c:
- close the temporary file after it is edited and
before calling cleanup_tmp_crontab() to behave properly on NFS
mounted / (Closes: #413962)
- if crontab is run without argument then it will read stdin to replace
the users crontab. This way it is POSIXLY_CORRECT. More information at
http://www.opengroup.org/onlinepubs/9699919799/utilities/crontab.html
(Closes: #514062)
* crontab.5 :
- Add details about multiple recipients in MAILTO (LP: #235464)
(Closes: #502650)
- Indicate that it also reads environment from /etc/environment
- Substitute ATT for AT&T (Closes: #405474)
* Proper fix for PAM configuration to make cron read the system
environment (Closes: #511684)
* debian/cron.init:
- Add support for 'status' in the init.d (Closes: #514721)
- Use 'cron' instead of 'crond' (Closes: #497699)
* Change lockfile-progs from Suggests: to Recommends: and remove wording
related to dselect, which is no longer relevant (Closes: #452460, #468262)
* Change the (outdated) wording of the description based on an example
provided by Justin B Rye (Closes: 485452)
* Change the postinst so that update-rc.d is only run if /etc/init.d/cron is
executable (Closes: #500610)
-- Javier Fernandez-Sanguino Pen~a <jfs@debian.org> Wed, 13 May 2009 01:05:41 +0200
2008
cron (3.0pl1-105) unstable; urgency=low
* Non-maintainer upload with permission.
* Fixes an uninitialised data problem in the SE Linux code, also fixes a
similar compile warning in code which is not related to SE Linux which
isn't a bug (to avoid confusion).
Closes: #472938
* Updates the SE Linux patch to work with the new code base, the previous
version was almost totally unusable with Lenny SE Linux.
Closes: #499518
* Fixes inadequate security checks in the SE Linux code path, the previous
code might be vulnerable to exploit at some future time.
Closes: #499584
-- Russell Coker <russell@coker.com.au> Sun, 28 Sep 2008 19:23:50 +1000
cron (3.0pl1-104) unstable; urgency=low
* Discard errors from df in the standard daily cron task to prevent errors
in user's systems that do not have ext2, ext3 or xfs filesystems
(Closes: #462472, #394646, #463656, #463713, #464749, #504146)
-- Javier Fernandez-Sanguino Pen~a <jfs@debian.org> Fri, 14 Mar 2008 01:03:03 +0100
cron (3.0pl1-103) unstable; urgency=low
* Fix bug introduced in the init.d file with the changes in the previous
version that makes the init.d not work properly when stopping cron due
to the improper definition of PIDFILE (Closes: #460869, #460886)
-- Javier Fernandez-Sanguino Pen~a <jfs@debian.org> Tue, 15 Jan 2008 19:50:37 +0100
cron (3.0pl1-102) unstable; urgency=low
* Modify pathnames.h so that GNU/KFreeBSD is detected and /var/run is
used instead of /etc/ to store the PID file (Closes: #460514)
* Modify the init.d script so that it uses /etc/cron.pid as its pidfile
if it exists, this will prevent the init.d script from failing if
cron is compiled in a system which does not get to define _PATH_RUN
as /var/run
* Fix typo in changelog (Closes: 459952)
-- Javier Fernandez-Sanguino Pen~a <jfs@debian.org> Sun, 13 Jan 2008 23:08:11 +0100
cron (3.0pl1-101) unstable; urgency=low
* Init.d changes:
- Add LSB dependencies on mounted /usr (Closes: #459489)
- Remove 0 and 6 from Default-Stop LSB definition in the init script
as sendsigs take care of stopping cron" debian/cron.init. Also
change the postinst call to update-rc.d so no stop symlinks
are added in those runlevels (Closes: #422785)
[ Notice that the existing symlinks are not removed when upgrading
it is up to the administrator to remove this himself so as to not
break local changes ]
- Parse system's locale to set the charset used to email cron tasks. This
will affect tasks that expect a 'C' locale (for example to parse
messages) and are running in systems with a non-C locale.
(Closes: #410057, #405335, #309150)
- Add support for /etc/default/cron and make it possible to add additional
options and control if environment is parsed. (Closes: #396928, #471506)
* cron.c:
- Do not use ANSI_x3.4-1968 but US-ASCII instead since it is the preferred
MIME name as per http://www.iana.org/assignments/character-sets";
(Closes: #415302)
* crontab.c:
- Add an option to ask for confirmation when a crontab is to be removed,
based on Fedora's patch for this same request. Users wanting this
behaviour have to alias cron (just as rm is aliased to 'rm -i')
(Closes: #117758, #289636, #324103, #414048)
- Print the location of CRONDIR when printing files on the crontab dir so
that the error messages have the absolute location of the files they
refer to. (Closes: #391350)
* Lintian fixes:
- Modify debian/copyright to point to the location of the Artistic
License.
-- Javier Fernandez-Sanguino Pen~a <jfs@debian.org> Tue, 08 Jan 2008 22:13:35 +0100
2006
cron (3.0pl1-100) unstable; urgency=low
[ Last upload for etch fixing documentation in this package ]
* Describe the -L option in cron's manpage.
