projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e424c13) | patch
ntp: security bump to version 4.2.8p6
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Wed, 20 Jan 2016 13:18:48 +0000 (10:18 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 20 Jan 2016 14:44:17 +0000 (15:44 +0100)
commit18542431c1057f493f473f0521edf598a9b520ce
tree048c98313ce0e8470c1a0d506df968119b68d71btree
parente424c13460af7196b9c4228bda49220eeb783ffecommit | diff
ntp: security bump to version 4.2.8p6

CVE-2015-7973 - Deja Vu: Replay attack on authenticated broadcast mode
CVE-2015-7974 - Skeleton Key: Missing key check allows impersonation
between authenticated peers
CVE-2015-7975 - nextvar() missing length check
CVE-2015-7976 - ntpq saveconfig command allows dangerous characters in
filenames
CVE-2015-7977 - reslist NULL pointer dereference
CVE-2015-7978 - Stack exhaustion in recursive traversal of restriction
list
CVE-2015-7979 - Off-path Denial of Service (DoS) attack on authenticated
broadcast mode
CVE-2015-8137 - origin: Zero Origin Timestamp Bypass
CVE-2015-8158 - Potential Infinite Loop in ntpq

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/ntp/ntp.hash diff | blob | history
package/ntp/ntp.mk diff | blob | history