- Fri Nov 25 2016 luigiwalser <luigiwalser> 4.2.6p5-24.7.mga5
+ Revision: 1070156
- add patches from fedora to fix security issues:
- don't limit rate of packets from sources (CVE-2016-7426)
- don't change interface from received packets (CVE-2016-7429)
- require authentication for trap commands (CVE-2016-9310)
- fix crash when reporting peer event to trappers (CVE-2016-9311)
- add patches from fedora to fix more security issues:
- CVE-2015-8139
- CVE-2016-4954
- CVE-2016-4955
- CVE-2016-4956
- add patches from fedora to fix more bugs and security issues:
- update reference timestamp in orphan mode
- allow sources specified by IPv6 link-local address
- don't allow spoofed packet to enable symmetric interleaved mode
(CVE-2016-1548)
- don't crash on duplicate address in unconfig command (CVE-2016-2516)
- check mode of new source in config command (CVE-2016-2518)
- make MAC check resilient against timing attack (CVE-2016-1550)
- rename CVE-2015-5196 to CVE-2015-7703
- fix CVE-2015-7692 patch name
- add patches from fedora to fix several bugs and security issues:
- report clock state changes related to leap seconds
- allow -4/-6 on restrict lines with mask
- explain synchronised state in ntpstat man page
- don't accept server/peer packets with zero origin timestamp (CVE-2015-8138)
- fix crash with reslist command (CVE-2015-7977, CVE-2015-7978)
- fix infinite loop in ntpq/ntpdc (CVE-2015-8158)
- check key ID in packets authenticated with symmetric key (CVE-2015-7974)
- don't allow spoofed packets to demobilize associations using symmetric key
(CVE-2015-7979)
- add patches from ubuntu to fix CVE-2015-785[035]
- sync with fedora to fix October 2015 security issues:
- check origin timestamp before accepting KoD RATE packet (CVE-2015-7704)
- allow only one step larger than panic threshold with -g (CVE-2015-5300)
- fix memory leak with autokey (CVE-2015-7701)
- don't crash with crafted autokey packet (CVE-2015-7691, CVE-2015-7692,
CVE-2015-7702)
- don't crash in ntpq with crafted packet (CVE-2015-7852)
- don't mobilize passive association with crypto NAK (CVE-2015-7871)
- add patches from fedora to fix CVE-2015-5146, CVE-2015-519[4-6], CVE-2015-5219 - Wed Apr 8 2015 oden <oden> 4.2.6p5-24.mga5
+ Revision: 819877
- P30: security fix for CVE-2015-1798
- P31: security fix for CVE-2015-1799 - Sat Feb 28 2015 alien <alien> 4.2.6p5-23.mga5
+ Revision: 817214
- New configurations are advised to use Orphan mode instead of local clocks - Tue Feb 10 2015 luigiwalser <luigiwalser> 4.2.6p5-22.mga5
+ Revision: 814542
- do not restrict ntpq from localhost - Fri Feb 6 2015 luigiwalser <luigiwalser> 4.2.6p5-21.mga5
+ Revision: 813679
- add patches from fedora to fix CVE-2014-9297 and CVE-2014-9298 - Sat Dec 20 2014 luigiwalser <luigiwalser> 4.2.6p5-20.mga5
+ Revision: 804330
- link to openssl to fix build with CVE-2014-9294 patch
- add patches from fedora to fix CVE-2014-929[3-6] - Wed Oct 15 2014 umeabot <umeabot> 4.2.6p5-17.mga5
+ Revision: 748582
- Second Mageia 5 Mass Rebuild - Tue Sep 16 2014 umeabot <umeabot> 4.2.6p5-16.mga5
+ Revision: 682949
- Mageia 5 Mass Rebuild - Thu Jan 23 2014 luigiwalser <luigiwalser> 4.2.6p5-15.mga4
+ Revision: 567555
- restrict some remote query types by default to mitigate CVE-2013-5211 (mga#12326)