* Fix minor typos, and change Debian-specific content of manpages and
default crontab that could lead to user's being confounded. Explicitly say
that both /etc/crontab and files under /etc/cron.d/ can have users in the crontab
lines. (Closes: #402934)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Wed, 20 Dec 2006 00:53:06 +0100
cron (3.0pl1-99) unstable; urgency=low
* Fix the test for anacron in /etc/crontab that would make cron run the
run-parts regardless of wether anacron was installed or not, thanks to
Paul Kimoto for spotting the bug introduced in the fix to #383857
(Closes: #392600)
* Fix lintian error by adding a comment line in the init.d script
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Thu, 12 Oct 2006 20:49:50 +0200
cron (3.0pl1-98) unstable; urgency=low
* Fix LSB-formatted init.d meta info, thanks to Petter Reinholdtsen
(Closes: #386709)
* Make crontab tasks run with CWD=/, to make SELinux happy, thanks to
Erich Shubert (Closes: #383857)
* Use latest lsb logging functions, thanks to David Hardeman
(Closes: #384858, #389893)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Thu, 5 Oct 2006 21:03:19 +0200
cron (3.0pl1-97) unstable; urgency=high
* Fix the behaviour of crontab so that in systems that do not have
a cron.allow file users will be allowed to use crontab, change
the behaviour of the previous version because it was contrary
to the manpage (now a user that is in both cron.deny and
cron.allow will be allowed access) (Closes: #383741)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sat, 19 Aug 2006 10:36:48 +0200
cron (3.0pl1-96) unstable; urgency=low
* Fix crontab.5 typo (changed quotes ' to ") that prevent a line from being
presented (Closes: #379230)
* Small typo fix in cron.8
* Introduce Steve Grubb's patch to emit audit log message on crontab denial
based on the patch from Fedora, and adapted to Debian's cron version. The
main difference is that audit logs are generated if cron is compiled to
'ALLOW_ONLY_ROOT'. This patch is currently disabled
since LSPP's audit library is not yet available.
* Change misc.c so that a user that is both in the cron.deny and
cron.allow files will be denied access (previously he would be permitted
access)
* Add two example scripts:
- stats-cron.pl: A script written by myself that can be used to audit
the behaviour of cron and benefits from the new cron logging (-L 2)
option to log the end of a cronjob.
- crontab2english.pl: A script written by Sean M. Burke that translates
the crontab notation to natural language.
* Adjust debian/copyright to acknowledge the (c) and license of the above
scripts.
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Wed, 9 Aug 2006 01:07:40 +0200
cron (3.0pl1-95) unstable; urgency=low
* Handle errors when reading crontabs so that it stops reading entries in
a crontab file after a syntax error. This prevents a rogue user from
dumping binary files in /etc/cron.d/ or /var/spool/cron/crontabs/
and have them executed by cron (but binary files under
/etc/cron.{daily,weekly,monthly} will still be processed as they are
handled by run-parts. Thanks to Faidon Liambotis for the patch.
(Closes: #378153)
* Reuse vixie-cron-4.1-_51-bz180145-mail_i18n.patch from Fedora Core in
order to setup a proper Content-Type when sending e-mails. The
Content-Type will be set to the default system locale or cron's
environment (if it modifies it). If the locale is undefined it will
default to US ASCII (Closes: #338051)
- There is no need to define a CHARSET variable now with the above
patch (Closes: #309150)
* Support kfreebsd-amd64 by modifying the Build-Depends for SElinux
(Closes: #361458)
* Fix typos in the crontab.1 manpage spotted by Jonas Koelker
(Closes: #369153)
* Add option to control logging (-L) with patch provided by Steve Fosdick.
This makes it possible to log cron job finishing if you use -L 2
(Closes: #271747, #318247)
* Change Steve's email in crontab.c error message to
cron@packages.debian.org
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Wed, 19 Jul 2006 21:31:13 +0200
cron (3.0pl1-94) unstable; urgency=low
* Lsb-base is now priority 'required' (3.0-16) instead of 'extra'
(3.0-15) so I'm moving the Suggests: up to a Depends: (Closes #360236)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sat, 1 Apr 2006 03:41:55 +0200
cron (3.0pl1-93) unstable; urgency=low
* Include patch from Ubuntu that incorporates LSB functions to the init.
This should help have Ubuntu synchronise their changes easier.
* Fix FTBFS on GNU/kFreeBSD with patch from Aurelien Jarno (Closes: #338246)
* Add brackets to the initscript for bash completion (Closes: #350605)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Mon, 27 Feb 2006 22:39:24 +0100
2005
cron (3.0pl1-92) unstable; urgency=low
* Don't use SElinux on GNU/kFreeBSD, as it is Linux-specific, patch
from Aurelien Jarno (Closes: #325404)
* Added LSB formatted dependency info in init.d script (Closes: #335305)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Fri, 14 Oct 2005 14:29:40 +0200
cron (3.0pl1-91) unstable; urgency=low
* Proper fix for #324017, the previous fix was dumb. This one
includes fixes from Fedora which should prevent segfaults under
other circumstances.
