webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 11:35:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,864 Commits 2 Branches 1 Tag
8076deba79f9bbd4e551fdfe1eb49e8a77b2c19e
Commit Graph

23 Commits

Author SHA1 Message Date
Matthias Fischer
db5360ee9a ntp: Update to 4.2.8p12 
For details see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-08-24 12:17:57 +01:00
Matthias Fischer
d536c178ec ntp: Update to 4.2.8p11 
For details see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

"This release addresses five security issues in ntpd:

	LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral
	association attack
		While fixed in ntp-4.2.8p7, there are significant additional protections for
		this issue in 4.2.8p11.
		Reported by Matt Van Gundy of Cisco.
	INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun
	leads to undefined behavior and information leak
		Reported by Yihan Lian of Qihoo 360.
	LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations
		Reported on the questions@ list.
	LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover
	from bad state
		Reported by Miroslav Lichvar of Red Hat.
	LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset
	authenticated interleaved association
		Reported by Miroslav Lichvar of Red Hat.

one security issue in ntpq:

	MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write beyond its
	buffer limit
		Reported by Michael Macnair of Thales-esecurity.com.

and provides over 33 bugfixes and 32 other improvements."

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-07 18:44:04 +00:00
Matthias Fischer
776363274f ntp: Update to 4.2.8p10 
"It addresses 6 medum- and 5 low-severity security issues, 4 informational security topics,
15 bugfixes, and contains other improvements over 4.2.8p9."

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2017-03-28 17:20:31 +01:00
Matthias Fischer
31986a351c ntp: Update to 4.2.8p9 
"It addresses 1 high-, 2 medium-, 2 medium-/low-, and 5 low-severity
security issues, 28 bugfixes, and contains other improvements over 4.2.8p8."

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-12-06 14:15:19 +00:00
Matthias Fischer
6ce32b1d84 ntp: Update to 4.2.8p8 
It addresses 1 high- and 4 low--severity security issues, 4 bugfixes,
and contains other improvements over 4.2.8p7.

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-06-16 09:27:56 +01:00
Matthias Fischer
51f69a4653 ntp: Update to 4.2.8p7 
It addresses 11 low- and medium-severity security issues, 16 bugfixes,
and contains other improvements over 4.2.8p6.

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-06-16 09:27:53 +01:00
Matthias Fischer
2e45b1125b ntp: Update to 4.2.8p6 
"...addresses 9 low- and medium-severity security issues, 10 bugfixes,
and contains other improvements over 4.2.8p5."

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-06-16 09:27:50 +01:00
Matthias Fischer
c1de76704a ntp: Update to 4.2.8p5 
"...addresses 1 medium-severity security issue, 14 bugfixes,
and contains other improvements over 4.2.8p4."

For a complete list, see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-01-10 21:18:20 +00:00
Michael Tremer
429524c040 ntp: Prefer local clock 
For some reason, ntp won't use a local clock even if it is
there and up and running. Therefore we need to "prefer" our
only source of time.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Tested-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
 2015-12-15 12:49:27 +00:00
Michael Tremer
93d6eed9a4 ntp: Fix syncing with local clock 
This is a bug that was introduced with the latest release
from upstream

Fixes #10997
Upstream: http://bugs.ntp.org/show_bug.cgi?id=2965

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-12-15 12:39:19 +00:00
Matthias Fischer
6e11539dc2 ntp: Update to 4.2.8p4 
ntp-Update to 4.2.8p4, regarding "13 low- and medium-severity vulnerabilities".

For a complete list, see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-10-26 13:08:53 +00:00
Michael Tremer
d77dfa7342 ntp: Update to 4.2.8 
Adresses:
CVE-2014-9293: ntp: automatic generation of weak default key in config_auth()
CVE-2014-9294: ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys
CVE-2014-9295: ntp: Multiple buffer overflows via specially-crafted packets
CVE-2014-9296: ntp: receive() missing return on error
 2014-12-22 12:43:26 +01:00
Michael Tremer
585df65af1 Fix relocating NTP binaries. 2014-02-24 19:37:20 +01:00
Michael Tremer
27b2adbf4f ntp: Update to 4.2.6p5. 2014-02-21 11:54:14 +01:00
Arne Fitzenreiter
3118e3a24e ntp: new enabled at default 
Fix ipfire ntp server defaults.
Fix symlink problem if ntp was disabled.
 2010-12-02 16:30:11 +01:00
root
45192ff26f add compile options for DCF77-Clocks 2009-11-12 10:09:06 +01:00
Arne Fitzenreiter
3bf9b58e4d Updated ntp to 4.2.4p7 2009-05-22 00:03:31 +02:00
ms
70df830214 Ein Paar Dateien fuer die GPLv3 angepasst. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@853 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2007-08-29 13:25:32 +00:00
ms
fd3e7da032 Zwischencommit fuer LFS. 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@324 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-10-15 20:25:07 +00:00
ms
a2cb3a3305 Quellenupdate u.a. wegen Serverausfall bei Sourceforge.net 
Wir haben die Absicht den Sourcecode auf eigenen Servern zu hosten!


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@117 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-05-16 11:01:06 +00:00
ms
45405baaf8 Quellenupdate! wireless, ntp, shadow, uClibc 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@108 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-05-01 19:47:04 +00:00
ms
3ea75603a6 Webinterface gefixt. 
Ohne Anmeldung kommt man im Webinterface nichtmehr auf die Index-Seite.
Berkeley-DB neu implementiert.
Postfix geht jetzt.
Graphs gefixt.
IPCop-Updates gelöscht.



git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@82 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
 2006-03-22 19:11:17 +00:00
ipfire
cd1a292722 git-svn-id: http://svn.ipfire.org/svn/ipfire/IPFire/source@16 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 2006-02-15 21:15:54 +00:00