RHSA-2012:0304: Low: vixie-cron security, bug fix, and enhancement update
First published: Tue Feb 21 2012(Updated: )
The vixie-cron package contains the Vixie version of cron. Cron is a<br>standard UNIX daemon that runs specified programs at scheduled times. The<br>vixie-cron package adds improved security and more powerful configuration<br>options to the standard version of cron.<br>A race condition was found in the way the crontab program performed file<br>time stamp updates on a temporary file created when editing a user crontab<br>file. A local attacker could use this flaw to change the modification time<br>of arbitrary system files via a symbolic link attack. (CVE-2010-0424)<br>Red Hat would like to thank Dan Rosenberg for reporting this issue.<br>This update also fixes the following bugs:<br><li> Cron jobs of users with home directories mounted on a Lightweight</li> Directory Access Protocol (LDAP) server or Network File System (NFS) were<br>often refused because jobs were marked as orphaned (typically due to a<br>temporary NSS lookup failure, when NIS and LDAP servers were unreachable).<br>With this update, a database of orphans is created, and cron jobs are<br>performed as expected. (BZ#455664)<br><li> Previously, cron did not log any errors if a cron job file located in the</li> /etc/cron.d/ directory contained invalid entries. An upstream patch has<br>been applied to address this problem and invalid entries in the cron job<br>files now produce warning messages. (BZ#460070)<br><li> Previously, the "@reboot" crontab macro incorrectly ran jobs when the</li> crond daemon was restarted. If the user used the macro on multiple<br>machines, all entries with the "@reboot" option were executed every time<br>the crond daemon was restarted. With this update, jobs are executed only<br>when the machine is rebooted. (BZ#476972)<br><li> The crontab utility is now compiled as a position-independent executable</li> (PIE), which enhances the security of the system. (BZ#480930)<br><li> When the parent crond daemon was stopped, but a child crond daemon was</li> running (executing a program), the "service crond status" command<br>incorrectly reported that crond was running. The source code has been<br>modified, and the "service crond status" command now correctly reports that<br>crond is stopped. (BZ#529632)<br><li> According to the pam(8) manual page, the cron daemon, crond, supports</li> access control with PAM (Pluggable Authentication Module). However, the PAM<br>configuration file for crond did not export environment variables correctly<br>and, consequently, setting PAM variables via cron did not work. This update<br>includes a corrected /etc/pam.d/crond file that exports environment<br>variables correctly. Setting pam variables via cron now works as documented<br>in the pam(8) manual page. (BZ#541189)<br><li> Previously, the mcstransd daemon modified labels for the crond daemon.</li> When the crond daemon attempted to use the modified label and mcstransd was<br>not running, crond used an incorrect label. Consequently, Security-Enhanced<br>Linux (SELinux) denials filled up the cron log, no jobs were executed, and<br>crond had to be restarted. With this update, both mcstransd and crond use<br>raw SELinux labels, which prevents the problem. (BZ#625016)<br><li> Previously, the crontab(1) and cron(8) manual pages contained multiple</li> typographical errors. This update fixes those errors. (BZ#699620,<br>BZ#699621)<br>In addition, this update adds the following enhancement:<br><li> Previously, the crontab utility did not use the Pluggable Authentication</li> Module (PAM) for verification of users. As a consequence, a user could<br>access crontab even if access had been restricted (usually by being denied<br>in the access.conf file). With this update, crontab returns an error<br>message that the user is not allowed to access crontab because of PAM<br>configuration. (BZ#249512)<br>All vixie-cron users should upgrade to this updated package, which resolves<br>these issues and adds this enhancement.<br>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/vixie-cron | <4.1-81.el5 | 4.1-81.el5 |
| redhat/vixie-cron | <4.1-81.el5 | 4.1-81.el5 |
| redhat/vixie-cron-debuginfo | <4.1-81.el5 | 4.1-81.el5 |
| redhat/vixie-cron-debuginfo | <4.1-81.el5 | 4.1-81.el5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=455664
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=460070
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=476972
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=480930
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=529632
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=541189
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=565809
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=625016
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=699620
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=699621
- https://access.redhat.com/security/updates/classification/#low
- https://access.redhat.com/errata/RHSA-2012:0304 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2012:0304
- agent/software-canonical-lookup
- package-manager/redhat