Fedora Update System
ntp-4.2.6p5-36.fc22
FEDORA-2016-34bc10a2c8 created by mlichvar 3 years ago for Fedora 22
stable

Security fix for CVE-2015-7974, CVE-2015-8138, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8158

Security fix for CVE-2015-7704, CVE-2015-5300, CVE-2015-7692, CVE-2015-7871, CVE-2015-7702, CVE-2015-7691, CVE-2015-7852, CVE-2015-7701

How to install

sudo dnf upgrade --advisory=FEDORA-2016-34bc10a2c8

This update has been submitted for testing by mlichvar.

3 years ago

This update has obsoleted ntp-4.2.6p5-34.fc22, and has inherited its bugs and notes.

3 years ago

This update has been pushed to testing.

3 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago
User Icon hreindl commented & provided feedback 3 years ago
karma

works for me

This update has been submitted for stable by mlichvar.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Builds
1
ntp-4.2.6p5-36.fc22
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
BZ#1271070 CVE-2015-7704 ntp: disabling synchronization via crafted KoD packet
0
0
BZ#1271076 CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold
0
0
BZ#1274165 CVE-2015-7704 CVE-2015-5300 ntp: two flaws [fedora-all]
0
0
BZ#1274254 CVE-2015-7691 CVE-2015-7692 CVE-2015-7702 ntp: incomplete checks in ntp_crypto.c
0
0
BZ#1274255 CVE-2015-7701 ntp: slow memory leak in CRYPTO_ASSOC
0
0
BZ#1274261 CVE-2015-7852 ntp: ntpq atoascii memory corruption vulnerability
0
0
BZ#1274265 CVE-2015-7871 ntp: crypto-NAK symmetric association authentication bypass vulnerability
0
0
BZ#1274351 CVE-2015-7692 CVE-2015-7871 CVE-2015-7852 CVE-2015-7701 CVE-2015-7702 CVE-2015-7691 ntp: various flaws [fedora-all]
0
0
BZ#1297471 CVE-2015-7974 ntp: missing key check allows impersonation between authenticated peers (VU#357792)
0
0
BZ#1299442 CVE-2015-8138 ntp: missing check for zero originate timestamp
0
0
BZ#1300269 CVE-2015-7977 ntp: restriction list NULL pointer dereference
0
0
BZ#1300270 CVE-2015-7978 ntp: stack exhaustion in recursive traversal of restriction list
0
0
BZ#1300271 CVE-2015-7979 ntp: off-path denial of service on authenticated broadcast mode
0
0
BZ#1300273 CVE-2015-8158 ntp: potential infinite loop in ntpq
0
0
BZ#1300277 CVE-2015-7974 CVE-2015-8138 CVE-2015-7973 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8158 CVE-2015-8139 CVE-2015-8140 ntp: various flaws [fedora-all]
0
0

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-5.1.0 on bodhi-web-147-557cc.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy