Change log for ntp package in Ubuntu
51 → 100 of 171 results | First • Previous • Next • Last |
Superseded in yakkety-release |
Published in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
ntp (1:4.2.8p4+dfsg-3ubuntu5) xenial; urgency=medium * debian/apparmor-profile: allow 'rw' access to /dev/pps[0-9]* devices. Patch thanks to Mark Shuttleworth. (LP: #1564832) -- Jamie Strandboge <email address hidden> Thu, 07 Apr 2016 15:12:41 -0500
Available diffs
ntp (1:4.2.8p4+dfsg-3ubuntu4) xenial; urgency=medium * d/p/fix_local_sync.patch: fix local clock sync (LP: #1558125). -- Pierre-André MOREY <email address hidden> Thu, 17 Mar 2016 10:42:44 +0100
Available diffs
ntp (1:4.2.8p4+dfsg-3ubuntu3) xenial; urgency=medium * debian/patches/ntpdate-fix-lp1526264.patch: - Add Alfonso Sanchez-Beato's patch for fixing the cannot correct dates in the future bug (LP: #1526264) -- Łukasz 'sil2100' Zemczak <email address hidden> Wed, 24 Feb 2016 12:29:32 +0100
Available diffs
ntp (1:4.2.8p4+dfsg-3ubuntu2) xenial; urgency=medium * debian/apparmor-profile: adjust to handle AF_UNSPEC with dgram and stream -- Jamie Strandboge <email address hidden> Wed, 17 Feb 2016 10:41:20 -0600
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu8.2) wily; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric Desrochers <email address hidden> Mon, 25 Jan 2016 12:05:25 -0500
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.8) trusty; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric Desrochers <email address hidden> Mon, 25 Jan 2016 11:39:44 -0500
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu3.9) precise; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric Desrochers <email address hidden> Mon, 25 Jan 2016 12:28:25 -0500
Available diffs
ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium * Merge from Debian testing. Remaining changes: + debian/rules: enable debugging. Ask debian to add this. + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. + Add enforcing AppArmor profile: - debian/control: Add Conflicts/Replaces on apparmor-profiles. - debian/control: Add Suggests on apparmor. - debian/control: Build-Depends on dh-apparmor. - add debian/apparmor-profile*. - debian/ntp.dirs: Add apparmor directories. - debian/rules: Install apparmor-profile and apparmor-profile.tunable. - debian/source_ntp.py: Add filter on AppArmor profile names to prevent false positives from denials originating in other packages. - debian/README.Debian: Add note on AppArmor. + debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before running ntpdate when an interface comes up, then start again afterwards. + debian/ntp.init, debian/rules: Only stop when entering single user mode, don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can get stale. Patch by Simon Déziel. + debian/ntp.conf, debian/ntpdate.default: Change default server to ntp.ubuntu.com. + debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y). * Includes fix for requests with source ports < 123, fixed upstream in 4.2.8p1 (LP: #1479652). * Add PPS support (LP: #1512980): + debian/README.Debian: Add a PPS section to the README.Debian, removed all PPSkit one. + debian/ntp.conf: Add some configuration examples from the offical documentation. + debian/control: Add Build-Depends on pps-tools * Drop Changes: + debian/rules: Update config.{guess,sub} for AArch64, because upstream use dh_autoreconf now. + debian/{control,rules}: Add and enable hardened build for PIE. Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is never applied, (cf. dpkg-buildflags manual), checked with Marc Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC. + debian/rules: Remove update-rcd-params in dh_installinit command. When setting up ntp package, the following message is presented to the user due to deprecated use: "update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults". The defaults are taken from the init.d script LSB comment header, which contain what we need anyway. + debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed. + debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock now. + Remove natty timeframe old deltas (transitional code not needed since Trusty): Those patches were for an incorrect behaviour of system-tools-backend, around natty time (https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23) - debian/ntpdate-debian: Disregard empty ntp.conf files. - debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation. + debian/ntp.dhcp: Rewrite sed