ELSA-2018-0855

ELSA-2018-0855 - ntp security, bug fix, and enhancement update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2018-04-16

Description

[4.2.6p5-28.0.1]
- Bump release to avoid ULN conflict with Oracle modified errata.

[4.2.6p5-28]
- fix buffer overflow in datum refclock driver (CVE-2017-6462)
- fix crash with invalid unpeer command (CVE-2017-6463)
- fix potential crash with invalid server command (CVE-2017-6464)
- add Spectracom TSYNC driver (#1491797)
- fix initialization of system clock status (#1493452)
- fix typos in ntpd man page (#1420453)
- use SHA1 request key by default (#1442083)
- use network-online target in ntpdate and sntp services (#1466947)

[4.2.6p5-27]
- fix CVE-2016-7429 patch to work correctly on multicast client (#1422944)

[4.2.6p5-26]
- don't limit rate of packets from sources (CVE-2016-7426)
- don't change interface from received packets (CVE-2016-7429)
- fix calculation of root distance again (CVE-2016-7433)
- require authentication for trap commands (CVE-2016-9310)
- fix crash when reporting peer event to trappers (CVE-2016-9311)

Related CVEs

CVE-2017-6462

CVE-2017-6464

CVE-2017-6463

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 7 (aarch64)	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_aarch64_latest
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_aarch64_optional_latest
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_aarch64_u5_base
	ntp-4.2.6p5-28.0.1.el7.aarch64.rpm	c58f165062717ef8690cfebe350436d03b4a7682d1b82006654b68dab6d633b8	ELBA-2022-9435	ol7_aarch64_latest
	ntp-4.2.6p5-28.0.1.el7.aarch64.rpm	c58f165062717ef8690cfebe350436d03b4a7682d1b82006654b68dab6d633b8	ELBA-2022-9435	ol7_aarch64_u5_base
	ntp-doc-4.2.6p5-28.0.1.el7.noarch.rpm	711217ced6dfc711b7ce18c3b5b9217f4e289a6110ba1c503c9fe44cc83672c2	ELBA-2022-9435	ol7_aarch64_optional_latest
	ntp-perl-4.2.6p5-28.0.1.el7.noarch.rpm	7d57ae8c2225ec5cd9e6fede1c261a711e3f2d0120ae6ddb497972ea975ce41f	ELBA-2022-9435	ol7_aarch64_optional_latest
	ntpdate-4.2.6p5-28.0.1.el7.aarch64.rpm	65461c1c553bf9a08a238022a9ce3681921d6005e6d471b80a736aeb355a6555	ELBA-2022-9435	ol7_aarch64_latest
	ntpdate-4.2.6p5-28.0.1.el7.aarch64.rpm	65461c1c553bf9a08a238022a9ce3681921d6005e6d471b80a736aeb355a6555	ELBA-2022-9435	ol7_aarch64_u5_base
	sntp-4.2.6p5-28.0.1.el7.aarch64.rpm	eb88e64fa977033a57d17d779b38f7281be2c0cc3a37c18ab9295873faef3470	ELBA-2022-9435	ol7_aarch64_optional_latest
Oracle Linux 7 (x86_64)	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_x86_64_latest
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_x86_64_optional_archive
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_x86_64_optional_latest
