[ubuntu/vivid-proposed] ntp 1:4.2.6.p5+dfsg-3ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Feb 9 18:09:14 UTC 2015
ntp (1:4.2.6.p5+dfsg-3ubuntu4) vivid; urgency=medium
* SECURITY UPDATE: denial of service and possible info leakage via
extension fields
- debian/patches/CVE-2014-9297.patch: properly check lengths in
ntpd/ntp_crypto.c, ntpd/ntp_proto.c.
- CVE-2014-9297
* SECURITY UPDATE: IPv6 ACL bypass
- debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in
ntpd/ntp_io.c.
- CVE-2014-9298
Date: Mon, 09 Feb 2015 13:03:44 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 09 Feb 2015 13:03:44 -0500
Source: ntp
Binary: ntp ntpdate ntp-doc
Architecture: source
Version: 1:4.2.6.p5+dfsg-3ubuntu4
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
ntp - Network Time Protocol daemon and utility programs
ntp-doc - Network Time Protocol documentation
ntpdate - client for setting system time from NTP servers
Changes:
ntp (1:4.2.6.p5+dfsg-3ubuntu4) vivid; urgency=medium
.
* SECURITY UPDATE: denial of service and possible info leakage via
extension fields
- debian/patches/CVE-2014-9297.patch: properly check lengths in
ntpd/ntp_crypto.c, ntpd/ntp_proto.c.
- CVE-2014-9297
* SECURITY UPDATE: IPv6 ACL bypass
- debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in
ntpd/ntp_io.c.
- CVE-2014-9298
Checksums-Sha1:
80ad726d883a850a94ec155c82724da1370053fc 2348 ntp_4.2.6.p5+dfsg-3ubuntu4.dsc
003af6fcb648e8fc118890aa8f38ef9990da4d59 86384 ntp_4.2.6.p5+dfsg-3ubuntu4.debian.tar.xz
Checksums-Sha256:
bdc178ffaf5e0f5dc9cc2e47e771928c49e7c5d4516c7085a5f1c02102766264 2348 ntp_4.2.6.p5+dfsg-3ubuntu4.dsc
6178e72a118f82b37ee46ff015560a620e96f4e8a80386bf2c5562a93a882f24 86384 ntp_4.2.6.p5+dfsg-3ubuntu4.debian.tar.xz
Files:
f9aa5b31471fc35cd7b75ef816b4ae80 2348 net optional ntp_4.2.6.p5+dfsg-3ubuntu4.dsc
c432b218b5119d3ea2704ffe79a46aa4 86384 net optional ntp_4.2.6.p5+dfsg-3ubuntu4.debian.tar.xz
Original-Maintainer: Debian NTP Team <pkg-ntp-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJU2PdpAAoJEGVp2FWnRL6TpG0QALmGXkZNTAh/ry6k7Ax62HXo
eivIvTIQEBguUtA1FRKwjN5vdg/5b7LDc37A5lqcaaAsv+EcqQ8RTkzCrJDx/f4w
Jr87Rs9YMIqWjRqB3oqWqzU8iZu2pYCB/Ma26MgGbM+w4SHc2nJFofFlknfAAwtW
NfBGIJ6WmR66+ypQKdq+2iuj9LMGbsJGj/H1XDdJD3A/99IBTb7O4L23KKu1T1QL
gF8VFisUOBViX6yd5a9Lc2mfeigGy3MM+5cdxQaySS8Y+kXVjoAxSvwZZ91GkU82
wqpaCH8OlMl3nV7MY3L8DTRuFGhj9Iy2mljmz53T3iI0MRspVgX9Sf6hmE+soEmY
mD22aKAw1u6yoa7H/6HVDODIy8ZJq55wpmmsJTmrwBhYLEctxDOphfYoShlaWvsk
TwGsgrusc8waMDrnZRlXQbhnLXUFbKILoKf4KU890AE4pR1MkBXB0jhwEdNCbkBl
EaDja4aSxxj3rbjG53Yp19Fs4F4+Gp0UVvuyIBmXtNkC7xvaLC5AAFT1mFhDXeJk
wcr/xKjISdQAyby0Ocift/0Eswr3+r8BZ2Erd6lW7QboUVltXp7GvaSdS6Rvd4ep
jjogk/e4B/0uGKeIIKukraZzhQx2u8z4rP9EYgDl325Fisz4TegRA9Uu+BRbYPfw
57MsdtNDSM4QqEGnGc+Z
=MWtI
-----END PGP SIGNATURE-----
More information about the Vivid-changes
mailing list