The vixie-cron package contains the Vixie version of cron. Cron is astandard UNIX daemon that runs specified programs at scheduled times. Thevixie-cron package adds improved security and more powerful configurationoptions to the standard version of cron.A race condition was found in the way the crontab program performed filetime stamp updates on a temporary file created when editing a user crontabfile. A local attacker could use this flaw to change the modification timeof arbitrary system files via a symbolic link attack. (CVE-2010-0424)Red Hat would like to thank Dan Rosenberg for reporting this issue.This update also fixes the following bugs:In addition, this update adds the following enhancement:All vixie-cron users should upgrade to this updated package, which resolvesthese issues and adds this enhancement.