ELSA-2016-1141

ELSA-2016-1141 - ntp security update

Type:SECURITY
Severity:MODERATE
Release Date:2016-05-31

Description


[4.2.6p5-10.el6_8.1]
- don't allow spoofed packets to demobilize associations (CVE-2015-7979,
CVE-2016-1547)
- don't allow spoofed packet to enable symmetric interleaved mode
(CVE-2016-1548)
- check mode of new source in config command (CVE-2016-2518)
- make MAC check resilient against timing attack (CVE-2016-1550)


Related CVEs


CVE-2015-7979
CVE-2016-1547
CVE-2016-1548
CVE-2016-1550
CVE-2016-2518

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) ntp-4.2.6p5-10.el6.1.src.rpmd19f7c14c41a5f115c22d2fa54431e02ELSA-2017-0252
ntp-4.2.6p5-10.el6.1.i686.rpm62145925a10f5ae394491d07ddf74e9bELSA-2017-0252
ntp-doc-4.2.6p5-10.el6.1.noarch.rpm7fb06c2f1aceeba2dbac3c06811ff3d3ELSA-2017-0252
ntp-perl-4.2.6p5-10.el6.1.i686.rpm014931a92d6d9732f6973e2e48644c2fELSA-2017-0252
ntpdate-4.2.6p5-10.el6.1.i686.rpm55bc814b9de249f526ddbdf28353b9e4ELSA-2017-0252
Oracle Linux 6 (x86_64) ntp-4.2.6p5-10.el6.1.src.rpmd19f7c14c41a5f115c22d2fa54431e02ELSA-2017-0252
ntp-4.2.6p5-10.el6.1.x86_64.rpme59008bdfdd4a68363f11f3890b1f7f6ELSA-2017-0252
ntp-doc-4.2.6p5-10.el6.1.noarch.rpm7fb06c2f1aceeba2dbac3c06811ff3d3ELSA-2017-0252
ntp-perl-4.2.6p5-10.el6.1.x86_64.rpm371494b918e73e290a90d6b87a61bc3bELSA-2017-0252
ntpdate-4.2.6p5-10.el6.1.x86_64.rpm7a2f18f7d922305d4f2e785c8763577fELSA-2017-0252
Oracle Linux 7 (x86_64) ntp-4.2.6p5-22.el7_2.2.src.rpmca3766ae5e01dbe81f74313807fbd2e2ELBA-2017-0918
ntp-4.2.6p5-22.el7_2.2.x86_64.rpmbcd2cba6ce7d6c487eb3f248e1279885ELBA-2017-0918
ntp-doc-4.2.6p5-22.el7_2.2.noarch.rpmfd4a0bbe534569e7695b70d6e372845fELBA-2017-0918
ntp-perl-4.2.6p5-22.el7_2.2.noarch.rpm3603cb8b398bbff2c6eb5527e70667e2ELBA-2017-0918
ntpdate-4.2.6p5-22.el7_2.2.x86_64.rpmc876ab23e91cf17fd392a4f0648379d5ELBA-2017-0918
sntp-4.2.6p5-22.el7_2.2.x86_64.rpmbabd6d3e7d3bdd9c53bae4d89eb4165eELBA-2017-0918



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete