- Fri Mar 29 2019 ns80 <ns80> 4.2.8p13-1.mga6
+ Revision: 1381110
- update to 4.2.8p13 for CVE-2019-8936 (mga#24585)
- new version 4.2.8p12 for CVE-2018-12327 (mga#23505)
+ zezinho
- sync forgotten SOURCES files with cauldron mga#22978
- remove pps-tools dep as it was not in MGA6
- new version 4.2.8p11 fixes security bug MGA#22850 - Wed Mar 29 2017 luigiwalser <luigiwalser> 4.2.6p5-33.mga6
+ Revision: 1095163
- add patches from fedora to fix security issues:
- fix crash with invalid unpeer command (CVE-2017-6463)
- fix buffer overflow in datum refclock driver (CVE-2017-6462)
- fix potential buffer overflow in mx4200 refclock driver (CVE-2017-6451)
- fix potential buffer overflows in formatting of ntpq responses
(CVE-2017-6458)
- fix potential crash with invalid server command (CVE-2017-6464)
- update patches from fedora to fix bugs:
- fix CVE-2016-7429 patch to work correctly on multicast client
- fix typos in ntpd man page (#1434755) - Fri Nov 25 2016 luigiwalser <luigiwalser> 4.2.6p5-32.mga6
+ Revision: 1070155
- add patches from fedora to fix security issues:
- don't limit rate of packets from sources (CVE-2016-7426)
- don't change interface from received packets (CVE-2016-7429)
- require authentication for trap commands (CVE-2016-9310)
- fix crash when reporting peer event to trappers (CVE-2016-9311) - Fri Jun 3 2016 luigiwalser <luigiwalser> 4.2.6p5-31.mga6
+ Revision: 1020184
- add patches from fedora to fix more security issues:
- CVE-2015-8139
- CVE-2016-4954
- CVE-2016-4955
- CVE-2016-4956 - Thu May 12 2016 luigiwalser <luigiwalser> 4.2.6p5-30.mga6
+ Revision: 1014159
- add patches from fedora to fix more bugs and security issues:
- update reference timestamp in orphan mode
- allow sources specified by IPv6 link-local address
- don't allow spoofed packet to enable symmetric interleaved mode
(CVE-2016-1548)
- don't crash on duplicate address in unconfig command (CVE-2016-2516)
- check mode of new source in config command (CVE-2016-2518)
- make MAC check resilient against timing attack (CVE-2016-1550)