NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
da05d74805
kumquat-buildroot/package/ntp
History
Baruch Siach da05d74805 ntp: security bump to version 4.2.8p11 
Fixed or improved security issues:

  CVE-2016-1549 (fixed in 4.2.8p7; this release adds protection): A
  malicious authenticated peer can create arbitrarily-many ephemeral
  associations in order to win the clock selection algorithm

  CVE-2018-7182: Buffer read overrun leads to undefined behavior and
  information leak

  CVE-2018-7170: Multiple authenticated ephemeral associations

  CVE-2018-7184: Interleaved symmetric mode cannot recover from bad
  state

  CVE-2018-7185: Unauthenticated packet can reset authenticated
  interleaved association

  CVE-2018-7183: ntpq:decodearr() can write beyond its buffer limit

Drop patch #3. libntpq_a_CFLAGS now includes NTP_HARD_CFLAGS via
AM_CFLAGS.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-06 19:03:26 +01:00
..
0001-nano.patch
0002-ntp-syscalls-fallback.patch
Config.in
ntp.hash ntp: security bump to version 4.2.8p11 2018-03-06 19:03:26 +01:00
ntp.mk ntp: security bump to version 4.2.8p11 2018-03-06 19:03:26 +01:00
ntpd.etc.conf
ntpd.service
S49ntp