FEDORA-2015-77bfbc1bcd created by mlichvar 4 years ago for Fedora 21
stable

Security fix for CVE-2015-7704, CVE-2015-5300, CVE-2015-7692, CVE-2015-7871, CVE-2015-7702, CVE-2015-7691, CVE-2015-7852, CVE-2015-7701


Security fix for CVE-2015-5146, CVE-2015-5194, CVE-2015-5219, CVE-2015-5195, CVE-2015-5196

How to install

sudo dnf upgrade --advisory=FEDORA-2015-77bfbc1bcd

This update has been submitted for testing by mlichvar.

4 years ago

This update has obsoleted ntp-4.2.6p5-33.fc21, and has inherited its bugs and notes.

4 years ago

This update has been pushed to testing.

4 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by mlichvar.

4 years ago

Taskotron: upgradepath test FAILED on noarch. Result log: https://taskotron.fedoraproject.org/resultsdb/results/4670380 (results are informative only)

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1238136 CVE-2015-5146 ntp: ntpd control message crash on crafted NUL-byte in configuration directive (VU#668167)
0
0
BZ#1238140 CVE-2015-5146 ntp: ntpd control message crash on crafted NUL-byte in configuration directive (VU#668167) [fedora-all]
0
0
BZ#1254542 CVE-2015-5194 ntp: crash with crafted logconfig configuration command
0
0
BZ#1254544 CVE-2015-5195 ntp: ntpd crash when processing config commands with statistics type
0
0
BZ#1254547 CVE-2015-7703 ntp: config command can be used to set the pidfile and drift file paths
0
0
BZ#1255118 CVE-2015-5219 ntp: infinite loop in sntp processing crafted packet
0
0
BZ#1256664 CVE-2015-5195 ntp: ntpd crash when processing config commands with statistics type [fedora-all]
0
0
BZ#1256667 CVE-2015-5196 ntp: config command can be used to set the pidfile and drift file paths [fedora-all]
0
0
BZ#1256680 CVE-2015-5219 ntp: infinite loop in sntp processing crafted packet [fedora-all]
0
0
BZ#1256681 CVE-2015-5194 ntp: invalid free() with crafted logconfig configuration command [fedora-all]
0
0
BZ#1271070 CVE-2015-7704 ntp: disabling synchronization via crafted KoD packet
0
0
BZ#1271076 CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold
0
0
BZ#1274165 CVE-2015-7704 CVE-2015-5300 ntp: two flaws [fedora-all]
0
0
BZ#1274254 CVE-2015-7691 CVE-2015-7692 CVE-2015-7702 ntp: incomplete checks in ntp_crypto.c
0
0
BZ#1274255 CVE-2015-7701 ntp: slow memory leak in CRYPTO_ASSOC
0
0
BZ#1274261 CVE-2015-7852 ntp: ntpq atoascii memory corruption vulnerability
0
0
BZ#1274265 CVE-2015-7871 ntp: crypto-NAK symmetric association authentication bypass vulnerability
0
0
BZ#1274351 CVE-2015-7692 CVE-2015-7871 CVE-2015-7852 CVE-2015-7701 CVE-2015-7702 CVE-2015-7691 ntp: various flaws [fedora-all]
0
0

Automated Test Results