rules. This was done incorrectly as pointed out in LP 575458. This decision is explained in detail there. * All previous ubuntu security patches/fixes have been upstreamed: + CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-7703, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7702, CVE-2015-7701, CVE-2015-7704, CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853, CVE-2015-7855, CVE-2015-7871, CVE-2015-1798, CVE-2015-1799, CVE-2014-9297, CVE-2014-9298, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296 + Fix to ignore ENOBUFS on routing netlink socket + Fix use-after-free in routing socket code + ntp-keygen infinite loop or lack of randonmess on big endian platforms -- Pierre-André MOREY <email address hidden> Fri, 5 Feb 2016 18:28:52 +0100
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.7) trusty; urgency=medium * Use a single lockfile again - instead unlock the file before starting the init script. The lock sho uld be shared - both services can't run at the same time. (LP: #1125726) -- Cam Cope <email address hidden> Tue, 19 Jan 2016 10:22:39 +0000
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu3.8) precise; urgency=medium * Use a single lockfile again - instead unlock the file before starting the init script. The lock sho uld be shared - both services can't run at the same time. (LP: #1125726) -- Cam Cope <email address hidden> Tue, 19 Jan 2016 10:20:07 +0000
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu9) xenial; urgency=medium [ Cam Cope ] * Use a single lockfile again - instead unlock the file before starting the init script. The lock sho uld be shared - both services can't run at the same time. (LP: #1125726) -- Iain Lane <email address hidden> Mon, 07 Dec 2015 13:38:16 +0000
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu6.3) vivid; urgency=medium * Fix use-after-free in routing socket code (closes: #795315) - debian/patches/use-after-free-in-routing-socket.patch: fix logic in ntpd/ntp_io.c (LP: #1481388) -- Eric Desrochers <email address hidden> Thu, 29 Oct 2015 09:18:12 -0400
ntp (1:4.2.6.p3+dfsg-1ubuntu3.7) precise; urgency=medium * Fix use-after-free in routing socket code (closes: #795315) - debian/patches/use-after-free-in-routing-socket.patch: fix logic in ntpd/ntp_io.c (LP: #1481388) -- Eric Desrochers <email address hidden> Thu, 29 Oct 2015 09:47:20 -0400
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.6) trusty; urgency=medium * Fix use-after-free in routing socket code (closes: #795315) - debian/patches/use-after-free-in-routing-socket.patch: fix logic in ntpd/ntp_io.c (LP: #1481388) -- Eric Desrochers <email address hidden> Thu, 29 Oct 2015 09:34:22 -0400
ntp (1:4.2.6.p3+dfsg-1ubuntu3.6) precise-security; urgency=medium * SECURITY UPDATE: denial of service via crafted NUL-byte in configuration directive - debian/patches/CVE-2015-5146.patch: properly validate command in ntpd/ntp_control.c. - CVE-2015-5146 * SECURITY UPDATE: denial of service via malformed logconfig commands - debian/patches/CVE-2015-5194.patch: fix logconfig logic in ntpd/ntp_parser.y. - CVE-2015-5194 * SECURITY UPDATE: denial of service via disabled statistics type - debian/patches/CVE-2015-5195.patch: handle unrecognized types in ntpd/ntp_config.c. - CVE-2015-5195 * SECURITY UPDATE: file overwrite via remote pidfile and driftfile configuration directives - debian/patches/CVE-2015-5196.patch: disable remote configuration in ntpd/ntp_parser.y. - CVE-2015-5196 - CVE-2015-7703 * SECURITY UPDATE: denial of service via precision value conversion - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in include/ntp.h. - CVE-2015-5219 * SECURITY UPDATE: timeshifting by reboot issue - debian/patches/CVE-2015-5300.patch: disable panic in ntpd/ntp_loopfilter.c. - CVE-2015-5300 * SECURITY UPDATE: incomplete autokey data packet length checks - debian/patches/CVE-2015-7691.patch: add length and size checks to ntpd/ntp_crypto.c. - CVE-2015-7691 - CVE-2015-7692 - CVE-2015-7702 * SECURITY UPDATE: memory leak in CRYPTO_ASSOC - debian/patches/CVE-2015-7701.patch: add missing free in ntpd/ntp_crypto.c. - CVE-2015-7701 * SECURITY UPDATE: denial of service by spoofed KoD - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c. - CVE-2015-7704 - CVE-2015-7705 * SECURITY UPDATE: denial of service via same logfile and keyfile - debian/patches/CVE-2015-7850.patch: rate limit errors in include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c, libntp/msyslog.c. - CVE-2015-7850 * SECURITY