[linux-sparc-announce] LFSSA-2016-0021 Linux for SPARC 1.0 ntp security update
Announcements for Linux for SPARC
linux-sparc-announce at oss.oracle.com
Tue Jan 26 09:02:35 PST 2016
Linux for SPARC Security Advisory LFSSA-2016-0021
The following updated rpms for Linux for SPARC 1.0 have been uploaded to
the yum.oracle.com:
sparc64:
ntp-4.2.6p5-5.el6_7.4.sparc64.rpm
ntpdate-4.2.6p5-5.el6_7.4.sparc64.rpm
ntp-doc-4.2.6p5-5.el6_7.4.noarch.rpm
ntp-perl-4.2.6p5-5.el6_7.4.sparc64.rpm
SRPMS:
http://yum.oracle.com/repo/linux_sparc64/latest/ntp-4.2.6p5-5.el6_7.4.src.rpm
Description of changes:
[4.2.6p5-5.el6_7.4]
- don't accept server/peer packets with zero origin timestamp
(CVE-2015-8138)
[4.2.6p5-5.el6_7.2]
- check origin timestamp before accepting KoD RATE packet (CVE-2015-7704)
- allow only one step larger than panic threshold with -g (CVE-2015-5300)
More information about the linux-sparc-announce
mailing list