| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | ntp: Security fixes via update to 4.2.8p7 | Armin Kuster | 2016-05-19 | 1 | -157/+0 |
| | | | | | | | | | | | | | | | | | | | | | CVE-2016-1551 CVE-2016-2516 CVE-2016-2517 CVE-2016-2518 CVE-2016-2519 CVE-2016-1547 CVE-2015-7704 CVE-2015-8138 CVE-2016-1550 for more info see: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security Signed-off-by: Armin Kuster <akuster@mvista.com> Acked-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> | ||||
| * | ntp: update 4.2.8p6 | Armin Kuster | 2016-02-23 | 1 | -0/+157 |
| QA error fix: ERROR: QA Issue: ntp: Files/directories were installed but not shipped in any package: /usr/libexec CVES addressed: Bug 2948 / CVE-2015-8158 Bug 2945 / CVE-2015-8138: origin: Zero Origin Timestamp Bypass Bug 2942 / CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode Bug 2940 / CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list Bug 2939 / CVE-2015-7977: reslist NULL pointer dereference Bug 2938 / CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames Bug 2937 / CVE-2015-7975: nextvar() missing length check Bug 2936 / CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers Bug 2935 / CVE-2015-7973: Deja Vu: Replay attack on authenticated broadcast mode Bug 2947 / CVE-2015-8140: ntpq vulnerable to replay attacks Bug 2946 / CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin NTP-4.2.8p5 NtpBug2956: Small-step/Big-step CVE-2015-5300 Bug #2829 Clean up pipe_fds in ntpd.c Bug #2887 stratum -1 config results as showing value 99. Bug #2932 Update leapsecond file info in miscopt.html. Bug #2934 tests/ntpd/t-ntp_scanner.c has a magic constant wired in. Bug #2944 errno is not preserved properly in ntpdate after sendto call. Bug #2952 peer associations were broken by the fix for NtpBug2901 CVE-2015-7704 Bug #2954 Version 4.2.8p4 crashes on startup on some OSes. Bug #2957 'unsigned int' vs 'size_t' format clash. Bug #2958 ntpq: fatal error messages need a final newline. Bug #2962 truncation of size_t/ptrdiff_t on 64bit targets. Bug #2965 Local clock didn't work since 4.2.8p4. Bug #2967 ntpdate command suffers an assertion failure Bug #2969 Seg fault from ntpq/mrulist when looking at server with lots of clients. Bug #2971 ntpq bails on ^C: select fails: Interrupted system call Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> | |||||
 |
index : linux/meta-openembedded.git | |
| Mirror of git.openembedded.org/meta-openembedded | N/A |
| summaryrefslogtreecommitdiffstats |