ubuntu/+source/ntp:applied/ubuntu/zesty-security

Last commit made on 2017-07-05
Get this branch:
git clone -b applied/ubuntu/zesty-security https://git.launchpad.net/ubuntu/+source/ntp
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/zesty-security
Repository:
lp:ubuntu/+source/ntp

Recent commits

6cad25d... by Marc Deslauriers on 2017-06-28

Import patches-applied version 1:4.2.8p9+dfsg-2ubuntu1.1 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 7904e8b6291a72909352a08bc82589f752dd7c62
Unapplied parent: e33d1a6675806ff70ee9fd7ee0937f945f8d0d4e

New changelog entries:
  * SECURITY UPDATE: DoS in the origin timestamp check
    - debian/patches/CVE-2016-9042.patch: comment out broken code in
      ntpd/ntp_proto.c.
    - CVE-2016-9042
  * SECURITY UPDATE: potential Overflows in ctl_put() functions
    - debian/patches/CVE-2017-6458.patch: check lengths in
      ntpd/ntp_control.c.
    - CVE-2017-6458
  * SECURITY UPDATE: overflow via long flagstr variable
    - debian/patches/CVE-2017-6460.patch: check length in ntpq/ntpq-subs.c.
    - CVE-2017-6460
  * SECURITY UPDATE: buffer overflow in DPTS refclock driver
    - debian/patches/CVE-2017-6462.patch: don't overrun buffer in
      ntpd/refclock_datum.c.
    - CVE-2017-6462
  * SECURITY UPDATE: DoS via invalid setting in a :config directive
    - debian/patches/CVE-2017-6463.patch: protect against overflow in
      ntpd/ntp_config.c.
    - CVE-2017-6463
  * SECURITY UPDATE: Dos via malformed mode configuration directive
    - debian/patches/CVE-2017-6464.patch: validate directives in
      ntpd/ntp_config.c, ntpd/ntp_proto.c.
    - CVE-2017-6464

e33d1a6... by Marc Deslauriers on 2017-06-28

CVE-2017-6464.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2017-6464.patch.

e901b19... by Marc Deslauriers on 2017-06-28

CVE-2017-6463.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2017-6463.patch.

a4f968c... by Marc Deslauriers on 2017-06-28

CVE-2017-6462.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2017-6462.patch.

6858c3c... by Marc Deslauriers on 2017-06-28

CVE-2017-6460.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2017-6460.patch.

5cc950f... by Marc Deslauriers on 2017-06-28

CVE-2017-6458.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2017-6458.patch.

8b01579... by Marc Deslauriers on 2017-06-28

CVE-2016-9042.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2016-9042.patch.

2409e51... by Marc Deslauriers on 2017-06-28

libedit.patch

No DEP3 Subject or Description header found

Gbp-Pq: libedit.patch.

867259f... by Marc Deslauriers on 2017-06-28

openssl-disable-check.patch

No DEP3 Subject or Description header found

Gbp-Pq: openssl-disable-check.patch.

39d6784... by Marc Deslauriers on 2017-06-28

runtime check for capabilities

Gbp-Pq: ntpd-linux-caps-runtime.patch.