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sun, 21 Aug 2005 03:14:01 +0200
cron (3.0pl1-90) unstable; urgency=low
* Fix SIGSEV due to a NULL free in the libselinux code, as a consequence
cron dies before cronjobs are started (Closes: #324017)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sun, 21 Aug 2005 02:25:10 +0200
cron (3.0pl1-89) unstable; urgency=low
* Fix bashishm in cron.daily script (Closes: #323983)
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Sun, 21 Aug 2005 00:12:26 +0200
cron (3.0pl1-88) unstable; urgency=low
* Taken over maintainership of this package and made the
"Let's clean up the bug list" release
* Added a debian/TODO file with some tasks not done in this upload.
* Use patch provided by Marc Dequenes to fix FTBFS on Hurd
(due to the use of selinux) (Closes: #279429)
* Enable pam_limits.so in the default configuration (Closes: #300725)
* Fix standard.daily so it can cope with mount points with spaces
(Closes: #198211)
* Standard.daily now warns if no lost+found directory was found in a local
ext2/3 filesystem (Closes: #46779) [as the other wishlists are
checksecurity related]
* Standard.daily now will also check xfs filesystems (Closes: #279613)
* Fix crontab.5's example to prevent confusion to users, default shell
is always /bin/sh (Closes: #231172)
* SELinux related fixes:
- Applied Russell Coker patches to fix three bugs that appear when
using SELinux (Closes: #264320)
- Applied Manoj Srivastava's patches to turn on SELinux support
(Closes: #315509)
* Add help text when creating new crontabs as suggested by Anthony Towns
(Closes: #18733)
* Use debhelper version 4 instead of the deprecated version 3, removed
debian/conffiles as it is no longer needed.
-- Javier Fernandez-Sanguino Pen~a <jfs@computer.org> Tue, 5 Jul 2005 16:39:29 +0200
cron (3.0pl1-87) unstable; urgency=low
* Clarify wording about /etc/cron.d files in cron.8.
* Make sure file descriptor 0==stdin at startup, so we don't
accidentally use it for something else. (closes: #295589)
-- Steve Greenland <stevegr@debian.org> Wed, 16 Feb 2005 18:37:27 -0600
2004
cron (3.0pl1-86) unstable; urgency=high
* And yes, still needs urgency=high.
-- Steve Greenland <stevegr@debian.org> Wed, 28 Jul 2004 15:43:18 -0500
cron (3.0pl1-85) unstable; urgency=low
* Umm, yeah, need the 'install' file in CVS.
-- Steve Greenland <stevegr@debian.org> Wed, 28 Jul 2004 15:31:28 -0500
cron (3.0pl1-84) unstable; urgency=high
* Urgency "high" to make the sudden freeze.
* Exit with failure status from crontab when action fails (thanks to
Christoph Berg for noticing and the patch) (closes: #229604)
* Require anacron to be executable (closes: #240822)
* Set ttyname to prevent pam_access confusion. Problem and solution from
Daniel Kobras (it's nice to get both!) (closes: #254845)
* Fix reference to syslogd(8) in cron.8 (closes: #246580)
* Fix awkward construction in crontab.5 (closes: #252420)
* Cleanup explanation of LOGNAME in crontab.5 (closes: #257672)
* Don't use --exec in start-stop-daemon calls.
-- Steve Greenland <stevegr@debian.org> Mon, 26 Jul 2004 10:40:22 -0500
cron (3.0pl1-83) unstable; urgency=low
* Update default MTA from exim to exim4 (closes:#228561)
-- Steve Greenland <stevegr@debian.org> Mon, 19 Jan 2004 16:39:52 -0600
cron (3.0pl1-82) unstable; urgency=low
* Added /etc/cron.d/.placeholder to prevent dpkg from removing the
directory when all packages using /etc/cron.d are purged. Likewise to
cron.weekly (which needs it), and cron.daily and cron.monthly (which
don't, but I like consistency.) (closes: #217760)
* Add '--retry 5' to the stop part of /etc/init.d/cron restart, so that
cron is completely stopped before attempting restart. (closes: #223945)
* Add cron.hourly directory (closes:#200848, #219338, #226710)
* Support the LSB naming convention for /etc/cron.d (closes: #171587)
* Move cron.d manual section out of DEBIAN SPECIFIC, since many
distributions now support this. (closes:#2277770)
* Clarify that environment setting are not re-expanded (closes: #223570)
* Some crontab(5) man page fixups (closes: #200100)
-- Steve Greenland <stevegr@debian.org> Sun, 18 Jan 2004 16:20:59 -0600
2003
cron (3.0pl1-81) unstable; urgency=low
* Only protect owner/group setting on individual user crontabs by
version, the setgid setting of /usr/bin/crontab needs to happen every
time (unless the admin has set something with
dpkg-statoverride. (closes: #210838)
* Change cron init script so that '/etc/init.d/cron {stop,restart}' only
kill off the parent daemon, not currently running cron jobs. Much
thanks to Dean Gaudet for the patch. (closes: #211849)
-- Steve Greenland <stevegr@debian.org> Sun, 21 Sep 2003 16:37:16 -0500
cron (3.0pl1-80) unstable; urgency=low
* Kill one last spurious syslog() (closes: #211117, #211245) * Allow system crontabs to be symlinks (closes: #210467)
-- Steve Greenland <stevegr@debian.org> Wed, 17 Sep 2003 19:15:55 -0500
cron (3.0pl1-79) unstable; urgency=low
* Don't exit postinst when user is unkown (closes: #208432) * Remove spurious debug messages (closes: #211117)
-- Steve Greenland <stevegr@debian.org> Tue, 16 Sep 2003 08:26:17 -0500
cron (3.0pl1-78) unstable; urgency=low
* Okay, I think the owner/group fixup in for setgid crontabs is finally
as right as it's going to be. It will work for usernames with spaces,
and if the user doesn't exist (e.g. old crontab for a deleted user),
it will print an error message but not exit, which I think is okay. If
you have a username with a newline in it, then you deserve to lose,
and you will (closes: #210838).
