[Oraclevm-errata] OVMSA-2015-0102 Oracle VM 3.3 ntp security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Thu Jul 30 20:33:13 PDT 2015
Oracle VM Security Advisory OVMSA-2015-0102
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
ntp-4.2.6p5-5.el6.x86_64.rpm
ntpdate-4.2.6p5-5.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/ntp-4.2.6p5-5.el6.src.rpm
Description of changes:
[4.2.6p5-5]
- reject packets without MAC when authentication is enabled (CVE-2015-1798)
- protect symmetric associations with symmetric key against DoS attack
(CVE-2015-1799)
- fix generation of MD5 keys with ntp-keygen on big-endian systems
(CVE-2015-3405)
- log when stepping clock for leap second or ignoring it with -x (#1204625)
[4.2.6p5-4]
- fix typos in ntpd man page (#1194463)
[4.2.6p5-3]
- validate lengths of values in extension fields (CVE-2014-9297)
- drop packets with spoofed source address ::1 (CVE-2014-9298)
- add nanosecond support to SHM refclock (#1117704)
- allow creating all SHM segments with owner-only access (#1122015)
- allow symmetric keys up to 32 bytes again (#1053551)
- fix calculation of root dispersion (#1045376)
- fix crash in ntpq mreadvar command (#1165141)
- don't step clock for leap second with -x option (#1190619)
- don't drop packets with source port below 123 (#1171630)
- use larger RSA exponent in ntp-keygen (#1184421)
- refresh peers on routing updates (#1193850)
- increase memlock limit again (#1053568)
- warn when monitor can't be disabled due to limited restrict (#1166596)
- improve documentation of restrict command (#1069019)
- update logconfig documentation for patched default (#1193849)
- don't build ntpsnmpd (#995134)
More information about the Oraclevm-errata
mailing list