Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
100
security advisorydenial of serviceupdateSUSE: 2019:1990-1 Low Severity: Issues in Cronie Now Resolved
An update that solves two vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for cronie ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1990-1 Rating: low References: #1128935 #1128937 #1130746 #1133100 Cross-References: CVE-2019-9704 CVE-2019-9705 Affected Products: SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Desktop 12-SP4 SUSE CaaS Platform 3.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for cronie fixes the following issues: Security issues fixed: - CVE-2019-9704: Fixed an insufficient check in the return value of calloc which could allow a local user to create Denial of Service by crashing the deamon (bsc#1128937). - CVE-2019-9705: Fixed an implementation vulnerability which could allow a local user to exhaust the memory resulting in Denial of Service (bsc#1128935). Bug fixes: - Manual start of cron is possible even when it's already started using systemd (bsc#1133100). - Cron schedules only one job of crontab (bsc#1130746). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-1990=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-1990=1 - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: -SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): cron-4.2-59.10.1 cronie-1.4.11-59.10.1 cronie-debuginfo-1.4.11-59.10.1 cronie-debugsource-1.4.11-59.10.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): cron-4.2-59.10.1 cronie-1.4.11-59.10.1 cronie-debuginfo-1.4.11-59.10.1 cronie-debugsource-1.4.11-59.10.1 - SUSE CaaS Platform 3.0 (x86_64): cron-4.2-59.10.1 cronie-1.4.11-59.10.1 cronie-debuginfo-1.4.11-59.10.1 cronie-debugsource-1.4.11-59.10.1 References: https://www.suse.com/security/cve/CVE-2019-9704.html https://www.suse.com/security/cve/CVE-2019-9705.html https://bugzilla.suse.com/1128935 https://bugzilla.suse.com/1128937 https://bugzilla.suse.com/1130746 https://bugzilla.suse.com/1133100 _______________________________________________ sle-security-updates mailing list
Jul 26, 2019
•Low
SuSE
202
security advisoryDenial of Servicememory exhaustionopenSUSE Advisory: 2019:1520-1 Addressing Low Severity Cronie DoS Issues
An update that solves two vulnerabilities and has two fixes is now available.. openSUSE Security Update: Security update for cronie ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1520-1 Rating: low References: #1128935 #1128937 #1130746 #1133100 Cross-References: CVE-2019-9704 CVE-2019-9705 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for cronie fixes the following issues: Security issues fixed: - CVE-2019-9704: Fixed an insufficient check in the return value of calloc which could allow a local user to create Denial of Service by crashing the daemon (bsc#1128937). - CVE-2019-9705: Fixed an implementation vulnerability which could allow a local user to exhaust the memory resulting in Denial of Service (bsc#1128935). Bug fixes: - Manual start of cron is possible even when it's already started using systemd (bsc#1133100). - Cron schedules only one job of crontab (bsc#1130746). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-1520=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1520=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): cron-4.2-lp151.4.3.1 cronie-1.5.1-lp151.4.3.1 cronie-anacron-1.5.1-lp151.4.3.1 cronie-anacron-debuginfo-1.5.1-lp151.4.3.1 cronie-debuginfo-1.5.1-lp151.4.3.1 cronie-debugsource-1.5.1-lp151.4.3.1 - openSUSE Leap 15.0 (i586x86_64): cron-4.2-lp150.3.3.1 cronie-1.5.1-lp150.3.3.1 cronie-anacron-1.5.1-lp150.3.3.1 cronie-anacron-debuginfo-1.5.1-lp150.3.3.1 cronie-debuginfo-1.5.1-lp150.3.3.1 cronie-debugsource-1.5.1-lp150.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-9704.html https://www.suse.com/security/cve/CVE-2019-9705.html https://bugzilla.suse.com/1128935 https://bugzilla.suse.com/1128937 https://bugzilla.suse.com/1130746 https://bugzilla.suse.com/1133100 -- . This Fedora Security Release tackles concerns within cronie by rectifying a pair of critical weaknesses.. openSUSE Security, cronie Update, Denial of Service Fix. . Severity: Low. LinuxSecurity.com Team
Jun 05, 2019
•Low
OpenSUSE
100
security advisoryupdatelow severitySUSE: 2019:1389-1 Low: Fixes for Cronie Denial of Service Issues
An update that solves two vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for cronie ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1389-1 Rating: low References: #1128935 #1128937 #1130746 #1133100 Cross-References: CVE-2019-9704 CVE-2019-9705 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for cronie fixes the following issues: Security issues fixed: - CVE-2019-9704: Fixed an insufficient check in the return value of calloc which could allow a local user to create Denial of Service by crashing the daemon (bsc#1128937). - CVE-2019-9705: Fixed an implementation vulnerability which could allow a local user to exhaust the memory resulting in Denial of Service (bsc#1128935). Bug fixes: - Manual start of cron is possible even when it's already started using systemd (bsc#1133100). - Cron schedules only one job of crontab (bsc#1130746). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1389=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-1389=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): cronie-anacron-1.5.1-6.7.1 cronie-anacron-debuginfo-1.5.1-6.7.1 cronie-debuginfo-1.5.1-6.7.1 cronie-debugsource-1.5.1-6.7.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): cron-4.2-6.7.1 cronie-1.5.1-6.7.1 cronie-debuginfo-1.5.1-6.7.1 cronie-debugsource-1.5.1-6.7.1 References: https://www.suse.com/security/cve/CVE-2019-9704.html https://www.suse.com/security/cve/CVE-2019-9705.html https://bugzilla.suse.com/1128935 https://bugzilla.suse.com/1128937 https://bugzilla.suse.com/1130746 https://bugzilla.suse.com/1133100 _______________________________________________ sle-security-updates mailing list
May 31, 2019
•Low
SuSE
203
security advisorydenial of serviceupdateMageia 6: 2019-0157 Moderate: Cronie Denial Of Service Issue
Updated cronie packages fix security vulnerabilities: Cronie before 1.5.3 allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked (CVE-2019-9704). . MGASA-2019-0157 - Updated cronie packages fix security vulnerabilities Publication date: 12 May 2019 URL: https://advisories.mageia.org/MGASA-2019-0157.html Type: security Affected Mageia releases: 6 CVE: CVE-2019-9704, CVE-2019-9705 Updated cronie packages fix security vulnerabilities: Cronie before 1.5.3 allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked (CVE-2019-9704). Cronie before 1.5.3 allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted (CVE-2019-9705). References: - https://bugs.mageia.org/show_bug.cgi?id=24579 - https://lists.fedoraproject.org/archives/list/
May 12, 2019
•Important
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!