* Allow cron to run in foreground. Possibly useful for running it under
monitoring tools like runit, monit, daemontools, etc. Thanks to Erich
Schubert for the patch (closes: #108492)
* Use the PAM environment settings, if so configured. (closes: #203737)
-- Steve Greenland <stevegr@debian.org> Sun, 14 Sep 2003 16:53:36 -0500
cron (3.0pl1-77) unstable; urgency=low
* Smarter fix-up of crontabs groups (closes: #208555) * Add dependency for adduser (closes: #208848) * Support new PAM @includes for standard PAM configuration. * Move note about loss of checksecurity from debconf to NEWS.Debian.gz, the more appropriate place. Since that was the only use of debconf, this also (closes: #195887) * Add commented-out pam_limits support. (closes: 190556)
-- Steve Greenland <stevegr@debian.org> Sat, 6 Sep 2003 18:47:02 -0500
cron (3.0pl1-76) unstable; urgency=low
* Fix postinst bug for no user crontabs (closes: #208433, #208435, #208448)
-- Steve Greenland <stevegr@debian.org> Tue, 2 Sep 2003 18:05:31 -0500
cron (3.0pl1-75) unstable; urgency=low
* Make crontab setgid 'crontab' rather than setuid 'root' (closes: #18333)
-- Steve Greenland <stevegr@debian.org> Mon, 1 Sep 2003 18:57:14 -0500
cron (3.0pl1-74) unstable; urgency=low
* Split out the checksecurity script et. al. to seperate package
'checksecurity'
* Detect missing or stupid stepsize (e.g. */ or 7-9/0) (closes: #183650)
* Allow for crontab editors that don't write to the same file. Finally.
(closes: #149908)
* Don't weird out if VISUAL or EDITOR is set to "" (closes: #148809)
* Fixed several documentation/script typos and clarifications
(closes: #149448)
* Standards-Version 3.5.9
-- Steve Greenland <stevegr@debian.org> Sun, 1 Jun 2003 15:02:23 -0500
2002
cron (3.0pl1-73) unstable; urgency=low
* Fixed spelling error in control file (Hi, Matt!) (closes: #124523) * Check for existence of /etc/init.d/cron in prerm (closes:#151006) * Added conflict for ancient version of lockfile-progs (closes: #123269) * Added Mosix FS to list of excluded FS types in checksecurity.conf (closes: #129177) * chmod group.bak instead of passwd.bak twice (closes: #130079) * Added ext3 for lost+found searches (closes:#135013) * Finally fixed longstanding bug where cron doesn't recognize crontab changes until 1 minute later. I don't know what I was looking at before, as it was trivial. I apologize to all those bothered by this problem. (closes: #74524, #13952) * Remove debian/preinst, used only for a fix for a pre-slink development release. * Added support for invoke-rc.d, patch from Andreas Metzler (closes:#162676) * Finally figured out why some error messages weren't getting printed for the system crontabs (/etc/crontab, /etc/cron.d/*). Added new error printing function and use it when user.c calls load_entry(). (closes:#79037, #122358) * Remove -odi option from invocation of /usr/sbin/sendmail. (closes:#146224) * Don't run @monthly jobs every day. (closes: #150591). Ditto @yearly. (Isn't it funny that despite the big whinefest about how critically important the @whatever timespecs are, nobody previously noticed this serious bug in the entire 7+ years I've been maintaining cron?) * Fix grammatical here in the cron(8) manpage. (closes: 147277) * Fix spelling error in checksecurity.conf. (closes: #151601) * Fix check for nfs/afs mounts in checksecurity. (closes: #157822) * Replaced some tabs with spaces in crontab.5. (closes: #159912) * Fix cron Makefile to not hardcode '-s' in $(INSTALL) commands. (closes: #164966)
-- Steve Greenland <stevegr@debian.org> Mon, 4 Nov 2002 18:14:45 -0600
2001
cron (3.0pl1-72) unstable; urgency=low
* Add type usbdevfs to skipped "file systems" (this is /proc/bus/usb)
(closes: #113186,#113187)
* Removed 'xfs' from list of skipped file system types. Unfortunately,
it appears to be used by both the arla network file system and the SGI
XFS filesystem, and I must make the conservative choice. (closes: #113234)
* Remove extra diff in checksecurity. (closes: 113950)
* Add type none to skipped "file systems" (--bind mounts) (closes: #111395)
-- Steve Greenland <stevegr@debian.org> Mon, 1 Oct 2001 07:46:34 -0500
cron (3.0pl1-71) unstable; urgency=medium
* Fixed nasty typo in checksecurity. (closes: #112156) * Note to release manager: either -71 should go into woody, or only -69.
