Overview

Request 370038 accepted

- CVE-2015-8158, bsc#962966: potential infinite loop in ntpq
- CVE-2015-8138, bsc#963002: Zero Origin Timestamp Bypass
- CVE-2015-7978, bsc#963000: Stack exhaustion in recursive
traversal of restriction list.
- CVE-2015-7979, bsc#962784: off-path denial of service on
authenticated broadcast mode
- CVE-2015-7977, bsc#962970: restriction list NULL pointer
dereference
- CVE-2015-7976, bsc#962802: 'ntpq saveconfig' command allows
dangerous characters in filenames
- CVE-2015-7975, bsc#962988: nextvar() missing length check in ntpq
- CVE-2015-7974, bsc#962960: Missing key check allows impersonation
between authenticated peers
- CVE-2015-7973, bsc#962995: replay attack on authenticated
broadcast mode
- CVE-2015-5300, bsc#951629: MITM attacker can force ntpd to make
a step larger than the panic threshold

- update to 4.2.8p6
* fixes low- and medium-severity vulnerabilities
4.2.8p6: CVE-2015-8158 CVE-2015-8138 CVE-2015-7978
CVE-2015-7979 CVE-2015-7977 CVE-2015-7976 CVE-2015-7975
CVE-2015-7974 CVE-2015-7973
4.2.8p5: CVE-2015-5300
* bug fixes
----------------------- --------------------------------------------

Loading...
Request History
Reinhard Max's avatar

rmax created request

- CVE-2015-8158, bsc#962966: potential infinite loop in ntpq
- CVE-2015-8138, bsc#963002: Zero Origin Timestamp Bypass
- CVE-2015-7978, bsc#963000: Stack exhaustion in recursive
traversal of restriction list.
- CVE-2015-7979, bsc#962784: off-path denial of service on
authenticated broadcast mode
- CVE-2015-7977, bsc#962970: restriction list NULL pointer
dereference
- CVE-2015-7976, bsc#962802: 'ntpq saveconfig' command allows
dangerous characters in filenames
- CVE-2015-7975, bsc#962988: nextvar() missing length check in ntpq
- CVE-2015-7974, bsc#962960: Missing key check allows impersonation
between authenticated peers
- CVE-2015-7973, bsc#962995: replay attack on authenticated
broadcast mode
- CVE-2015-5300, bsc#951629: MITM attacker can force ntpd to make
a step larger than the panic threshold

- update to 4.2.8p6
* fixes low- and medium-severity vulnerabilities
4.2.8p6: CVE-2015-8158 CVE-2015-8138 CVE-2015-7978
CVE-2015-7979 CVE-2015-7977 CVE-2015-7976 CVE-2015-7975
CVE-2015-7974 CVE-2015-7973
4.2.8p5: CVE-2015-5300
* bug fixes
----------------------- --------------------------------------------


Factory Auto's avatar

factory-auto added factory-repo-checker as a reviewer

Please review build success


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Saul Goodman's avatar

licensedigger accepted review


Factory Repo Checker's avatar

factory-repo-checker accepted review

Builds for repo network:time/openSUSE_Factory


Max Lin's avatar

mlin7442 set openSUSE:Factory:Staging:E as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:E"


Max Lin's avatar

mlin7442 accepted review

Picked openSUSE:Factory:Staging:E


Dominique Leuenberger's avatar

dimstar_suse accepted review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse approved review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse accepted request

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by