Stay Connected:

ELSA-2014-2024

ELSA-2014-2024 - ntp security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2014-12-20

Description


[4.2.6p5-2]
- don't generate weak control key for resolver (CVE-2014-9293)
- don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294)
- fix buffer overflows via specially-crafted packets (CVE-2014-9295)
- don't mobilize passive association when authentication fails (CVE-2014-9296)


Related CVEs


CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) ntp-4.2.6p5-2.el6_6.src.rpmdd6a6e1458da216cfe5b393065982a4fELSA-2018-3854
ntp-4.2.6p5-2.el6_6.i686.rpmfc0de81e84cc8bf3960e458930703eadELSA-2018-3854
ntp-doc-4.2.6p5-2.el6_6.noarch.rpm298616a7d458b11c382c2c94985b3983ELSA-2018-3854
ntp-perl-4.2.6p5-2.el6_6.i686.rpm7b6f26db9053902bf3856ea281b002c3ELSA-2018-3854
ntpdate-4.2.6p5-2.el6_6.i686.rpm0ed7d603b361eb246ef204752e9abc40ELSA-2018-3854
Oracle Linux 6 (x86_64) ntp-4.2.6p5-2.el6_6.src.rpmdd6a6e1458da216cfe5b393065982a4fELSA-2018-3854
ntp-4.2.6p5-2.el6_6.x86_64.rpm7c892b6a276bf59d396a0880ba5b5646ELSA-2018-3854
ntp-doc-4.2.6p5-2.el6_6.noarch.rpm298616a7d458b11c382c2c94985b3983ELSA-2018-3854
ntp-perl-4.2.6p5-2.el6_6.x86_64.rpmb1cb82636614875b86ad89cd4d8957b3ELSA-2018-3854
ntpdate-4.2.6p5-2.el6_6.x86_64.rpma856123ca3bd10bfafaca279308980c5ELSA-2018-3854
Oracle Linux 7 (x86_64) ntp-4.2.6p5-19.el7_0.src.rpm44639c3243a1719f7e8d52cdf8eca08bELSA-2020-2663
ntp-4.2.6p5-19.el7_0.x86_64.rpm24896cc94d74fd7cc75080b6734ad7edELSA-2020-2663
ntp-doc-4.2.6p5-19.el7_0.noarch.rpmc2134b1a6fe84fba573f8b8fac40b714ELSA-2020-2663
ntp-perl-4.2.6p5-19.el7_0.noarch.rpmd58c8adf5a104db5d2bb2ce9eb85f7a2ELSA-2020-2663
ntpdate-4.2.6p5-19.el7_0.x86_64.rpm69680a90dd979a701927de22b707cca6ELSA-2020-2663
sntp-4.2.6p5-19.el7_0.x86_64.rpmaa75becf99362e908f4d9b8f28c04a2aELSA-2020-2663



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights