Ubuntu
ntp package

lp:ubuntu/dapper-security/ntp

Dapper (6.06)
dapper-security

Created by James Westby on 2009-06-26 and last modified on 2009-12-03

Get this branch:: bzr branch lp:ubuntu/dapper-security/ntp

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

14. By Jamie Strandboge on 2009-12-03: * SECURITY UPDATE: fix DoS with mode 7 (MODE_PRIVATE) packets
  - update ntpd/ntp_request.c to not send a response packet for and rate
    limit logging of invalid mode 7 requests and responses
  - CVE-2009-3563
13. By Jamie Strandboge on 2009-05-13: * SECURITY UPDATE: stack overflow in ntpd when autokey is enabled
  - update ntpd/ntp_crypto.c to use snprintf() with NTP_MAXSTRLEN when
    writing to statstr. Also defensively adjust ntp_peer.c and ntp_timer.c
    to do the same.
  - CVE-2009-1252
* SECURITY UPDATE: stack overflow in ntpq when contacting malicious ntp
  server
  - increase size of buffer in cookedprint() in ntpq/ntpq.c and adjust to
    use snprintf()
  - CVE-2009-0159
12. By Jamie Strandboge on 2009-01-06: * SECURITY UPDATE: clients treat malformed signatures as good when verifying
  server DSA and ECDSA certificates.
  - update ntpd/ntp_crypto.c to properly check the return code of
    EVP_VerifyFinal()
  - CVE-2009-0021
11. By Adam Conrad on 2006-05-29: Call dh_installinit with --error-handler=true, which will prevent
ntp-server's prerm and postinst from bombing out on upgrades from
previous broken versions. ntp-{simple,refclock} still try to
restart the server in their postinst, so it won't be left dead.
10. By Adam Conrad on 2006-05-28: Attempt to create the ntp user in ntp-server's postinst, as the
dependency loops between ntp-server and ntp-means we have no
way of knowing which gets configured first (launchpad.net/33351)
9. By Scott James Remnant (Canonical) on 2006-05-17: Hide output from ntpdate unless ifup is run with -v.
8. By Scott James Remnant (Canonical) on 2006-02-08: Ignore errors from ntpdate, otherwise the interface might not come
fully up.
7. By Scott James Remnant (Canonical) on 2006-01-04: Remove ntpdate init script, instead install a script in
/etc/network/if-up.d that sets the clock whenever we bring up a network
interface.
6. By Colin Watson on 2005-11-01: * Resynchronise with Debian.
* Use ntp.ubuntu.com rather than ntp.ubuntulinux.org.
5. By Fabio Massimo Di Nitto on 2005-09-09: Fix error message in ntp-server init script.
(Closes: #14726)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/ntp

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuntp package