Overview

File _patchinfo of Package patchinfo.2325

<patchinfo incident="2325">
  <issue id="962988" tracker="bnc">VUL-1: CVE-2015-7975: ntp: nextvar() missing length check in ntpq</issue>
  <issue id="962995" tracker="bnc">VUL-0: CVE-2015-7973: ntp,xntp: replay attack on authenticated broadcast mode</issue>
  <issue id="951559" tracker="bnc">sntp prints wrong offset to UTC during DST</issue>
  <issue id="962970" tracker="bnc">VUL-0: CVE-2015-7977: ntp,xntp: restriction list NULL pointer dereference</issue>
  <issue id="962960" tracker="bnc">VUL-1: CVE-2015-7974: ntp,xntp: Missing key check allows impersonation between authenticated peers</issue>
  <issue id="962802" tracker="bnc">VUL-1: CVE-2015-7976: ntp,xntp: 'ntpq saveconfig' command allows dangerous characters in filenames</issue>
  <issue id="962966" tracker="bnc">VUL-1: CVE-2015-8158: ntp,xntp: potential infinite loop in ntpq</issue>
  <issue id="962784" tracker="bnc">VUL-0: CVE-2015-7979: ntp,xntp: off-path denial of service on authenticated broadcast mode</issue>
  <issue id="916617" tracker="bnc">sntp command line syntax has changed</issue>
  <issue id="963002" tracker="bnc">VUL-0: CVE-2015-8138: ntp, xntp: Zero Origin Timestamp Bypass</issue>
  <issue id="951629" tracker="bnc">VUL-0: CVE-2015-5300: ntp: MITM attacker can force ntpd to make a step larger than the panic threshold</issue>
  <issue id="963000" tracker="bnc">VUL-0: CVE-2015-7978: ntp, xntp: Stack exhaustion in recursive traversal of restriction list</issue>
  <issue id="956773" tracker="bnc">ntp:  routing socket reports: No buffer space available</issue>
  <issue id="962994" tracker="bnc">VUL-0: CVE-2015-8140: ntp,xntp: ntpq protocol vulnerable to replay attacks</issue>
  <issue id="962997" tracker="bnc">VUL-1: CVE-2015-8139: ntp, xntp: Disclose Origin Timestamp to Unauthenticated Clients</issue>
  <issue id="975496" tracker="bnc">sntp prints invalid datestr</issue>
  <issue id="782060" tracker="bnc">ntpq is very slow</issue>
  <issue id="962318" tracker="bnc">NTP client doesn`t work in "synchronize without daemon" mode</issue>
  <issue id="975981" tracker="bnc">[TRACKERBUG] FATE#320758: Enable MSSNTP in ntp package</issue>
  <issue id="937837" tracker="bnc">sntp command line syntax has changed</issue>
  <issue id="CVE-2015-7973" tracker="cve" />
  <issue id="CVE-2015-7976" tracker="cve" />
  <issue id="CVE-2015-7977" tracker="cve" />
  <issue id="CVE-2015-7974" tracker="cve" />
  <issue id="CVE-2015-7975" tracker="cve" />
  <issue id="CVE-2015-7978" tracker="cve" />
  <issue id="CVE-2015-7979" tracker="cve" />
  <issue id="CVE-2015-8139" tracker="cve" />
  <issue id="CVE-2015-8138" tracker="cve" />
  <issue id="CVE-2015-8140" tracker="cve" />
  <issue id="CVE-2015-5300" tracker="cve" />
  <issue id="CVE-2015-8158" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>rmax</packager>
  <description>ntp was updated to version 4.2.8p6 to fix 12 security issues.

Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)

These security issues were fixed:
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).

These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP
  (--enable-ntp-signd).  This replaces the w32 patches in 4.2.4 that added
  the authreg directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
  When run as cron job, /usr/sbin/ is not in the path, which caused
  the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
</description>
  <summary>Security update for ntp</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places