[Oraclevm-errata] OVMSA-2015-0102 Oracle VM 3.3 ntp security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Jul 30 20:33:13 PDT 2015

Oracle VM Security Advisory OVMSA-2015-0102

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- reject packets without MAC when authentication is enabled (CVE-2015-1798)
- protect symmetric associations with symmetric key against DoS attack
- fix generation of MD5 keys with ntp-keygen on big-endian systems
- log when stepping clock for leap second or ignoring it with -x (#1204625)

- fix typos in ntpd man page (#1194463)

- validate lengths of values in extension fields (CVE-2014-9297)
- drop packets with spoofed source address ::1 (CVE-2014-9298)
- add nanosecond support to SHM refclock (#1117704)
- allow creating all SHM segments with owner-only access (#1122015)
- allow symmetric keys up to 32 bytes again (#1053551)
- fix calculation of root dispersion (#1045376)
- fix crash in ntpq mreadvar command (#1165141)
- don't step clock for leap second with -x option (#1190619)
- don't drop packets with source port below 123 (#1171630)
- use larger RSA exponent in ntp-keygen (#1184421)
- refresh peers on routing updates (#1193850)
- increase memlock limit again (#1053568)
- warn when monitor can't be disabled due to limited restrict (#1166596)
- improve documentation of restrict command (#1069019)
- update logconfig documentation for patched default (#1193849)
- don't build ntpsnmpd (#995134)

More information about the Oraclevm-errata mailing list