On 24/10/2007, Chris Kottaridis <chriskot@xxxxxxxxxxxxx> wrote: > I don't have a lot of fedora experience. I am checking what I have > against the security status page to see if I am up to date with the > various known security issues. > > I am trying to find how to get the patches for some of the security > fixes mentioned on the security status page. Right now, specifically for > the vixie-cron package. I found these three CVE reports: > > vixie-cron: > fc7: CVE-2007-1856 backport (vixie-cron) #235882 > vixie-cron-4.1-hardlink.patch > fc7: CVE-2006-2607 backport (vixie-cron) > vixie-cron-4.1-_48-security.patch > fc7: CVE-2005-1038 backport (vixie-cron) > vixie-cron-4.1-CAN-2005-1038-fix-race.patch > > In the srpm I have I see the vixie-cron-4.1-_48-security.patch and the > vixie-cron-4.1-CAN-2005-1038-fix-race.patch, but I don't see the > vixie-cron-4.1-hardlink.patch. > > I would prefer to get the individual hardlink patch at this point as > opposed to upgrading to some new version. > > Where does one find the patches mentioned in the security status pages ? > > Can they be found individually or would I have to unpack them from some > newer SRPM ? Fedora package CVS or the updates src.rpm packages.