UPDATE: ntpq atoascii memory corruption - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in ntpq/ntpq.c. - CVE-2015-7852 * SECURITY UPDATE: buffer overflow via custom refclock driver - debian/patches/CVE-2015-7853.patch: properly calculate length in ntpd/ntp_io.c. - CVE-2015-7853 * SECURITY UPDATE: denial of service via ASSERT in decodenetnum - debian/patches/CVE-2015-7855.patch: simply return fail in libntp/decodenetnum.c. - CVE-2015-7855 * SECURITY UPDATE: symmetric association authentication bypass via crypto-NAK - debian/patches/CVE-2015-7871.patch: drop unhandled packet in ntpd/ntp_proto.c. - CVE-2015-7871 * debian/control: add bison to Build-Depends. * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. * This package does _not_ contain the changes from (1:4.2.6.p3+dfsg-1ubuntu3.5) in precise-proposed. -- Marc Deslauriers <email address hidden> Fri, 23 Oct 2015 11:57:50 -0400
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu6.2) vivid-security; urgency=medium * SECURITY UPDATE: denial of service via crafted NUL-byte in configuration directive - debian/patches/CVE-2015-5146.patch: properly validate command in ntpd/ntp_control.c. - CVE-2015-5146 * SECURITY UPDATE: denial of service via malformed logconfig commands - debian/patches/CVE-2015-5194.patch: fix logconfig logic in ntpd/ntp_parser.y. - CVE-2015-5194 * SECURITY UPDATE: denial of service via disabled statistics type - debian/patches/CVE-2015-5195.patch: handle unrecognized types in ntpd/ntp_config.c. - CVE-2015-5195 * SECURITY UPDATE: file overwrite via remote pidfile and driftfile configuration directives - debian/patches/CVE-2015-5196.patch: disable remote configuration in ntpd/ntp_parser.y. - CVE-2015-5196 - CVE-2015-7703 * SECURITY UPDATE: denial of service via precision value conversion - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in include/ntp.h. - CVE-2015-5219 * SECURITY UPDATE: timeshifting by reboot issue - debian/patches/CVE-2015-5300.patch: disable panic in ntpd/ntp_loopfilter.c. - CVE-2015-5300 * SECURITY UPDATE: incomplete autokey data packet length checks - debian/patches/CVE-2015-7691.patch: add length and size checks to ntpd/ntp_crypto.c. - CVE-2015-7691 - CVE-2015-7692 - CVE-2015-7702 * SECURITY UPDATE: memory leak in CRYPTO_ASSOC - debian/patches/CVE-2015-7701.patch: add missing free in ntpd/ntp_crypto.c. - CVE-2015-7701 * SECURITY UPDATE: denial of service by spoofed KoD - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c. - CVE-2015-7704 - CVE-2015-7705 * SECURITY UPDATE: denial of service via same logfile and keyfile - debian/patches/CVE-2015-7850.patch: rate limit errors in include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c, libntp/msyslog.c. - CVE-2015-7850 * SECURITY UPDATE: ntpq atoascii memory corruption - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in ntpq/ntpq.c. - CVE-2015-7852 * SECURITY UPDATE: buffer overflow via custom refclock driver - debian/patches/CVE-2015-7853.patch: properly calculate length in ntpd/ntp_io.c. - CVE-2015-7853 * SECURITY UPDATE: denial of service via ASSERT in decodenetnum - debian/patches/CVE-2015-7855.patch: simply return fail in libntp/decodenetnum.c. - CVE-2015-7855 * SECURITY UPDATE: symmetric association authentication bypass via crypto-NAK - debian/patches/CVE-2015-7871.patch: drop unhandled packet in ntpd/ntp_proto.c. - CVE-2015-7871 * debian/control: add bison to Build-Depends. * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. * This package does _not_ contain the changes from (1:4.2.6.p5+dfsg-3ubuntu6.1) in vivid-proposed. -- Marc Deslauriers <email address hidden> Fri, 23 Oct 2015 11:42:22 -0400
Available diffs
Superseded in xenial-release |
Superseded in wily-updates |
Deleted in xenial-proposed (Reason: moved to release) |
Obsolete in wily-security |
ntp (1:4.2.6.p5+dfsg-3ubuntu8.1) wily-security; urgency=medium * SECURITY UPDATE: denial of service via crafted NUL-byte in configuration directive - debian/patches/CVE-2015-5146.patch: properly validate command in ntpd/ntp_control.c. - CVE-2015-5146 * SECURITY UPDATE: denial of service via malformed logconfig commands - debian/patches/CVE-2015-5194.patch: fix logconfig logic in ntpd/ntp_parser.y. - CVE-2015-5194 * SECURITY UPDATE: denial of service via disabled statistics type - debian/patches/CVE-2015-5195.patch: handle unrecognized types in ntpd/ntp_config.c. - CVE-2015-5195 * SECURITY UPDATE: file overwrite via remote pidfile and driftfile configuration directives - debian/patches/CVE-2015-5196.patch: disable remote configuration in ntpd/ntp_parser.y. - CVE-2015-5196 - CVE-2015-7703 * SECURITY UPDATE: denial of service via precision value conversion - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in include/ntp.h. - CVE-2015-5219 * SECURITY UPDATE: timeshifting by reboot issue - debian/patches/CVE-2015-5300.patch: disable panic in ntpd/ntp_loopfilter.c. - CVE-2015-5300 * SECURITY UPDATE: incomplete autokey data packet length checks - debian/patches/CVE-2015-7691.patch: add length and size checks to ntpd/ntp_crypto.c. - CVE-2015-7691 - CVE-2015-7692 - CVE-2015-7702 * SECURITY UPDATE: memory leak in CRYPTO_ASSOC - debian/patches/CVE-2015-7701.patch: add missing free in ntpd/ntp_crypto.c. - CVE-2015-7701 * SECURITY UPDATE: denial of service by spoofed KoD - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c. - CVE-2015-7704 - CVE-2015-7705 * SECURITY UPDATE: denial of service via same logfile and keyfile - debian/patches/CVE-2015-7850.patch: rate limit errors in include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c, libntp/msyslog.c. - CVE-2015-7850 * SECURITY UPDATE: ntpq atoascii memory corruption - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in ntpq/ntpq.c. - CVE-2015-7852 * SECURITY UPDATE: buffer overflow via custom refclock driver - debian/patches/CVE-2015-7853.patch: properly calculate length in ntpd/ntp_io.c. - CVE-2015-7853 * SECURITY UPDATE: denial of service via ASSERT in decodenetnum - debian/patches/CVE-2015-7855.patch: simply return fail in libntp/decodenetnum.c. - CVE-2015-7855 * SECURITY UPDATE: symmetric association authentication bypass via crypto-NAK - debian/patches/CVE-2015-7871.patch: drop unhandled packet in ntpd/ntp_proto.c. - CVE-2015-7871 * debian/control: add bison to Build-Depends. * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. -- Marc Deslauriers <email address hidden> Thu, 22 Oct 2015 16:38:14 -0400
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.5) trusty-security; urgency=medium * SECURITY UPDATE: denial of service via crafted NUL-byte in configuration directive - debian/patches/CVE-2015-5146.patch: properly validate command in ntpd/ntp_control.c. - CVE-2015-5146 * SECURITY UPDATE: denial of service via malformed logconfig commands - debian/patches/CVE-2015-5194.patch: fix logconfig logic in ntpd/ntp_parser.y. - CVE-2015-5194 * SECURITY UPDATE: denial of service via disabled statistics type - debian/patches/CVE-2015-5195.patch: handle unrecognized types in ntpd/ntp_config.c. - CVE-2015-5195 * SECURITY UPDATE: file overwrite via remote pidfile and driftfile configuration directives - debian/patches/CVE-2015-5196.patch: disable remote configuration in ntpd/ntp_parser.y. - CVE-2015-5196 - CVE-2015-7703 * SECURITY UPDATE: denial of service via precision value conversion - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in include/ntp.h. - CVE-2015-5219 * SECURITY UPDATE: timeshifting by reboot issue - debian/patches/CVE-2015-5300.patch: disable panic in ntpd/ntp_loopfilter.c. - CVE-2015-5300 * SECURITY UPDATE: incomplete autokey data packet length checks - debian/patches/CVE-2015-7691.patch: add length and size checks to ntpd/ntp_crypto.c. - CVE-2015-7691 - CVE-2015-7692 - CVE-2015-7702 * SECURITY UPDATE: memory leak in CRYPTO_ASSOC - debian/patches/CVE-2015-7701.patch: add missing free in ntpd/ntp_crypto.c. - CVE-2015-7701 * SECURITY UPDATE: denial of service by spoofed KoD - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c. - CVE-2015-7704 - CVE-2015-7705 * SECURITY UPDATE: denial of service via same logfile and keyfile - debian/patches/CVE-2015-7850.patch: rate limit errors in include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c, libntp/msyslog.c. - CVE-2015-7850 * SECURITY UPDATE: ntpq atoascii memory corruption - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in ntpq/ntpq.c. - CVE-2015-7852 * SECURITY UPDATE: buffer overflow via custom refclock driver - debian/patches/CVE-2015-7853.patch: properly calculate length in ntpd/ntp_io.c. - CVE-2015-7853 * SECURITY UPDATE: denial of service via ASSERT in decodenetnum - debian/patches/CVE-2015-7855.patch: simply return fail in libntp/decodenetnum.c. - CVE-2015-7855 * SECURITY UPDATE: symmetric association authentication bypass via crypto-NAK - debian/patches/CVE-2015-7871.patch: drop unhandled packet in ntpd/ntp_proto.c. - CVE-2015-7871 * debian/control: add bison to Build-Depends. * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. * This package does _not_ contain the changes from (1:4.2.6.p5+dfsg-3ubuntu2.14.04.4) in trusty-proposed. -- Marc Deslauriers <email address hidden> Fri, 23 Oct 2015 11:47:46 -0400
