ntp: security bump to version 4.2.8 - buildroot

diff options

author	Gustavo Zacarias <gustavo@zacarias.com.ar>	2014-12-22 11:26:59 -0300
committer	Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2014-12-23 11:36:07 +0100
commit	5d5c9a8dcb1f3385e70a2e089f6577c67eca59c3 (patch)
tree	9951c95608747cc60c4d95a9c7e84b93e082303e /package/lua/5.2.3/lua-02-shared-libs-for-lua.patch
parent	02b1975b787fa01c1115eca34adf309ac0830ada (diff)
download	buildroot-5d5c9a8dcb1f3385e70a2e089f6577c67eca59c3.tar.gz buildroot-5d5c9a8dcb1f3385e70a2e089f6577c67eca59c3.zip

ntp: security bump to version 4.2.8

Fixes: CVE-2014-9293 - ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd (or to exploit other vulnerabilities). CVE-2014-9294 - The ntp-keygen utility generated weak MD5 keys with insufficient entropy. CVE-2014-9295 - ntpd had several buffer overflows (both on the stack and in the data section), allowing remote authenticated attackers to crash ntpd or potentially execute arbitrary code. CVE-2014-9296 - The general packet processing function in ntpd did not handle an error case correctly. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

Diffstat (limited to 'package/lua/5.2.3/lua-02-shared-libs-for-lua.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: