drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in NTP
Name: |
Mehrere Probleme in NTP |
|
ID: |
SSA:2016-155-01 |
|
Distribution: |
Slackware |
|
Plattformen: |
Slackware -current, Slackware 13.0, Slackware x86_64 13.0, Slackware x86_64 -current, Slackware x86_64 13.1, Slackware 13.1, Slackware x86_64 13.37, Slackware 13.37, Slackware 14.0, Slackware x86_64 14.0, Slackware 14.1, Slackware x86_64 14.1 |
|
Datum: |
Sa, 4. Juni 2016, 08:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955 |
|
Applikationen: |
NTP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] ntp (SSA:2016-155-01)
New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p8-i486-1_slack14.1.txz: Upgraded. This release patches one high and four low severity security issues: CVE-2016-4957: Crypto-NAK crash CVE-2016-4953: Bad authentication demobilizes ephemeral associations CVE-2016-4954: Processing spoofed server packets CVE-2016-4955: Autokey association reset CVE-2016-4956: Broadcast interleave For more information, see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956 (* Security fix *) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ntp-4.2.8p8-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ntp-4.2.8p8-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ntp-4.2.8p8-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ntp-4.2.8p8-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ntp-4.2.8p8-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ntp-4.2.8p8-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ntp-4.2.8p8-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ntp-4.2.8p8-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ntp-4.2.8p8-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ntp-4.2.8p8-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ntp-4.2.8p8-i586-1.txz
Updated package for Slackware x86_64 -current: ntp-4.2.8p8-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 358ead6ad06921c4c44080d18e7ee18d ntp-4.2.8p8-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: d4e7ffeee3aa9ddf2b66d60bc1c441b7 ntp-4.2.8p8-x86_64-1_slack13.0.txz
Slackware 13.1 package: 9795894dfa014305a38be8fb5b800d0d ntp-4.2.8p8-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 4e74c4a21286e3c2b22b998b1c886f62 ntp-4.2.8p8-x86_64-1_slack13.1.txz
Slackware 13.37 package: a3822c5035ee4ab8729fb5f10b279aff ntp-4.2.8p8-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 80a6353b42a35cf570683f3cf776b264 ntp-4.2.8p8-x86_64-1_slack13.37.txz
Slackware 14.0 package: 6f077cb40ad50e26c92185432fd54a77 ntp-4.2.8p8-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: a1cbdf25dfcb470edf07975cceb620c2 ntp-4.2.8p8-x86_64-1_slack14.0.txz
Slackware 14.1 package: 69d7124410f59ee235e781d2753ee4bb ntp-4.2.8p8-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 9ae3c7b444d3fd29b50cefeeafea57bf ntp-4.2.8p8-x86_64-1_slack14.1.txz
Slackware -current package: 5a5a3926459e7dbe8bacf5b8d7b14c64 n/ntp-4.2.8p8-i586-1.txz
Slackware x86_64 -current package: b2569c6a8111660566160f98bce2a7dc n/ntp-4.2.8p8-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root: # upgradepkg ntp-4.2.8p8-i486-1_slack14.1.txz
Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iEYEARECAAYFAldSFVsACgkQakRjwEAQIjPccwCfS8Fgz2gq7mNcclIwg8kl8Rpw l8IAn0fcEo5HaqRgGBVJL+a1VX/kfbED =atDM -----END PGP SIGNATURE-----
|
|
|
|