Available diffs
Superseded in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
ntp (1:4.2.6.p5+dfsg-3ubuntu8) wily; urgency=medium * debian/ntp.init: Don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can get stale. Patch by Simon Déziel. (LP: #1472056) -- Iain Lane <email address hidden> Fri, 02 Oct 2015 10:45:41 +0100
Available diffs
Deleted in trusty-proposed (Reason: moved to -updates) |
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.4) trusty; urgency=medium * Fix use-after-free in routing socket code (LP: #1481388) - debian/patches/use-after-free-in-routing-socket.patch fix logic in ntpd/ntp_io.c * Fix to ignore ENOBUFS on routing netlink socket - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch fix logic in ntpd/ntp_io.c -- Eric Desrochers <email address hidden> Thu, 27 Aug 2015 09:45:58 -0400
Available diffs
Deleted in precise-proposed (Reason: moved to -updates) |
ntp (1:4.2.6.p3+dfsg-1ubuntu3.5) precise; urgency=medium * Fix use-after-free in routing socket code (LP: #1481388) - debian/patches/use-after-free-in-routing-socket.patch fix logic in ntpd/ntp_io.c * Fix to ignore ENOBUFS on routing netlink socket - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch fix logic in ntpd/ntp_io.c -- Eric Desrochers <email address hidden> Wed, 26 Aug 2015 15:07:58 -0400
Available diffs
Deleted in vivid-proposed (Reason: moved to -updates) |
ntp (1:4.2.6.p5+dfsg-3ubuntu6.1) vivid; urgency=medium * Fix use-after-free in routing socket code (LP: #1481388) - debian/patches/use-after-free-in-routing-socket.patch fix logic in ntpd/ntp_io.c * Fix to ignore ENOBUFS on routing netlink socket - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch fix logic in ntpd/ntp_io.c -- Eric Desrochers <email address hidden> Tue, 01 Sep 2015 10:50:22 -0400
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu7) wily; urgency=medium * Fix use-after-free in routing socket code (LP: #1481388) - debian/patches/use-after-free-in-routing-socket.patch fix logic in ntpd/ntp_io.c * Fix to ignore ENOBUFS on routing netlink socket - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch fix logic in ntpd/ntp_io.c -- Eric Desrochers <email address hidden> Wed, 02 Sep 2015 09:57:16 -0400
Available diffs
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
ntp (1:4.2.6.p5+dfsg-3ubuntu6) vivid; urgency=medium * SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big endian platforms - debian/patches/ntp-keygen-endless-loop.patch: fix logic in util/ntp-keygen.c. - CVE number pending -- Marc Deslauriers <email address hidden> Mon, 13 Apr 2015 08:58:57 -0400
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu3.4) precise-security; urgency=medium * SECURITY UPDATE: symmetric key unauthenticated packet MITM attack - debian/patches/CVE-2015-1798.patch: reject packets without MAC in ntpd/ntp_proto.c. - CVE-2015-1798 * SECURITY UPDATE: symmetric association DoS attack - debian/patches/CVE-2015-1799.patch: don't update state variables when authentication fails in ntpd/ntp_proto.c. - CVE-2015-1799 * SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big endian platforms - debian/patches/ntp-keygen-endless-loop.patch: fix logic in util/ntp-keygen.c. - CVE number pending -- Marc Deslauriers <email address hidden> Mon, 13 Apr 2015 09:06:54 -0400
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.10.3) utopic-security; urgency=medium * SECURITY UPDATE: symmetric key unauthenticated packet MITM attack - debian/patches/CVE-2015-1798.patch: reject packets without MAC in ntpd/ntp_proto.c. - CVE-2015-1798 * SECURITY UPDATE: symmetric association DoS attack - debian/patches/CVE-2015-1799.patch: don't update state variables when authentication fails in ntpd/ntp_proto.c. - CVE-2015-1799 * SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big endian platforms - debian/patches/ntp-keygen-endless-loop.patch: fix logic in util/ntp-keygen.c. - CVE number pending -- Marc Deslauriers <email address hidden> Mon, 13 Apr 2015 09:04:07 -0400
