ntp 1:4.2.6.p5+dfsg-3ubuntu8.1 source package in Ubuntu
Changelog
ntp (1:4.2.6.p5+dfsg-3ubuntu8.1) wily-security; urgency=medium * SECURITY UPDATE: denial of service via crafted NUL-byte in configuration directive - debian/patches/CVE-2015-5146.patch: properly validate command in ntpd/ntp_control.c. - CVE-2015-5146 * SECURITY UPDATE: denial of service via malformed logconfig commands - debian/patches/CVE-2015-5194.patch: fix logconfig logic in ntpd/ntp_parser.y. - CVE-2015-5194 * SECURITY UPDATE: denial of service via disabled statistics type - debian/patches/CVE-2015-5195.patch: handle unrecognized types in ntpd/ntp_config.c. - CVE-2015-5195 * SECURITY UPDATE: file overwrite via remote pidfile and driftfile configuration directives - debian/patches/CVE-2015-5196.patch: disable remote configuration in ntpd/ntp_parser.y. - CVE-2015-5196 - CVE-2015-7703 * SECURITY UPDATE: denial of service via precision value conversion - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in include/ntp.h. - CVE-2015-5219 * SECURITY UPDATE: timeshifting by reboot issue - debian/patches/CVE-2015-5300.patch: disable panic in ntpd/ntp_loopfilter.c. - CVE-2015-5300 * SECURITY UPDATE: incomplete autokey data packet length checks - debian/patches/CVE-2015-7691.patch: add length and size checks to ntpd/ntp_crypto.c. - CVE-2015-7691 - CVE-2015-7692 - CVE-2015-7702 * SECURITY UPDATE: memory leak in CRYPTO_ASSOC - debian/patches/CVE-2015-7701.patch: add missing free in ntpd/ntp_crypto.c. - CVE-2015-7701 * SECURITY UPDATE: denial of service by spoofed KoD - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c. - CVE-2015-7704 - CVE-2015-7705 * SECURITY UPDATE: denial of service via same logfile and keyfile - debian/patches/CVE-2015-7850.patch: rate limit errors in include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c, libntp/msyslog.c. - CVE-2015-7850 * SECURITY UPDATE: ntpq atoascii memory corruption - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in ntpq/ntpq.c. - CVE-2015-7852 * SECURITY UPDATE: buffer overflow via custom refclock driver - debian/patches/CVE-2015-7853.patch: properly calculate length in ntpd/ntp_io.c. - CVE-2015-7853 * SECURITY UPDATE: denial of service via ASSERT in decodenetnum - debian/patches/CVE-2015-7855.patch: simply return fail in libntp/decodenetnum.c. - CVE-2015-7855 * SECURITY UPDATE: symmetric association authentication bypass via crypto-NAK - debian/patches/CVE-2015-7871.patch: drop unhandled packet in ntpd/ntp_proto.c. - CVE-2015-7871 * debian/control: add bison to Build-Depends. * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. -- Marc Deslauriers <email address hidden> Thu, 22 Oct 2015 16:38:14 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Wily
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
ntp_4.2.6.p5+dfsg.orig.tar.gz | 3.9 MiB | 17f0b63e7e27de5cc999a4afdb96b2dbdf76c75181fca50e2395e49e5773dfc9 |
ntp_4.2.6.p5+dfsg-3ubuntu8.1.debian.tar.xz | 94.2 KiB | a82168cc8fc34ec1a1f828d0f6208f2b7e8992eb134227713018e7cd2c8051b2 |
ntp_4.2.6.p5+dfsg-3ubuntu8.1.dsc | 2.3 KiB | 87b5c0f255caafb7eec45448fee281385ea108f5d2015a7a38e6536c5f17fdb4 |
Available diffs
Binary packages built by this source
- ntp: No summary available for ntp in ubuntu wily.
No description available for ntp in ubuntu wily.
- ntp-dbgsym: No summary available for ntp-dbgsym in ubuntu wily.
No description available for ntp-dbgsym in ubuntu wily.
- ntp-doc: No summary available for ntp-doc in ubuntu wily.
No description available for ntp-doc in ubuntu wily.
- ntpdate: client for setting system time from NTP servers
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
ntpdate is a simple NTP client that sets a system's clock to match
the time obtained by communicating with one or more NTP servers. It
is not sufficient, however, for maintaining an accurate clock in the
long run. ntpdate by itself is useful for occasionally setting the
time on machines that do not have full-time network access, such as
laptops.
.
If the full NTP daemon from the package "ntp" is installed, then
ntpdate is not necessary.
- ntpdate-dbgsym: debug symbols for package ntpdate
NTP, the Network Time Protocol, is used to keep computer clocks
accurate by synchronizing them over the Internet or a local network,
or by following an accurate hardware receiver that interprets GPS,
DCF-77, NIST or similar time signals.
.
ntpdate is a simple NTP client that sets a system's clock to match
the time obtained by communicating with one or more NTP servers. It
is not sufficient, however, for maintaining an accurate clock in the
long run. ntpdate by itself is useful for occasionally setting the
time on machines that do not have full-time network access, such as
laptops.
.
If the full NTP daemon from the package "ntp" is installed, then
ntpdate is not necessary.