This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu5.3
--------------- ntp (1:4.2.8p4+dfsg-3ubuntu5.3) xenial-security; urgency=medium
* SECURITY UPDATE: Deja Vu replay attack on authenticated broadcast mode - debian/patches/CVE-2015-7973.patch: improve timestamp verification in include/ntp.h, ntpd/ntp_proto.c. - CVE-2015-7973 * SECURITY UPDATE: impersonation between authenticated peers - debian/patches/CVE-2015-7974.patch: check key ID in ntpd/ntp_proto.c. - CVE-2015-7974 * SECURITY UPDATE: ntpq buffer overflow - debian/patches/CVE-2015-7975.patch: add length check to ntpq/ntpq.c. - CVE-2015-7975 * SECURITY UPDATE: ntpq saveconfig command allows dangerous characters in filenames - debian/patches/CVE-2015-7976.patch: check filename in ntpd/ntp_control.c. - CVE-2015-7976 * SECURITY UPDATE: restrict list denial of service - debian/patches/CVE-2015-7977-7978.patch: improve restrict list processing in ntpd/ntp_request.c. - CVE-2015-7977 - CVE-2015-7978 * SECURITY UPDATE: authenticated broadcast mode off-path denial of service - debian/patches/CVE-2015-7979.patch: add more checks to ntpd/ntp_proto.c. - CVE-2015-7979 - CVE-2016-1547 * SECURITY UPDATE: Zero Origin Timestamp Bypass - debian/patches/CVE-2015-8138.patch: check p_org in ntpd/ntp_proto.c. - CVE-2015-8138 * SECURITY UPDATE: potential infinite loop in ntpq - debian/patches/CVE-2015-8158.patch: add time checks to ntpdc/ntpdc.c, ntpq/ntpq.c. - CVE-2015-8158 * SECURITY UPDATE: NTP statsdir cleanup cronjob insecure (LP: #1528050) - debian/ntp.cron.daily: fix security issues, patch thanks to halfdog! - CVE-2016-0727 * SECURITY UPDATE: time spoofing via interleaved symmetric mode - debian/patches/CVE-2016-1548.patch: check for bogus packets in ntpd/ntp_proto.c. - CVE-2016-1548 * SECURITY UPDATE: buffer comparison timing attacks - debian/patches/CVE-2016-1550.patch: use CRYPTO_memcmp in libntp/a_md5encrypt.c, sntp/crypto.c. - CVE-2016-1550 * SECURITY UPDATE: DoS via duplicate IPs on unconfig directives - debian/patches/CVE-2016-2516.patch: improve logic in ntpd/ntp_request.c. - CVE-2016-2516 * SECURITY UPDATE: denial of service via crafted addpeer - debian/patches/CVE-2016-2518.patch: check mode value in ntpd/ntp_request.c. - CVE-2016-2518 * SECURITY UPDATE: denial of service via spoofed packets - debian/patches/CVE-2016-4954.patch: discard packet that fails tests in ntpd/ntp_proto.c. - CVE-2016-4954 * SECURITY UPDATE: denial of service via spoofed crypto-NAK or incorrect MAC - debian/patches/CVE-2016-4955.patch: fix checks in ntpd/ntp_proto.c. - CVE-2016-4955 * SECURITY UPDATE: denial of service via spoofed broadcast packet - debian/patches/CVE-2016-4956.patch: properly handle switch in broadcast interleaved mode in ntpd/ntp_proto.c. - CVE-2016-4956
-- Marc Deslauriers <email address hidden> Wed, 05 Oct 2016 08:01:29 -0400
This bug was fixed in the package ntp - 1:4.2.8p4+ dfsg-3ubuntu5. 3
--------------- 8p4+dfsg- 3ubuntu5. 3) xenial-security; urgency=medium
ntp (1:4.2.
* SECURITY UPDATE: Deja Vu replay attack on authenticated broadcast mode patches/ CVE-2015- 7973.patch: improve timestamp verification in ntp.h, ntpd/ntp_proto.c. patches/ CVE-2015- 7974.patch: check key ID in ntpd/ntp_proto.c. patches/ CVE-2015- 7975.patch: add length check to ntpq/ntpq.c. patches/ CVE-2015- 7976.patch: check filename in ntp_control. c. patches/ CVE-2015- 7977-7978. patch: improve restrict list patches/ CVE-2015- 7979.patch: add more checks to ntp_proto. c. patches/ CVE-2015- 8138.patch: check p_org in ntpd/ntp_proto.c. patches/ CVE-2015- 8158.patch: add time checks to ntpdc/ntpdc.c, ntp.cron. daily: fix security issues, patch thanks to halfdog! patches/ CVE-2016- 1548.patch: check for bogus packets in ntp_proto. c. patches/ CVE-2016- 1550.patch: use CRYPTO_memcmp in a_md5encrypt. c, sntp/crypto.c. patches/ CVE-2016- 2516.patch: improve logic in ntp_request. c. patches/ CVE-2016- 2518.patch: check mode value in ntp_request. c. patches/ CVE-2016- 4954.patch: discard packet that fails tests patches/ CVE-2016- 4955.patch: fix checks in ntpd/ntp_proto.c. patches/ CVE-2016- 4956.patch: properly handle switch in
- debian/
include/
- CVE-2015-7973
* SECURITY UPDATE: impersonation between authenticated peers
- debian/
- CVE-2015-7974
* SECURITY UPDATE: ntpq buffer overflow
- debian/
- CVE-2015-7975
* SECURITY UPDATE: ntpq saveconfig command allows dangerous characters in
filenames
- debian/
ntpd/
- CVE-2015-7976
* SECURITY UPDATE: restrict list denial of service
- debian/
processing in ntpd/ntp_request.c.
- CVE-2015-7977
- CVE-2015-7978
* SECURITY UPDATE: authenticated broadcast mode off-path denial of
service
- debian/
ntpd/
- CVE-2015-7979
- CVE-2016-1547
* SECURITY UPDATE: Zero Origin Timestamp Bypass
- debian/
- CVE-2015-8138
* SECURITY UPDATE: potential infinite loop in ntpq
- debian/
ntpq/ntpq.c.
- CVE-2015-8158
* SECURITY UPDATE: NTP statsdir cleanup cronjob insecure (LP: #1528050)
- debian/
- CVE-2016-0727
* SECURITY UPDATE: time spoofing via interleaved symmetric mode
- debian/
ntpd/
- CVE-2016-1548
* SECURITY UPDATE: buffer comparison timing attacks
- debian/
libntp/
- CVE-2016-1550
* SECURITY UPDATE: DoS via duplicate IPs on unconfig directives
- debian/
ntpd/
- CVE-2016-2516
* SECURITY UPDATE: denial of service via crafted addpeer
- debian/
ntpd/
- CVE-2016-2518
* SECURITY UPDATE: denial of service via spoofed packets
- debian/
in ntpd/ntp_proto.c.
- CVE-2016-4954
* SECURITY UPDATE: denial of service via spoofed crypto-NAK or incorrect
MAC
- debian/
- CVE-2016-4955
* SECURITY UPDATE: denial of service via spoofed broadcast packet
- debian/
broadcast interleaved mode in ntpd/ntp_proto.c.
- CVE-2016-4956
-- Marc Deslauriers <email address hidden> Wed, 05 Oct 2016 08:01:29 -0400