[ubuntu/zesty-updates] ntp 1:4.2.8p9+dfsg-2ubuntu1.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Jul 5 19:04:08 UTC 2017
ntp (1:4.2.8p9+dfsg-2ubuntu1.1) zesty-security; urgency=medium
* SECURITY UPDATE: DoS in the origin timestamp check
- debian/patches/CVE-2016-9042.patch: comment out broken code in
ntpd/ntp_proto.c.
- CVE-2016-9042
* SECURITY UPDATE: potential Overflows in ctl_put() functions
- debian/patches/CVE-2017-6458.patch: check lengths in
ntpd/ntp_control.c.
- CVE-2017-6458
* SECURITY UPDATE: overflow via long flagstr variable
- debian/patches/CVE-2017-6460.patch: check length in ntpq/ntpq-subs.c.
- CVE-2017-6460
* SECURITY UPDATE: buffer overflow in DPTS refclock driver
- debian/patches/CVE-2017-6462.patch: don't overrun buffer in
ntpd/refclock_datum.c.
- CVE-2017-6462
* SECURITY UPDATE: DoS via invalid setting in a :config directive
- debian/patches/CVE-2017-6463.patch: protect against overflow in
ntpd/ntp_config.c.
- CVE-2017-6463
* SECURITY UPDATE: Dos via malformed mode configuration directive
- debian/patches/CVE-2017-6464.patch: validate directives in
ntpd/ntp_config.c, ntpd/ntp_proto.c.
- CVE-2017-6464
Date: 2017-06-28 18:02:29.216680+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p9+dfsg-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list