[oe-commits] [meta-openembedded] 22/38: ntp: update to 4.2.8.p10
git at git.openembedded.org
git at git.openembedded.org
Wed Mar 29 10:09:18 UTC 2017
This is an automated email from the git hooks/post-receive script.
martin_jansa pushed a commit to branch master-next
in repository meta-openembedded.
commit 4ab907c68d72c99647e10be819196d2e02317cf0
Author: Armin Kuster <akuster at mvista.com>
AuthorDate: Fri Mar 24 09:22:55 2017 -0700
ntp: update to 4.2.8.p10
LICENSE_FILE md5 changed do to copyright date change.
NTF's NTP Project is releasing ntp-4.2.8p10, which addresses:
6 MEDIUM severity vulnerabilities (1 is about the Windows PPSAPI DLL)
5 LOW severity vulnerabilities (2 are in the Windows Installer)
4 Informational-level vulnerabilities
15 other non-security fixes and improvements
All of the security issues in this release are listed in VU#633849.
ntp-4.2.8p10 was released on 21 March 2017.
Sec 3389 / CVE-2017-6464 / VU#325339: NTP-01-016 NTP: Denial of Service via Malformed Config (Pentest report 01.2017)
Sec 3388 / CVE-2017-6462 / VU#325339: NTP-01-014 NTP: Buffer Overflow in DPTS Clock (Pentest report 01.2017)
Sec 3387 / CVE-2017-6463 / VU#325339: NTP-01-012 NTP: Authenticated DoS via Malicious Config Option (Pentest report 01.2017)
Sec 3386: NTP-01-011 NTP: ntpq_stripquotes() returns incorrect Value (Pentest report 01.2017)
Sec 3385: NTP-01-010 NTP: ereallocarray()/eallocarray() underused (Pentest report 01.2017)
Sec 3384 / CVE-2017-6455 / VU#325339: NTP-01-009 NTP: Windows: Privileged execution of User Library code (Pentest report 01.2017)
Sec 3383 / CVE-2017-6452 / VU#325339: NTP-01-008 NTP: Windows Installer: Stack Buffer Overflow from Command Line (Pentest report 01.2017)
Sec 3382 / CVE-2017-6459 / VU#325339: NTP-01-007 NTP: Windows Installer: Data Structure terminated insufficiently (Pentest report 01.2017)
Sec 3381: NTP-01-006 NTP: Copious amounts of Unused Code (Pentest report 01.2017)
Sec 3380: NTP-01-005 NTP: Off-by-one in Oncore GPS Receiver (Pentest report 01.2017)
Sec 3379 / CVE-2017-6458 / VU#325339: NTP-01-004 NTP: Potential Overflows in ctl_put() functions (Pentest report 01.2017)
Sec 3378 / CVE-2017-6451 / VU#325339: NTP-01-003 Improper use of snprintf() in mx4200_send() (Pentest report 01.2017)
Sec 3377 / CVE-2017-6460 / VU#325339: NTP-01-002 Buffer Overflow in ntpq when fetching reslist (Pentest report 01.2017)
Sec 3376: NTP-01-001 Makefile does not enforce Security Flags (Pentest report 01.2017)
Sec 3361 / CVE-2016-9042 / VU#325339: 0rigin
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa at gmail.com>
---
.../recipes-support/ntp/{ntp_4.2.8p9.bb => ntp_4.2.8p10.bb} | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p9.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb
similarity index 96%
rename from meta-networking/recipes-support/ntp/ntp_4.2.8p9.bb
rename to meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb
index 58b31c5..719c60b 100644
--- a/meta-networking/recipes-support/ntp/ntp_4.2.8p9.bb
+++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p10.bb
@@ -6,7 +6,7 @@ or satellite receiver or modem."
HOMEPAGE = "http://support.ntp.org"
SECTION = "net"
LICENSE = "NTP"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=f41fedb22dffefcbfafecc85b0f79cfa"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=e877a1d567a6a58996d2b66e3e387003"
DEPENDS = "libevent"
@@ -23,8 +23,8 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g
file://ntpd.list \
"
-SRC_URI[md5sum] = "857452b05f5f2e033786f77ade1974ed"
-SRC_URI[sha256sum] = "b724287778e1bac625b447327c9851eedef020517a3545625e9f652a90f30b72"
+SRC_URI[md5sum] = "745384ed0dedb3f66b33fe84d66466f9"
+SRC_URI[sha256sum] = "ddd2366e64219b9efa0f7438e06800d0db394ac5c88e13c17b70d0dcdf99b99f"
inherit autotools update-rc.d useradd systemd pkgconfig
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list