Ubuntu Security Notice 5259-3 - USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. Florian Weimer discovered that Cron incorrectly handled certain memory operations during crontab file creation. An attacker could possibly use this issue to cause a denial of service. It was discovered that Cron incorrectly handled user input during crontab file creation. An attacker could possibly use this issue to cause a denial of service. It was discovered that Cron contained a use-after-free vulnerability in its force_rescan_user function. An attacker could possibly use this issue to cause a denial of service.
2c9318e69fe86c3b063c4d4569574e3f0fdc2dd430d0ba5c56dd3604970268db
Ubuntu Security Notice 5259-2 - USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack.
f30ea8403ff709ad2f12933000ca06902fbc99d9ae7d782f9e0037b905f42e5f
Ubuntu Security Notice 5259-1 - It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. Florian Weimer discovered that Cron incorrectly handled certain memory operations during crontab file creation. An attacker could possibly use this issue to cause a denial of service.
7708b42ed0cb12cf75a820c930eeee446f370eea62c1f51b9719302793412a84