Publishing details

• Published on 2019-01-24
• Copied from ubuntu bionic in Private PPA for Ubuntu Security Team by Marc Deslauriers

Changelog

ntpsec (1.1.0+dfsg1-1ubuntu0.2) bionic-security; urgency=medium

  * Backport three commits from 1.1.3 to fix (LP: #1812458)
    - CVE-2019-6442: "An authenticated attacker can write one byte out of
      bounds in ntpd via a malformed config request, related to
      config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and
      yyerror in ntp_parser.y."
    - CVE-2019-6443: "Because of a bug in ctl_getitem, there is a stack-based
      buffer over-read in read_sysvars in ntp_control.c in ntpd.
    - CVE-2019-6444: "process_control() in ntp_control.c has a stack-based
      buffer over-read because attacker-controlled data is dereferenced by
      ntohl() in ntpd."
    - CVE-2019-6445: "An authenticated attacker can cause a NULL pointer
      dereference and ntpd crash in ntp_control.c, related to ctl_getitem."

 -- Richard Laager <email address hidden>  Fri, 18 Jan 2019 20:07:06 -0600

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Built packages

• ntpsec Network Time Protocol daemon and utility programs

• ntpsec-dbgsym debug symbols for ntpsec

• ntpsec-doc Network Time Protocol documentation

• ntpsec-ntpdate client for setting system time from NTP servers

• ntpsec-ntpviz NTP statistics graphing utility

• python3-ntp Python 3 NTP Helper Classes

• python3-ntp-dbgsym debug symbols for python3-ntp

Package files

• ntpsec-dbgsym_1.1.0+dfsg1-1ubuntu0.2_amd64.ddeb (589.9 KiB)
• ntpsec-dbgsym_1.1.0+dfsg1-1ubuntu0.2_arm64.ddeb (602.4 KiB)
• ntpsec-dbgsym_1.1.0+dfsg1-1ubuntu0.2_armhf.ddeb (580.3 KiB)
• ntpsec-dbgsym_1.1.0+dfsg1-1ubuntu0.2_i386.ddeb (538.2 KiB)
• ntpsec-dbgsym_1.1.0+dfsg1-1ubuntu0.2_ppc64el.ddeb (668.1 KiB)
• ntpsec-dbgsym_1.1.0+dfsg1-1ubuntu0.2_s390x.ddeb (611.6 KiB)
• ntpsec-doc_1.1.0+dfsg1-1ubuntu0.2_all.deb (1.2 MiB)
• ntpsec-ntpdate_1.1.0+dfsg1-1ubuntu0.2_amd64.deb (28.1 KiB)
• ntpsec-ntpdate_1.1.0+dfsg1-1ubuntu0.2_arm64.deb (28.1 KiB)
• ntpsec-ntpdate_1.1.0+dfsg1-1ubuntu0.2_armhf.deb (28.1 KiB)
• ntpsec-ntpdate_1.1.0+dfsg1-1ubuntu0.2_i386.deb (28.1 KiB)
• ntpsec-ntpdate_1.1.0+dfsg1-1ubuntu0.2_ppc64el.deb (28.1 KiB)
• ntpsec-ntpdate_1.1.0+dfsg1-1ubuntu0.2_s390x.deb (28.1 KiB)
• ntpsec-ntpviz_1.1.0+dfsg1-1ubuntu0.2_amd64.deb (45.2 KiB)
• ntpsec-ntpviz_1.1.0+dfsg1-1ubuntu0.2_arm64.deb (45.2 KiB)
• ntpsec-ntpviz_1.1.0+dfsg1-1ubuntu0.2_armhf.deb (45.2 KiB)
• ntpsec-ntpviz_1.1.0+dfsg1-1ubuntu0.2_i386.deb (45.2 KiB)
• ntpsec-ntpviz_1.1.0+dfsg1-1ubuntu0.2_ppc64el.deb (45.2 KiB)
• ntpsec-ntpviz_1.1.0+dfsg1-1ubuntu0.2_s390x.deb (45.2 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2.debian.tar.xz (42.1 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2.dsc (2.5 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2_amd64.deb (277.8 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2_arm64.deb (258.5 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2_armhf.deb (256.3 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2_i386.deb (288.1 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2_ppc64el.deb (290.5 KiB)
• ntpsec_1.1.0+dfsg1-1ubuntu0.2_s390x.deb (265.7 KiB)
• ntpsec_1.1.0+dfsg1.orig.tar.gz (2.4 MiB)
• python3-ntp-dbgsym_1.1.0+dfsg1-1ubuntu0.2_amd64.ddeb (60.7 KiB)
• python3-ntp-dbgsym_1.1.0+dfsg1-1ubuntu0.2_arm64.ddeb (62.0 KiB)
• python3-ntp-dbgsym_1.1.0+dfsg1-1ubuntu0.2_armhf.ddeb (61.5 KiB)
• python3-ntp-dbgsym_1.1.0+dfsg1-1ubuntu0.2_i386.ddeb (56.6 KiB)
• python3-ntp-dbgsym_1.1.0+dfsg1-1ubuntu0.2_ppc64el.ddeb (61.7 KiB)
• python3-ntp-dbgsym_1.1.0+dfsg1-1ubuntu0.2_s390x.ddeb (63.8 KiB)
• python3-ntp_1.1.0+dfsg1-1ubuntu0.2_amd64.deb (75.9 KiB)
• python3-ntp_1.1.0+dfsg1-1ubuntu0.2_arm64.deb (78.5 KiB)
• python3-ntp_1.1.0+dfsg1-1ubuntu0.2_armhf.deb (74.9 KiB)
• python3-ntp_1.1.0+dfsg1-1ubuntu0.2_i386.deb (77.4 KiB)
• python3-ntp_1.1.0+dfsg1-1ubuntu0.2_ppc64el.deb (78.2 KiB)
• python3-ntp_1.1.0+dfsg1-1ubuntu0.2_s390x.deb (75.8 KiB)