Overview

Request 586702 accepted

- Update to 4.2.8p11 (bsc#1082210):
* CVE-2016-1549: Sybil vulnerability: ephemeral association
attack. While fixed in ntp-4.2.8p7, there are significant
additional protections for this issue in 4.2.8p11.
* CVE-2018-7182, bsc#1083426: ctl_getitem(): buffer read overrun
leads to undefined behavior and information leak.
* CVE-2018-7170, bsc#1083424: Multiple authenticated ephemeral
associations.
* CVE-2018-7184, bsc#1083422: Interleaved symmetric mode cannot
recover from bad state.
* CVE-2018-7185, bsc#1083420: Unauthenticated packet can reset
authenticated interleaved association.
* CVE-2018-7183, bsc#1083417: ntpq:decodearr() can write beyond
its buffer limit.
* Obsoletes these patches: ntp-sntp-a.patch, ntp-warnings.patch
- Remove dead code from conf.start-ntpd (bsc#1082063).
- Don't use libevent's cached time stamps in sntp.
(bsc#1077445, ntp-sntp-libevent.patch)

Loading...
Request History
Reinhard Max's avatar

rmax created request

- Update to 4.2.8p11 (bsc#1082210):
* CVE-2016-1549: Sybil vulnerability: ephemeral association
attack. While fixed in ntp-4.2.8p7, there are significant
additional protections for this issue in 4.2.8p11.
* CVE-2018-7182, bsc#1083426: ctl_getitem(): buffer read overrun
leads to undefined behavior and information leak.
* CVE-2018-7170, bsc#1083424: Multiple authenticated ephemeral
associations.
* CVE-2018-7184, bsc#1083422: Interleaved symmetric mode cannot
recover from bad state.
* CVE-2018-7185, bsc#1083420: Unauthenticated packet can reset
authenticated interleaved association.
* CVE-2018-7183, bsc#1083417: ntpq:decodearr() can write beyond
its buffer limit.
* Obsoletes these patches: ntp-sntp-a.patch, ntp-warnings.patch
- Remove dead code from conf.start-ntpd (bsc#1082063).
- Don't use libevent's cached time stamps in sntp.
(bsc#1077445, ntp-sntp-libevent.patch)


Saul Goodman's avatar

licensedigger accepted review

ok


Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources


Factory Auto's avatar

factory-auto added repo-checker as a reviewer

Please review build success


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Jan Engelhardt's avatar

jengelh accepted review


Staging Bot's avatar

staging-bot set openSUSE:Factory:Staging:E as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:E"


Staging Bot's avatar

staging-bot accepted review

Picked openSUSE:Factory:Staging:E


Repo Checker's avatar

repo-checker accepted review

cycle and install check passed


Dominique Leuenberger's avatar

dimstar_suse accepted review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse approved review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse accepted request

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by