Overview
Request 265959 accepted
- bnc#910764: VU#852879 ntp security fixes
* A potential remote code execution problem was found inside
ntpd. The functions crypto_recv() (when using autokey
authentication), ctl_putdata(), and configure() where updated
to avoid buffer overflows that could be
exploited. (CVE-2014-9295)
* Furthermore a problem inside the ntpd error handling was found
that is missing a return statement. This could also lead to a
potentially attack vector. (CVE-2014-9296)
- ntp-CVE-2014-9295.patch and ntp-CVE-2014-9296.patch will be
obsoleted by the upcoming update to version 4.2.8.
Request History
rmax created request
- bnc#910764: VU#852879 ntp security fixes
* A potential remote code execution problem was found inside
ntpd. The functions crypto_recv() (when using autokey
authentication), ctl_putdata(), and configure() where updated
to avoid buffer overflows that could be
exploited. (CVE-2014-9295)
* Furthermore a problem inside the ntpd error handling was found
that is missing a return statement. This could also lead to a
potentially attack vector. (CVE-2014-9296)
- ntp-CVE-2014-9295.patch and ntp-CVE-2014-9296.patch will be
obsoleted by the upcoming update to version 4.2.8.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
{"approve": "license and version number unchanged: 4.2.6p5"}
factory-repo-checker accepted review
Builds for repo network:time/openSUSE_Factory
dimstar accepted review
ok
mlin7442 set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
mlin7442 accepted review
Picked openSUSE:Factory:Staging:F
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to Factory