diff options
author | Armin Kuster <akuster808@gmail.com> | 2018-04-10 16:54:46 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2018-06-14 20:04:24 -0700 |
commit | 275dd812d5d6f1167a511eb6ee12400238ebc3f2 (patch) | |
tree | fe88280eef11eebfdcdeec11caa9c891a829f0a5 | |
parent | fbccaab4755dbf9c9dbe5e82c3072aaa253405eb (diff) | |
download | meta-openembedded-contrib-275dd812d5d6f1167a511eb6ee12400238ebc3f2.tar.gz |
ntp: update to 4.2.8.p11
This release addresses five security issues in ntpd:
LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral association attack
INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak
LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations
LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover from bad state
LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset authenticated interleaved association
one security issue in ntpq:
MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write beyond its buffer limit
Signed-off-by: Armin Kuster <akuster@mvista.com>
(cherry picked from commit 18b4b0ec545488be913b35ea9243292b578ca35f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb (renamed from meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb) | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb index 6db165acec..c698fa0494 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb @@ -23,8 +23,8 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g file://ntpd.list \ " -SRC_URI[md5sum] = "745384ed0dedb3f66b33fe84d66466f9" -SRC_URI[sha256sum] = "ddd2366e64219b9efa0f7438e06800d0db394ac5c88e13c17b70d0dcdf99b99f" +SRC_URI[md5sum] = "00950ca2855579541896513e78295361" +SRC_URI[sha256sum] = "f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e" inherit autotools update-rc.d useradd systemd pkgconfig |