FEDORA-2015-f5f5ec7b6b — security update for ntp

stable

ntp-4.2.6p5-34.fc23

FEDORA-2015-f5f5ec7b6b created by mlichvar 7 years ago for Fedora 23

Security fix for CVE-2015-7704, CVE-2015-5300, CVE-2015-7692, CVE-2015-7871, CVE-2015-7702, CVE-2015-7691, CVE-2015-7852, CVE-2015-7701

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2015-f5f5ec7b6b

This update has been submitted for testing by mlichvar.

7 years ago

This update has been pushed to testing.

7 years ago

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

kevin commented & provided feedback 7 years ago

karma

works here

johnp117 commented & provided feedback 7 years ago

karma

no problems

This update has been submitted for stable by bodhi.

7 years ago

dandim commented & provided feedback 7 years ago

karma

This update has been pushed to stable.

7 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

None

Builds

ntp-4.2.6p5-34.fc23

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

7 years ago

in testing

7 years ago

in stable

7 years ago

BZ#1271070 CVE-2015-7704 ntp: disabling synchronization via crafted KoD packet

BZ#1271076 CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold

BZ#1274165 CVE-2015-7704 CVE-2015-5300 ntp: two flaws [fedora-all]

BZ#1274254 CVE-2015-7691 CVE-2015-7692 CVE-2015-7702 ntp: incomplete checks in ntp_crypto.c

BZ#1274255 CVE-2015-7701 ntp: slow memory leak in CRYPTO_ASSOC

BZ#1274261 CVE-2015-7852 ntp: ntpq atoascii memory corruption vulnerability

BZ#1274265 CVE-2015-7871 ntp: crypto-NAK symmetric association authentication bypass vulnerability

BZ#1274351 CVE-2015-7692 CVE-2015-7871 CVE-2015-7852 CVE-2015-7701 CVE-2015-7702 CVE-2015-7691 ntp: various flaws [fedora-all]

ntp-4.2.6p5-34.fc23

Automated Test Results

None