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.3) trusty-security; urgency=medium * SECURITY UPDATE: symmetric key unauthenticated packet MITM attack - debian/patches/CVE-2015-1798.patch: reject packets without MAC in ntpd/ntp_proto.c. - CVE-2015-1798 * SECURITY UPDATE: symmetric association DoS attack - debian/patches/CVE-2015-1799.patch: don't update state variables when authentication fails in ntpd/ntp_proto.c. - CVE-2015-1799 * SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big endian platforms - debian/patches/ntp-keygen-endless-loop.patch: fix logic in util/ntp-keygen.c. - CVE number pending -- Marc Deslauriers <email address hidden> Mon, 13 Apr 2015 09:05:27 -0400
ntp (1:4.2.6.p5+dfsg-3ubuntu5) vivid; urgency=medium * SECURITY UPDATE: symmetric key unauthenticated packet MITM attack - debian/patches/CVE-2015-1798.patch: reject packets without MAC in ntpd/ntp_proto.c. - CVE-2015-1798 * SECURITY UPDATE: symmetric association DoS attack - debian/patches/CVE-2015-1799.patch: don't update state variables when authentication fails in ntpd/ntp_proto.c. - CVE-2015-1799 -- Marc Deslauriers <email address hidden> Tue, 07 Apr 2015 12:48:31 -0400
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu4) vivid; urgency=medium * SECURITY UPDATE: denial of service and possible info leakage via extension fields - debian/patches/CVE-2014-9297.patch: properly check lengths in ntpd/ntp_crypto.c, ntpd/ntp_proto.c. - CVE-2014-9297 * SECURITY UPDATE: IPv6 ACL bypass - debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in ntpd/ntp_io.c. - CVE-2014-9298 -- Marc Deslauriers <email address hidden> Mon, 09 Feb 2015 13:03:44 -0500
Available diffs
ntp (1:4.2.4p8+dfsg-1ubuntu2.3) lucid-security; urgency=medium * SECURITY UPDATE: denial of service and possible info leakage via extension fields - debian/patches/CVE-2014-9297.patch: properly check lengths in ntpd/ntp_crypto.c, ntpd/ntp_proto.c. - CVE-2014-9297 * SECURITY UPDATE: IPv6 ACL bypass - debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in ntpd/ntp_io.c. - CVE-2014-9298 -- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 09:32:14 -0500
ntp (1:4.2.6.p3+dfsg-1ubuntu3.3) precise-security; urgency=medium * SECURITY UPDATE: denial of service and possible info leakage via extension fields - debian/patches/CVE-2014-9297.patch: properly check lengths in ntpd/ntp_crypto.c, ntpd/ntp_proto.c. - CVE-2014-9297 * SECURITY UPDATE: IPv6 ACL bypass - debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in ntpd/ntp_io.c. - CVE-2014-9298 -- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 09:10:56 -0500
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.2) trusty-security; urgency=medium * SECURITY UPDATE: denial of service and possible info leakage via extension fields - debian/patches/CVE-2014-9297.patch: properly check lengths in ntpd/ntp_crypto.c, ntpd/ntp_proto.c. - CVE-2014-9297 * SECURITY UPDATE: IPv6 ACL bypass - debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in ntpd/ntp_io.c. - CVE-2014-9298 -- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 09:10:10 -0500
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.10.2) utopic-security; urgency=medium * SECURITY UPDATE: denial of service and possible info leakage via extension fields - debian/patches/CVE-2014-9297.patch: properly check lengths in ntpd/ntp_crypto.c, ntpd/ntp_proto.c. - CVE-2014-9297 * SECURITY UPDATE: IPv6 ACL bypass - debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in ntpd/ntp_io.c. - CVE-2014-9298 -- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 09:00:05 -0500
ntp (1:4.2.6.p5+dfsg-3ubuntu3) vivid; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv(), ctl_putdata(), configure() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 * SECURITY UPDATE: missing return on error in receive() - debian/patches/CVE-2015-9296.patch: add missing return in ntpd/ntp_proto.c. - CVE-2014-9296 -- Marc Deslauriers <email address hidden> Sat, 20 Dec 2014 05:47:10 -0500
Available diffs
ntp (1:4.2.4p8+dfsg-1ubuntu2.2) lucid-security; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv() and ctl_putdata() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 -- Marc Deslauriers <email address hidden> Sat, 20 Dec 2014 06:31:53 -0500
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv(), ctl_putdata(), configure() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 * SECURITY UPDATE: missing return on error in receive() - debian/patches/CVE-2015-9296.patch: add missing return in ntpd/ntp_proto.c. - CVE-2014-9296 -- Marc Deslauriers <email address hidden> Sat, 20 Dec 2014 06:06:22 -0500
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu3.2) precise-security; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv(), ctl_putdata(), configure() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 * SECURITY UPDATE: missing return on error in receive() - debian/patches/CVE-2015-9296.patch: add missing return in ntpd/ntp_proto.c. - CVE-2014-9296 -- Marc Deslauriers <email address hidden> Sat, 20 Dec 2014 06:07:49 -0500