-- Steve Greenland <stevegr@debian.org> Thu, 13 Sep 2001 16:39:25 -0500
cron (3.0pl1-70) unstable; urgency=medium
* Catch full disk when writing new crontab. (closes: #110612) * Don't modify backup file modes if no change (to prevent misleading time mods). (closes: #104093) * Remove obsolete reference to /bin/mail in crontab.5. (closes: #110962) * Add Marc Merlin's checksecurity patches with more configuration options. (closes: #89547, #63445) * Make all setuid.{today,yesterday,etc.} files group adm. (closes: #109520)
-- Steve Greenland <stevegr@debian.org> Fri, 7 Sep 2001 18:27:37 -0500
cron (3.0pl1-69) unstable; urgency=low
* Don't run checksecurity on any partition mount nosuid or noexec. (closes:#98160) * Don't run on devpts, either.
-- Steve Greenland <stevegr@debian.org> Sun, 20 May 2001 13:48:15 -0500
cron (3.0pl1-68) unstable; urgency=low
* Finally tracked down the problem with @{reboot,hourly,etc.} commands
in the root crontabs (/etc/crontab, /etc/cron.d/*) (closes:#62141, #84727)
* Minor cosmetic cleanup in lost+found output, from Matthijs Melchior
(closes:#88861)
-- Steve Greenland <stevegr@debian.org> Sat, 19 May 2001 17:37:52 -0500
cron (3.0pl1-67) unstable; urgency=high
* With crontab -e, don't give uid root on re-edit.
-- Steve Greenland <stevegr@debian.org> Sun, 6 May 2001 11:41:50 -0500
cron (3.0pl1-66) unstable; urgency=low
* The "Julian Gilbey has been spending too much time proofreading" release. Remove hyphens in cron.init (closes:#91323) * change log_it() to open and close syslog every time, remove SIGPIPE catcher, etc., all in attempt to keep PAM happy. * Added original location to copyright file (closes:#88507) * Allocate username dynamically in crontab.c (closes:#89040,#62268) * Remove pam_limits.so from cron.pam file.
-- Steve Greenland <stevegr@debian.org> Tue, 27 Mar 2001 18:04:16 -0600
cron (3.0pl1-65) unstable; urgency=high
* Close reboot file /var/run/crond.reboot after creating it, duh. Leaving it open allowed possible writes from cron jobs.
-- Steve Greenland <stevegr@debian.org> Mon, 26 Feb 2001 09:47:34 -0600
cron (3.0pl1-64) unstable; urgency=high
* The "President's Birthday" release. * Add checks for setuid() failures, to avoid running user jobs as root. (closes:#85609, #86775) * Add portability flag -P to df (in /etc/cron.daily/standard) to avoid problem with long device names. (closes:#86851) * Convert from suidmanager to dpkg --statoverride. * Remove unnecessary dependency on bsdutils (it's Essential) * Change compat.h to not cause inclusion of sys/time.h (instead of time.h), due to recent change in glibc. Why it was doing this, I have no idea.
-- Steve Greenland <stevegr@debian.org> Wed, 21 Feb 2001 16:26:57 -0600
cron (3.0pl1-63) unstable; urgency=medium
* Fix mistaken diagnostic in crontab ("Reached end of file
while reading environment").
* Fix "Too many arguments to [" error in postinst. (closes:#79725)
-- Steve Greenland <stevegr@debian.org> Sun, 28 Jan 2001 12:00:55 -0600
cron (3.0pl1-62) unstable; urgency=medium
* Change tracking of crontab directory mod times to deal with directories with mtimes in the future. Thanks to Florian Lohoff for tracking down the cause of this rare yet long-standing bug. (closes:#51202, #57356, #64198, #77353) * Run @reboot jobs only on reboot instead of cron restart. (closes:#74762, #77563) * Clarify which directory the lost+found files are in. * Protect against reading other people's crontabs via temp file symlink in crontab -e.
