path: root/package/config/confdata.c
diff options
authorGravatar S├ębastien Szymanski <sebastien.szymanski@armadeus.com>2020-03-30 13:21:44 +0200
committerGravatar Peter Korsgaard <peter@korsgaard.com>2020-04-03 10:04:25 +0200
commit9daf7483e9cf86d86797e799c73be80dbbbb9acf (patch)
tree3ce14590557b118e3b376507c95036c6b30011e5 /package/config/confdata.c
parentd7bd6520810d2a4e955ff5a30b6f35db50a1ca83 (diff)
package/ntp: security bump to version 4.2.8p14HEADmaster
"This release fixes three security issues in ntpd and provides 46 bugfixes and addresses 4 other issues." [1] NONE: Sec 3610: process_control() should bail earlier on short packets. MEDIUM: Sec 3596: Unauthenticated ntpd may be susceptible to IPv4 spoof attack from highly predictable transmit timestamps. MEDIUM: Sec 3592: DoS Attack on unauthenticated client. The fix for https://bugs.ntp.org/3445 introduced a bug whereby a system that is running ntp-4.2.8p12 (possibly earlier) or p13 that only has one unauthenticated time source can be attacked in a way that causes the victim's next poll to its source to be delayed, for as long as the attack is maintained. [1] http://support.ntp.org/bin/view/Main/SecurityNotice#March_2020_ntp_4_2_8p14_NTP_Rele The copyright year has changed in the COPYRIGHT file, so adjust the hash to match and adjust the spacing to match recent agreements: @@ -3,7 +3,7 @@ jpg "Clone me," says Dolly sheepishly. - Last update: 2-Jan-2017 11:58 UTC + Last update: 4-Feb-2020 23:47 UTC __________________________________________________________________ The following copyright notice applies to all files collectively called @@ -32,7 +32,7 @@ Burnicki is: *********************************************************************** * * -* Copyright (c) Network Time Foundation 2011-2017 * +* Copyright (c) Network Time Foundation 2011-2020 * * * * All Rights Reserved * * * Signed-off-by: S├ębastien Szymanski <sebastien.szymanski@armadeus.com> [Peter: clarify security impact, document COPYRIGHT change] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/config/confdata.c')
0 files changed, 0 insertions, 0 deletions