[ubuntu/zesty-security] ntp 1:4.2.8p9+dfsg-2ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jul 5 17:56:02 UTC 2017
ntp (1:4.2.8p9+dfsg-2ubuntu1.1) zesty-security; urgency=medium
* SECURITY UPDATE: DoS in the origin timestamp check
- debian/patches/CVE-2016-9042.patch: comment out broken code in
ntpd/ntp_proto.c.
- CVE-2016-9042
* SECURITY UPDATE: potential Overflows in ctl_put() functions
- debian/patches/CVE-2017-6458.patch: check lengths in
ntpd/ntp_control.c.
- CVE-2017-6458
* SECURITY UPDATE: overflow via long flagstr variable
- debian/patches/CVE-2017-6460.patch: check length in ntpq/ntpq-subs.c.
- CVE-2017-6460
* SECURITY UPDATE: buffer overflow in DPTS refclock driver
- debian/patches/CVE-2017-6462.patch: don't overrun buffer in
ntpd/refclock_datum.c.
- CVE-2017-6462
* SECURITY UPDATE: DoS via invalid setting in a :config directive
- debian/patches/CVE-2017-6463.patch: protect against overflow in
ntpd/ntp_config.c.
- CVE-2017-6463
* SECURITY UPDATE: Dos via malformed mode configuration directive
- debian/patches/CVE-2017-6464.patch: validate directives in
ntpd/ntp_config.c, ntpd/ntp_proto.c.
- CVE-2017-6464
Date: 2017-06-28 18:02:29.216680+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p9+dfsg-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list