NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4946b19567
kumquat-buildroot/package/ntp/ntp.hash
Gustavo Zacarias ee18216d47 ntp: security bump to version 4.2.8p7 
Fixes:

CVE-2016-1551 - Refclock impersonation vulnerability, AKA:
refclock-peering

CVE-2016-1549 - Sybil vulnerability: ephemeral association attack, AKA:
ntp-sybil - MITIGATION ONLY

CVE-2016-2516 - Duplicate IPs on unconfig directives will cause an
assertion botch

CVE-2016-2517 - Remote configuration trustedkey/requestkey values are not
properly validated

CVE-2016-2518 - Crafted addpeer with hmode > 7 causes array wraparound
with MATCH_ASSOC

CVE-2016-2519 - ctl_getitem() return value not always checked

CVE-2016-1547 - Validate crypto-NAKs, AKA: nak-dos

CVE-2016-1548 - Interleave-pivot - MITIGATION ONLY

CVE-2015-7704 - KoD fix: peer associations were broken by the fix for
NtpBug2901, AKA: Symmetric active/passive mode is broken

CVE-2015-8138 - Zero Origin Timestamp Bypass, AKA: Additional KoD Checks

CVE-2016-1550 - Improve NTP security against buffer comparison timing
attacks, authdecrypt-timing, AKA: authdecrypt-timing

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-05-02 17:24:10 +02:00

5 lines
268 B
Plaintext
Raw Blame History

# From http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p7.tar.gz.md5
md5 46dfba933c3e4bc924d8e55068797578 ntp-4.2.8p7.tar.gz
# Calculated based on the hash above
sha256 81d20c06a0b01abe3b84fac092185bf014252d38fe5e7b2758f604680a0220dc ntp-4.2.8p7.tar.gz
Reference in New Issue View Git Blame Copy Permalink