OVMSA-2015-0102 - ntp security update
| Type: | SECURITY |
| Impact: | NA |
| Release Date: | 2015-07-29 |
Description
[4.2.6p5-5]
- reject packets without MAC when authentication is enabled (CVE-2015-1798)
- protect symmetric associations with symmetric key against DoS attack
(CVE-2015-1799)
- fix generation of MD5 keys with ntp-keygen on big-endian systems
(CVE-2015-3405)
- log when stepping clock for leap second or ignoring it with -x (#1204625)
[4.2.6p5-4]
- fix typos in ntpd man page (#1194463)
[4.2.6p5-3]
- validate lengths of values in extension fields (CVE-2014-9297)
- drop packets with spoofed source address ::1 (CVE-2014-9298)
- add nanosecond support to SHM refclock (#1117704)
- allow creating all SHM segments with owner-only access (#1122015)
- allow symmetric keys up to 32 bytes again (#1053551)
- fix calculation of root dispersion (#1045376)
- fix crash in ntpq mreadvar command (#1165141)
- don't step clock for leap second with -x option (#1190619)
- don't drop packets with source port below 123 (#1171630)
- use larger RSA exponent in ntp-keygen (#1184421)
- refresh peers on routing updates (#1193850)
- increase memlock limit again (#1053568)
- warn when monitor can't be disabled due to limited restrict (#1166596)
- improve documentation of restrict command (#1069019)
- update logconfig documentation for patched default (#1193849)
- don't build ntpsnmpd (#995134)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | ntp-4.2.6p5-5.el6.src.rpm | cb292daf9ca4666c225b19fcc9df6f333375b094a25743221cd6aab1747702a9 | OVMSA-2018-0290 | ovm3_x86_64_3.3_patch |
| ntp-4.2.6p5-5.el6.x86_64.rpm | 0fe13b1fedf1ed1c39ec0712c515cdef34b0dad9c1aae3bb880d8655f8a2994e | OVMSA-2018-0290 | ovm3_x86_64_3.3_patch |
| ntpdate-4.2.6p5-5.el6.x86_64.rpm | daf8bba6224d70b773966e9d47c07f92de1d7cc745766dcd1a1c2fc210ba603b | OVMSA-2018-0290 | ovm3_x86_64_3.3_patch |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
