[Buildroot] [PATCH] ntp: security bump to version 4.2.8p6
Peter Korsgaard
peter at korsgaard.com
Wed Jan 20 14:44:55 UTC 2016
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> CVE-2015-7973 - Deja Vu: Replay attack on authenticated broadcast mode
> CVE-2015-7974 - Skeleton Key: Missing key check allows impersonation
> between authenticated peers
> CVE-2015-7975 - nextvar() missing length check
> CVE-2015-7976 - ntpq saveconfig command allows dangerous characters in
> filenames
> CVE-2015-7977 - reslist NULL pointer dereference
> CVE-2015-7978 - Stack exhaustion in recursive traversal of restriction
> list
> CVE-2015-7979 - Off-path Denial of Service (DoS) attack on authenticated
> broadcast mode
> CVE-2015-8137 - origin: Zero Origin Timestamp Bypass
> CVE-2015-8158 - Potential Infinite Loop in ntpq
Wow :/
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list