-- Steve Greenland <stevegr@debian.org> Sat, 27 Jan 2001 17:01:43 -0600
2000
cron (3.0pl1-61) unstable; urgency=high
* Fix usage message in cron.init. * Use pam only on non-Hurd. (closes:#75408) * Move dpkg status backups to /var/backups. * Apply security fix for temp file attack, thanks to Daniel Jacobowitz. * Made /etc/pam.d/cron a conffile.
-- Steve Greenland <stevegr@debian.org> Fri, 17 Nov 2000 16:06:03 -0600
cron (3.0pl1-60) unstable; urgency=low
* Re-set log to LOG_CRON after PAM changes it to LOG_AUTH.(closes:#70028)
-- Steve Greenland <stevegr@debian.org> Thu, 31 Aug 2000 14:37:44 -0500
cron (3.0pl1-59) unstable; urgency=low
* Fixed typo of @cmp in standard.daily (closes:#69921,#69937,#69956) * Add /etc/pam.d/cron, using standard Unix authorizations (closes:#69939)
-- Steve Greenland <stevegr@debian.org> Fri, 25 Aug 2000 14:02:47 -0500
cron (3.0pl1-58) unstable; urgency=low
* Fix use of PATH_MAX/MAXPATHLEN in database.c and other HURD issues
(closes:#64382)
* Look in all (ext2) lost+found directories, not just
/lost+found (closes:#66629)
* Cosmetic changes to daily/standard (closes:#65078)
* Use diff -u0 in checksecurity to avoid useless context (closes:#60919)
* Note uppercasing of child processes in cron.8 (closes:#62103)
* Added Topi Mitterands PAM support patch - Thanks! (closes:#68366,#67586)
* Fix segfault in crontab -l (closes:#53735)
* Added Build-Depends.
* Added support for DEB_BUILD_OPTIONS, changed default compile to '-02 -Wall'
* Fixed various complaints generated by -Wall :-), except 'rcsid unused'
-- Steve Greenland <stevegr@debian.org> Wed, 23 Aug 2000 16:20:39 -0500
cron (3.0pl1-57) frozen unstable; urgency=low
* Release Manager: 61296 is RC bug; * Change lockfile-progs "Depends" to "Suggests" (policy violation), only try to use lockfile-create in /etc/cron.daily/standard if it is installed (closes:#61296)
-- Steve Greenland <stevegr@debian.org> Wed, 29 Mar 2000 20:12:06 -0600
cron (3.0pl1-56) frozen unstable; urgency=medium
* Release Manager: 59115 is RC bug. * set backup password files to root-only rw (closes:#59115) * Fixed missing ntfs in checksecurity.conf (closes:#56939)
-- Steve Greenland <stevegr@debian.org> Mon, 28 Feb 2000 19:16:20 -0600
1999
cron (3.0pl1-55) unstable; urgency=low
* Changed __linux feature checks to __linux__ (closes:#50240) * Added '-u' to diff in checksecurity (closes:#51679) * Moved checksecurity LOGDIR (formerly LOG) setting to config file (closes:#49683) * Fixed removal of lockfile in cron.daily/standard.
-- Steve Greenland <stevegr@debian.org> Sat, 18 Dec 1999 18:53:29 -0600
cron (3.0pl1-54) unstable; urgency=low
* Fixed spelling in checksecurity.8 (closes:#45281) * Only look in /lost+found if it exists (closes:#46389) * Only run @weekly jobs once a week (was looking at dom with OR rather than AND.) (closes:#49437) * Don't run more than one instance of /etc/cron.daily/standard (closes:#45487) * Removed extra generation of TSTP in crontab -e. (closes:#48542)
-- Steve Greenland <stevegr@debian.org> Sun, 7 Nov 1999 15:09:48 -0600
cron (3.0pl1-53) unstable; urgency=medium
* Applied OpenBSD patches supplied Topi Miettinen. Big change is better handling of timekeeping (in particular, changes to/from daylight savings time) (closes:#8499). * Redirect stdin, stdout, and stderr to /dev/null. (closes:#37189, #23231, #30653). * Fixed bit_set()/bit_nset() confusion that caused @hourly to not work, so that functionality is now documented (closes:#43282). * Changed warrantee to warranty in debian/copyright (but it's still misspelled in the source files) (closes:#40312) * Adjust checksecurity and cron_daily/standard to get consistent owner/perms on /var/log/setuid* files. (closes:#15295) * Add 'coda' to the list of nfs/afs like file systems in checksecurity.conf (closes:#29909) * Fix version comparison to use dpkg --compare-versions, which is what I should have done in the first place (closes:#42454) * Add 'xfs' to the list of nfs/afs like file systems in checksecurity.conf, as it appears that xfs==arla and arla==xfs. If there are other file systems that show up as 'xfs', please let me know (closes:#37523) * Don't rotate wtmp and btmp (closes:#42301).
-- Steve Greenland <stevegr@debian.org> Sat, 11 Sep 1999 18:42:37 -0500
cron (3.0pl1-52) unstable; urgency=high
* Patch to fix "Reverse DoS": user could send arbitrary options to sendmail via MAILTO variable. Fix by not allowing spaces or leading dashes in MAILTO, and run sendmail as user, not root.
-- Steve Greenland <stevegr@debian.org> Sun, 29 Aug 1999 21:50:28 -0500
cron (3.0pl1-51) unstable; urgency=low
* Changed default of "crontab -l" to NOT list the extra header lines. May obtain original behaviour by setting "CRONTAB_NOHEADER=N". * Fixed comment in misc.c that accidentally cause the SIGPIPE handler to be reset more often than necessary. * Don't checksecurity on ntfs file systems (closes:#33079) * Added '-i' flag to sendmail command (closes:#36338) * Added check for files in /lost+found (closes:#29791) * Added preferential invocation of anacron for cron.{daily,weekly,monthly}
-- Steve Greenland <stevegr@master.debian.org> Thu, 27 May 1999 17:37:54 -0500
cron (3.0pl1-50) frozen unstable; urgency=low
* Fixed rules file again so that crontab suidness doesn't get
stepped on by debhelper under certain kernel versions.
-- Steve Greenland <stevegr@debian.org> Sat, 9 Jan 1999 14:17:09 -0600
1998
cron (3.0pl1-49) frozen unstable; urgency=low
* Check for /etc/shadow and /etc/gshadow separately (closes:Bug#30232)
-- Steve Greenland <stevegr@master.debian.org> Wed, 2 Dec 1998 21:30:00 -0600
cron (3.0pl1-48) frozen unstable; urgency=low
* Fixed rules file so that crontab doesn't get suid bit removed by latest version of debhelper. (closes:Bug#29683)
-- Steve Greenland <stevegr@master.debian.org> Mon, 30 Nov 1998 21:10:00 -0600
cron (3.0pl1-47) frozen unstable; urgency=high
* Removed close of {stdin,stdout,stderr}, as it appears that
some cron users expect it.
-- Steve Greenland <stevegr@master.debian.org> Mon, 2 Nov 1998 09:25:44 -0600
Cron (3.0pl1-46) frozen unstable; urgency=medium
* changed mention of /var/spool/crontabs to /var/spool/cron/crontabs, and added example /etc/crontab. (closes:Bug#28458,Bug#23101) * Incorporated buffer overflow patches. (closes:Bug#26705,Bug#26749) * Added backup of /etc/shadow and /etc/gshadow in cron.daily/standard. (closes:Bug#25853) * Better daemonization (close stdin,stdout,stderr). (closes:Bug#23231) * Do cron.daily a little earlier, try to avoid overlap with cron.weekly. (closes:Bug#23023) * Added note in crontab.1 and crontab.5 about trailing newline requirement. (closes:Bug#16132)
-- Steve Greenland <stevegr@master.debian.org> Sun, 1 Nov 1998 19:10:45 -0600
cron (3.0pl1-45) frozen unstable; urgency=high
* Updated README and README.Debian w.r.t. file locations. * Updated crontab.1 w.r.t. location of allow and deny files. * Fixed problem in postinst when new install (instead of upgrade) (closes:Bug#21426) * Smarter algorithm for checking /etc/cron.d for changes, no longer spins up laptop disks every minute. Thanks to Alexander "Shurik" Shumakovitch for the fix. * Re-did checksecurity to only report NFS/AFS insecure mounts instead of running find on them (suggestion from Gregory Stark).
-- Steve Greenland <stevegr@master.debian.org> Sun, 26 Apr 1998 13:41:51 -0500
cron (3.0pl1-44) unstable; urgency=low
* Fixed standards version reference. * Fixed init script "comment", sigh. Let this be a warning to you: NEVER EVER change a file with doing a complete test, even if it is "just a comment". (closes:Bug#19466,Bug#19492,Bug#19479,Bug#19595,Bug#19725,Bug#19840, Bug#19845,Bug19852). Sheesh.
-- Steve Greenland <stevegr@master.debian.org> Tue, 17 Mar 1998 21:55:03 -0600
cron (3.0pl1-43) unstable; urgency=medium
* Removed support for TMPDIR. This is due to the problem it causes
with emacs -- emacs does different things with it's backup files
depending on whether or not the file is in /tmp. Emacs probably ought
to use TMPDIR instead of /tmp in its check. I've opened a "wishlist"
bug for crontab to support TMPDIR.
(closes: Bug#15985)
* When USE_SIGCHLD is defined, before running user process, set handling
for SIGCHLD to SIG_DFL, not SIG_IGN. Despite documentation that the
default for SIGCHLD is ignore, the behaviour is different.
(closes:Bug#17564,Bug#9075,Bug#16436,Bug#17814)
* Moved allow and deny files from /var/spool/cron to /etc/cron.{allow,deny}
(closes:Bug#14970)
* filenames in /etc/cron.d must comply with run-parts naming convention -
alpha-numeric, underscore, or hyphen. This ensures that conffile
remains (e.g. package.dpkg-dist) files don't get run.
* removed cronanacron command from /etc/crontab and distribution --
replaced by /etc/cron.d/anacron file (from anacron package, not cron).
