- Wed Sep 5 2018 ns80 <ns80> 4.2.8p12-1.mga6
(not released yet)
+ Revision: 1257275
- new version 4.2.8p12 for CVE-2018-12327 (mga#23505)
+ zezinho
- sync forgotten SOURCES files with cauldron mga#22978
- remove pps-tools dep as it was not in MGA6
- new version 4.2.8p11 fixes security bug MGA#22850 - Wed Mar 29 2017 luigiwalser <luigiwalser> 4.2.6p5-33.mga6
+ Revision: 1095163
- add patches from fedora to fix security issues:
- fix crash with invalid unpeer command (CVE-2017-6463)
- fix buffer overflow in datum refclock driver (CVE-2017-6462)
- fix potential buffer overflow in mx4200 refclock driver (CVE-2017-6451)
- fix potential buffer overflows in formatting of ntpq responses
(CVE-2017-6458)
- fix potential crash with invalid server command (CVE-2017-6464)
- update patches from fedora to fix bugs:
- fix CVE-2016-7429 patch to work correctly on multicast client
- fix typos in ntpd man page (#1434755) - Fri Nov 25 2016 luigiwalser <luigiwalser> 4.2.6p5-32.mga6
+ Revision: 1070155
- add patches from fedora to fix security issues:
- don't limit rate of packets from sources (CVE-2016-7426)
- don't change interface from received packets (CVE-2016-7429)
- require authentication for trap commands (CVE-2016-9310)
- fix crash when reporting peer event to trappers (CVE-2016-9311) - Fri Jun 3 2016 luigiwalser <luigiwalser> 4.2.6p5-31.mga6
+ Revision: 1020184
- add patches from fedora to fix more security issues:
- CVE-2015-8139
- CVE-2016-4954
- CVE-2016-4955
- CVE-2016-4956 - Thu May 12 2016 luigiwalser <luigiwalser> 4.2.6p5-30.mga6
+ Revision: 1014159
- add patches from fedora to fix more bugs and security issues:
- update reference timestamp in orphan mode
- allow sources specified by IPv6 link-local address
- don't allow spoofed packet to enable symmetric interleaved mode
(CVE-2016-1548)
- don't crash on duplicate address in unconfig command (CVE-2016-2516)
- check mode of new source in config command (CVE-2016-2518)
- make MAC check resilient against timing attack (CVE-2016-1550) - Mon Jan 25 2016 luigiwalser <luigiwalser> 4.2.6p5-28.mga6
+ Revision: 927118
- rename CVE-2015-5196 to CVE-2015-7703
- fix CVE-2015-7692 patch name
- add patches from fedora to fix several bugs and security issues:
- report clock state changes related to leap seconds
- allow -4/-6 on restrict lines with mask
- explain synchronised state in ntpstat man page
- don't accept server/peer packets with zero origin timestamp (CVE-2015-8138)
- fix crash with reslist command (CVE-2015-7977, CVE-2015-7978)
- fix infinite loop in ntpq/ntpdc (CVE-2015-8158)
- check key ID in packets authenticated with symmetric key (CVE-2015-7974)
- don't allow spoofed packets to demobilize associations using symmetric key
(CVE-2015-7979) - Wed Oct 28 2015 luigiwalser <luigiwalser> 4.2.6p5-27.mga6
+ Revision: 896075
- add patches from ubuntu to fix CVE-2015-785[035] - Thu Oct 22 2015 luigiwalser <luigiwalser> 4.2.6p5-26.mga6
+ Revision: 894253
- sync with fedora to fix October 2015 security issues:
- check origin timestamp before accepting KoD RATE packet (CVE-2015-7704)
- allow only one step larger than panic threshold with -g (CVE-2015-5300)
- fix memory leak with autokey (CVE-2015-7701)
- don't crash with crafted autokey packet (CVE-2015-7691, CVE-2015-7692,
CVE-2015-7702)
- don't crash in ntpq with crafted packet (CVE-2015-7852)
- don't mobilize passive association with crypto NAK (CVE-2015-7871)