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.10.1) utopic-security; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv(), ctl_putdata(), configure() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 * SECURITY UPDATE: missing return on error in receive() - debian/patches/CVE-2015-9296.patch: add missing return in ntpd/ntp_proto.c. - CVE-2014-9296 -- Marc Deslauriers <email address hidden> Sat, 20 Dec 2014 06:04:24 -0500
Available diffs
Superseded in vivid-release |
Obsolete in utopic-release |
Published in trusty-release |
Obsolete in saucy-release |
Deleted in saucy-proposed (Reason: moved to release) |
ntp (1:4.2.6.p5+dfsg-3ubuntu2) saucy; urgency=low * debian/apparmor-profile: fix spurious noisy denials (LP: #1237508) -- Jamie Strandboge <email address hidden> Wed, 09 Oct 2013 12:28:02 -0500
Available diffs
ntp (1:4.2.6.p5+dfsg-3ubuntu1) saucy; urgency=low * Merge from Debian testing to regain crypto support (LP: #1236065). Remaining changes: + debian/ntp.conf, debian/ntpdate.default: Change default server to ntp.ubuntu.com. + debian/ntpdate.if-up: Stop ntp before running ntpdate when an interface comes up, then start again afterwards. + debian/ntp.init, debian/rules: Only stop when entering single user mode. + Add enforcing AppArmor profile: - debian/control: Add Conflicts/Replaces on apparmor-profiles. - debian/control: Add Suggests on apparmor. - debian/ntp.dirs: Add apparmor directories. - debian/ntp.preinst: Force complain on certain upgrades. - debian/ntp.postinst: Reload apparmor profile. - debian/ntp.postrm: Remove the force-complain file. - add debian/apparmor-profile*. - debian/rules: install apparmor-profile and apparmor-profile.tunable. - debian/README.Debian: Add note on AppArmor. + debian/{control,rules}: Add and enable hardened build for PIE. + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. + debian/ntpdate-debian: Disregard empty ntp.conf files. + debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation. + debian/ntpdate.if-up: Fix interaction with openntpd. + debian/source_ntp.py: Add filter on AppArmor profile names to prevent false positives from denials originating in other packages. + debian/rules: Update config.{guess,sub} for AArch64.
Available diffs
ntp (1:4.2.6.p5+dfsg-2ubuntu3) saucy; urgency=low * Update config.{guess,sub} for AArch64. -- Matthias Klose <email address hidden> Mon, 05 Aug 2013 18:51:48 +0200
Available diffs
ntp (1:4.2.6.p5+dfsg-2ubuntu2) saucy; urgency=low * debian/apparmor-profile: Add /var/log/ntpstats/protostats* (LP: #1195898) -- Jamie Strandboge <email address hidden> Fri, 05 Jul 2013 10:06:47 -0500
Available diffs
Superseded in saucy-release |
Obsolete in raring-release |
Deleted in raring-proposed (Reason: moved to release) |
ntp (1:4.2.6.p5+dfsg-2ubuntu1) raring; urgency=low * New upstream version, fixing build failure in raring. * Merge with Debian; remaining changes: + debian/ntp.conf, debian/ntpdate.default: Change default server to ntp.ubuntu.com. + debian/ntpdate.ifup: Stop ntp before running ntpdate when an interface comes up, then start again afterwards. + debian/ntp.init, debian/rules: Only stop when entering single user mode. + Add enforcing AppArmor profile: - debian/control: Add Conflicts/Replaces on apparmor-profiles. - debian/control: Add Suggests on apparmor. - debian/ntp.dirs: Add apparmor directories. - debian/ntp.preinst: Force complain on certain upgrades. - debian/ntp.postinst: Reload apparmor profile. - debian/ntp.postrm: Remove the force-complain file. - add debian/apparmor-profile*. - debian/rules: install apparmor-profile and apparmor-profile.tunable. - debian/README.Debian: Add note on AppArmor. + debian/{control,rules}: Add and enable hardened build for PIE. + debian/apparmor-profile: Adjust location of drift files. + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. + debian/ntpdate-debian: Disregard empty ntp.conf files. + debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation. + debian/ntpdate.ifup: Fix interaction with openntpd. + debian/source_ntp.py: Add filter on AppArmor profile names to prevent false positives from denials originating in other packages. + debian/apparmor-profile: Add samba4 ntp signing socket to ntpd apparmor profile. + debian/apparmor-profile: adjust for IPv6.
