helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-05-18 22:12:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

ntp: update to 4.2.8.p11

Browse Source 
This release addresses five security issues in ntpd:

  LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral association attack
  INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak
  LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations
  LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover from bad state
  LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset authenticated interleaved association

one security issue in ntpq:
  MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write beyond its buffer limit

Signed-off-by: Armin Kuster <akuster@mvista.com>
This commit is contained in:
Armin Kuster 2018-04-10 16:54:46 -07:00
parent c5d027d5e1
commit 18b4b0ec54
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb → meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb
View File

@ -23,8 +23,8 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g
file://ntpd.list \
"
SRC_URI[md5sum] = "745384ed0dedb3f66b33fe84d66466f9"
SRC_URI[sha256sum] = "ddd2366e64219b9efa0f7438e06800d0db394ac5c88e13c17b70d0dcdf99b99f"
SRC_URI[md5sum] = "00950ca2855579541896513e78295361"
SRC_URI[sha256sum] = "f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e"
inherit autotools update-rc.d useradd systemd pkgconfig