* Documented /etc/cron.d dir in manpage and readme.debian
* modified checksecurity.conf to not check auto file systems.
(closes:Bug#8702)
* crontab -u `whoami` now works. (closes:Bug#8702)
* documented CRONTAB_NOHEADER in crontab.1
* /etc/crontab now uses run-parts(8) --report switch. (closes:Bug#18273)
* fixed initialization of oact in misc.c. (closes:Bug#17134)
* converted to use debhelper rather than debmake.
* changed date format in checksecurity so that we don't get false positives
after six months. (closes:Bug#19025)
* remove /etc/cron.{allow,deny} on purge
-- Steve Greenland <stevegr@master.debian.org> Mon, 9 Mar 1998 01:31:13 -0600
cron (3.0pl1-42) unstable; urgency=low
* Don't output header on 'crontab -l' if CRONTAB_NOHEADER is 'Y' (Bug#15642) * Read files in /etc/cron.d in addition to /etc/crontab (Bug#16628, Bug#16617)
-- Steve Greenland <stevegr@master.debian.org> Sun, 11 Jan 1998 18:32:26 -0600
1997
cron (3.0pl1-41) unstable; urgency=low
* Updated crontab to use /usr/bin/editor if EDITOR and VISUAL undefined. * Added support for TMPDIR from crontab (Bug#9309) * Compress /usr/doc/cron/changelog.Debian -- this time for sure! (Bug#15296)
-- Steve Greenland <stevegr@master.debian.org> Fri, 28 Nov 1997 13:47:03 -0600
cron (3.0pl1-40) unstable; urgency=low
* Correct directory reference in standard.monthly to /var/log (Bug#12315, Bug#13466) * Added -DUSE_SIGCHLD to defs, needed for alpha (Bug#12855,Bug#8611). May also fix Bug#9075. * Changed check for suidmanager (Bug#9326) * Checksecurity no longer checks fat or vfat filesystems (Bug#8845, Bug#13574) * Changed spaces in crontab to <TAB>, appearance only (Bug#13369) * Removed bashism from standard.daily and checksecurity (Bug#9908, Bug#9909) * Added CHECKSECURITY_DISABLE flag to checksecurity.conf. * Get the changelog names correct (Bug#14618) * Correct day-of-month and month ranges in crontab.5 (Bug#15073)
-- Steve Greenland <stevegr@master.debian.org> Sun, 23 Nov 1997 22:58:05 -0600
cron (3.0pl1-39) unstable; urgency=low
* Added configuration variable to eliminate error messages from
checksecurity's find command
* Better integration with anacron: suggest anacron, call anacron
on a regular basis so that it can keeps it's status up-to-date. New
file /usr/sbin/cronanacron.
* Call savelog for /var/adm/btmp from /etc/cron.monthly/standard.
-- Steve Greenland <stevegr@master.debian.org> Sun, 24 Aug 1997 18:52:55 -0500
cron (3.0pl1-38) stable unstable; urgency=low
* When upgrading from -36 or -36.1, stop old cron daemon in preinst, because the prerm's in those versions doesn't. * Follow console message standard.
-- Steve Greenland <stevegr@master.debian.org> Sat, 18 Jan 1997 15:34:42 -0600
cron (3.0pl1-37) stable unstable; urgency=medium
* Corrected postinst,prerm, and postrm scripts -- Installs and removes rc.d links, and re-starts cron after install. * More fixes from the BSD crew, sent to me by Marek Michalkiewicz: mostly checks for null pointers, but also a few Makefile fixes, and at least one potential buffer overrun (but I know of no exploits). * Left in suidmanager stuff, but corrected default permission to 4755, per Debian standards. * Added CHANGES file (as /usr/doc/cron/changelog.upstream.gz) to distribution. Added upstream README to distribution. * Moved files out of ./debian/extra into ./debian because dpkg-source cannot deal with createing directories. Hmmph. * Removed filereaper reference from standard.daily
-- Steve Greenland <stevegr@master.debian.org> Sun, 5 Jan 1997 18:23:14 -0600
1996
cron (3.0pl1-36.1) stable unstable; urgency=HIGH
* Mended `find' invocation in debian/rules. * Serious security hole (buffer overrun) fixed. * Silly suidmanager stuff added by debmake. Pah.
-- Jon Rabone <jkr@master.debian.org> Wed, 18 Dec 1996 21:38:33 +0000
cron (3.0pl1-36) frozen unstable; urgency=low
* Removed DEBUG logging about SIGPIPE -- it's generated by every child once syslogd has been restarted.
-- Steve Greenland <stevegr@master.debian.org> Mon, 2 Dec 1996 01:41:16 -0600
cron (3.0pl1-35) frozen unstable; urgency=low
* Converted to new source format * Added code in misc.c to catch SIGPIPE and re-open syslog. This is all in #if defined(DEBIAN), and should be removed when syslog(3) is fixed. Also added -DDEBIAN to build commands in Makefile.
-- Steve Greenland <steveg@neuromancer.dmccorp.com> Sun, 1 Dec 1996 16:21:52 -0600