ELSA-2016-2583
- ULN >
- Oracle Linux Errata repository >
- ELSA-2016-2583
ELSA-2016-2583 - ntp security and bug fix update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2016-11-09 |
Description
[4.2.6p5-25.0.1]
- add disable monitor to default ntp.conf [CVE-2013-5211]
[4.2.6p5-25]
- don't allow spoofed packet to enable symmetric interleaved mode
(CVE-2016-1548)
- check mode of new source in config command (CVE-2016-2518)
- make MAC check resilient against timing attack (CVE-2016-1550)
[4.2.6p5-24]
- fix crash with invalid logconfig command (CVE-2015-5194)
- fix crash when referencing disabled statistic type (CVE-2015-5195)
- don't hang in sntp with crafted reply (CVE-2015-5219)
- don't crash with crafted autokey packet (CVE-2015-7691, CVE-2015-7692,
CVE-2015-7702)
- fix memory leak with autokey (CVE-2015-7701)
- don't allow setting driftfile and pidfile remotely (CVE-2015-7703)
- don't crash in ntpq with crafted packet (CVE-2015-7852)
- check key ID in packets authenticated with symmetric key (CVE-2015-7974)
- fix crash with reslist command (CVE-2015-7977, CVE-2015-7978)
- don't allow spoofed packets to demobilize associations (CVE-2015-7979,
CVE-2016-1547)
- don't accept server/peer packets with zero origin timestamp (CVE-2015-8138)
- fix infinite loop in ntpq/ntpdc (CVE-2015-8158)
- fix resetting of leap status (#1242553)
- extend rawstats log (#1242877)
- report clock state changes related to leap seconds (#1242935)
- allow -4/-6 on restrict lines with mask (#1304492)
- explain synchronised state in ntpstat man page (#1309594)
Related CVEs
| CVE-2015-7977 |
| CVE-2015-5219 |
| CVE-2015-7979 |
| CVE-2015-5196 |
| CVE-2015-7701 |
| CVE-2015-7703 |
| CVE-2015-8158 |
| CVE-2015-7974 |
| CVE-2015-5194 |
| CVE-2015-7852 |
| CVE-2015-7978 |
| CVE-2015-7691 |
| CVE-2015-7702 |
| CVE-2015-7692 |
| CVE-2015-5195 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | ntp-4.2.6p5-25.0.1.el7.src.rpm | f1434f0ac082f9a641597dd1bc0aa602fe616abcdfcb404c0ee5991c408c7849 | ELBA-2022-9435 | ol7_x86_64_latest_archive |
| ntp-4.2.6p5-25.0.1.el7.src.rpm | f1434f0ac082f9a641597dd1bc0aa602fe616abcdfcb404c0ee5991c408c7849 | ELBA-2022-9435 | ol7_x86_64_optional_archive | |
| ntp-4.2.6p5-25.0.1.el7.src.rpm | f1434f0ac082f9a641597dd1bc0aa602fe616abcdfcb404c0ee5991c408c7849 | ELBA-2022-9435 | ol7_x86_64_u3_base | |
| ntp-4.2.6p5-25.0.1.el7.x86_64.rpm | 23d827d74232a06940decd5d16ba79d37527044f80ceae223d29c7dbe29eb477 | ELBA-2022-9435 | ol7_x86_64_latest_archive | |
| ntp-4.2.6p5-25.0.1.el7.x86_64.rpm | 23d827d74232a06940decd5d16ba79d37527044f80ceae223d29c7dbe29eb477 | ELBA-2022-9435 | ol7_x86_64_u3_base | |
| ntp-doc-4.2.6p5-25.0.1.el7.noarch.rpm | 0c29075c443a01ef1b2ddfe6b2d1515a355d74548169d15e1798f8f002b58e97 | ELBA-2022-9435 | ol7_x86_64_optional_archive | |
| ntp-perl-4.2.6p5-25.0.1.el7.noarch.rpm | 4a32f9e60f8619b2ba82dd62bc5513326ee500e91a002d826d80c1a4b501d8db | ELBA-2022-9435 | ol7_x86_64_optional_archive | |
| ntpdate-4.2.6p5-25.0.1.el7.x86_64.rpm | d7178b697c273dae008727277d0c019785b8e315e3e9c8604cdf15784cfde736 | ELBA-2022-9435 | ol7_x86_64_latest_archive | |
| ntpdate-4.2.6p5-25.0.1.el7.x86_64.rpm | d7178b697c273dae008727277d0c019785b8e315e3e9c8604cdf15784cfde736 | ELBA-2022-9435 | ol7_x86_64_u3_base | |
| sntp-4.2.6p5-25.0.1.el7.x86_64.rpm | c553b9d7b4700bbf0069886ab9cc807a29b9c16ab084f9950dc144d09e63ca57 | ELBA-2022-9435 | ol7_x86_64_optional_archive | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