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_x86_64_u5_base
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_x86_64_u5_developer
	ntp-4.2.6p5-28.0.1.el7.src.rpm	e1625db431cb1e441bb7f2f2abfba9b0f01c6bcd44ae3b8751f8561deb354076	ELBA-2022-9435	ol7_x86_64_u6_base
	ntp-4.2.6p5-28.0.1.el7.x86_64.rpm	4136ea0e88082c217b5861bf10fe1b3d579a387c071339f995c6dab0f6418782	ELBA-2022-9435	ol7_x86_64_latest
	ntp-4.2.6p5-28.0.1.el7.x86_64.rpm	4136ea0e88082c217b5861bf10fe1b3d579a387c071339f995c6dab0f6418782	ELBA-2022-9435	ol7_x86_64_u5_base
	ntp-4.2.6p5-28.0.1.el7.x86_64.rpm	4136ea0e88082c217b5861bf10fe1b3d579a387c071339f995c6dab0f6418782	ELBA-2022-9435	ol7_x86_64_u5_developer
	ntp-4.2.6p5-28.0.1.el7.x86_64.rpm	4136ea0e88082c217b5861bf10fe1b3d579a387c071339f995c6dab0f6418782	ELBA-2022-9435	ol7_x86_64_u6_base
	ntp-doc-4.2.6p5-28.0.1.el7.noarch.rpm	711217ced6dfc711b7ce18c3b5b9217f4e289a6110ba1c503c9fe44cc83672c2	ELBA-2022-9435	ol7_x86_64_optional_archive
	ntp-doc-4.2.6p5-28.0.1.el7.noarch.rpm	711217ced6dfc711b7ce18c3b5b9217f4e289a6110ba1c503c9fe44cc83672c2	ELBA-2022-9435	ol7_x86_64_optional_developer
	ntp-doc-4.2.6p5-28.0.1.el7.noarch.rpm	711217ced6dfc711b7ce18c3b5b9217f4e289a6110ba1c503c9fe44cc83672c2	ELBA-2022-9435	ol7_x86_64_optional_latest
	ntp-perl-4.2.6p5-28.0.1.el7.noarch.rpm	7d57ae8c2225ec5cd9e6fede1c261a711e3f2d0120ae6ddb497972ea975ce41f	ELBA-2022-9435	ol7_x86_64_optional_archive
	ntp-perl-4.2.6p5-28.0.1.el7.noarch.rpm	7d57ae8c2225ec5cd9e6fede1c261a711e3f2d0120ae6ddb497972ea975ce41f	ELBA-2022-9435	ol7_x86_64_optional_developer
	ntp-perl-4.2.6p5-28.0.1.el7.noarch.rpm	7d57ae8c2225ec5cd9e6fede1c261a711e3f2d0120ae6ddb497972ea975ce41f	ELBA-2022-9435	ol7_x86_64_optional_latest
	ntpdate-4.2.6p5-28.0.1.el7.x86_64.rpm	2373ce131e930c1b5231612e50c7565d11020bda1d8dfc6fadec4c93a62394b4	ELBA-2022-9435	ol7_x86_64_latest
	ntpdate-4.2.6p5-28.0.1.el7.x86_64.rpm	2373ce131e930c1b5231612e50c7565d11020bda1d8dfc6fadec4c93a62394b4	ELBA-2022-9435	ol7_x86_64_u5_base
	ntpdate-4.2.6p5-28.0.1.el7.x86_64.rpm	2373ce131e930c1b5231612e50c7565d11020bda1d8dfc6fadec4c93a62394b4	ELBA-2022-9435	ol7_x86_64_u5_developer
	ntpdate-4.2.6p5-28.0.1.el7.x86_64.rpm	2373ce131e930c1b5231612e50c7565d11020bda1d8dfc6fadec4c93a62394b4	ELBA-2022-9435	ol7_x86_64_u6_base
	sntp-4.2.6p5-28.0.1.el7.x86_64.rpm	3b941beffcfc1a4086d87f3cac84eeb7c5072dea745b36414937348bb2807844	ELBA-2022-9435	ol7_x86_64_optional_archive
	sntp-4.2.6p5-28.0.1.el7.x86_64.rpm	3b941beffcfc1a4086d87f3cac84eeb7c5072dea745b36414937348bb2807844	ELBA-2022-9435	ol7_x86_64_optional_developer
	sntp-4.2.6p5-28.0.1.el7.x86_64.rpm	3b941beffcfc1a4086d87f3cac84eeb7c5072dea745b36414937348bb2807844	ELBA-2022-9435	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team