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu5) quantal; urgency=low * debian/source_ntp.py: add filter on AppArmor profile names to prevent false positives from denials originating in other packages. -- Marc Deslauriers <email address hidden> Mon, 20 Aug 2012 10:13:30 -0400
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu3.1) precise-proposed; urgency=low * Re-enable crypto support by pointing openssl libdir to multiarch dir, change backported from Debian, thanks Yves-Alexis Perez (lp: #998403) -- Sebastien Bacher <email address hidden> Mon, 04 Jun 2012 16:35:25 +0200
Available diffs
Superseded in quantal-release |
ntp (1:4.2.6.p3+dfsg-1ubuntu4) quantal; urgency=low * Re-enable crypto support by pointing openssl libdir to multiarch dir, change backported from Debian, thanks Yves-Alexis Perez (lp: #998403) -- Sebastien Bacher <email address hidden> Mon, 04 Jun 2012 16:35:25 +0200
Available diffs
ntp (1:4.2.6.p3+dfsg-1ubuntu3) precise; urgency=low * debian/apparmor-profile: Add samba4 ntp signing socket to ntpd apparmor profile (LP: #930266) * debian/control: Build-Depends on dh-apparmor -- Jamie Strandboge <email address hidden> Tue, 06 Mar 2012 08:06:06 -0600
Available diffs
Superseded in precise-release |
ntp (1:4.2.6.p3+dfsg-1ubuntu2) precise; urgency=low * debian/apparmor-profile: adjust for IPv6 (LP: #892332) -- Jamie Strandboge <email address hidden> Tue, 03 Jan 2012 17:03:44 -0600
Available diffs
Superseded in precise-release |
ntp (1:4.2.6.p3+dfsg-1ubuntu1) precise; urgency=low * Merge from debian unstable, remaining changes are: + debian/ntp.conf, debian/ntpdate.default: Change default server to ntp.ubuntu.com. + debian/ntpdate.ifup: Stop ntp before running ntpdate when an interface comes up, then start again afterwards. + debian/ntp.init, debian/rules: Only stop when entering single user mode. + Add enforcing AppArmor profile (LP: #382905): - debian/control: add Conflicts/Replaces on apparmor-profiles < 2.3.1+1403-0ubuntu10 (since we are now shipping usr.sbin.ntpd) and apparmor < 2.3.1+1403-0ubuntu10 (since we are now shipping tunables/ntpd) - debian/control: add Suggests on apparmor - debian/ntp.dirs: add apparmor directories - debian/ntp.preinst: force complain on certain upgrades - debian/ntp.postinst: reload apparmor profile - debian/ntp.postrm: remove the force-complain file - add debian/apparmor-profile* - debian/rules: install apparmor-profile and apparmor-profile.tunable - debian/README.Debian: add note on AppArmor + debian/{control,rules}: add and enable hardened build for PIE (Debian bug 542721). + debian/apparmor-profile: adjust location of drift files (LP: #456308) + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. + debian/ntpdate-debian: Disregard empty ntp.conf files. (LP: #83604) + debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation, to work around the system-tools-backends part of LP #83604. + debian/ntpdate.ifup: Fix interaction with openntpd. (LP: #877210) + Dropped: - ntpdate-accept-same-timestamp-replies.patch: Accepted upstream -- Chuck Short <email address hidden> Wed, 26 Oct 2011 10:24:21 -0400
Available diffs
Superseded in precise-release |
ntp (1:4.2.6.p2+dfsg-1ubuntu13) precise; urgency=low * debian/ntpdate.if-up: Fix interaction with openntpd, LP: #872210 -- Reinhard Tartler <email address hidden> Tue, 11 Oct 2011 12:33:01 +0200
Available diffs
51 → 100 of 171 results | First • Previous • Next • Last |