Viewing all changes in revision 30.
- Committer: Bazaar Package Importer
- Date: 2009-05-19 15:26:41 UTC
- Revision ID: james.westby@ubuntu.com-20090519152641-ctb02x7tfqv5e9a8
* SECURITY UPDATE: stack overflow in ntpd when autokey is enabled
- debian/patches/CVE-2009-1252.patch: update ntpd/ntp_crypto.c to use
snprintf() with NTP_MAXSTRLEN when writing to statstr. Also defensively
adjust ntp_peer.c and ntp_timer.c to do the same.
- CVE-2009-1252
* SECURITY UPDATE: stack overflow in ntpq when contacting malicious ntp
server
- debian/patches/CVE-2009-0159.patch: increase size of buffer in
cookedprint() in ntpq/ntpq.c and adjust to use snprintf()
- CVE-2009-0159
- debian/patches/CVE-2009-1252.patch: update ntpd/ntp_crypto.c to use
snprintf() with NTP_MAXSTRLEN when writing to statstr. Also defensively
adjust ntp_peer.c and ntp_timer.c to do the same.
- CVE-2009-1252
* SECURITY UPDATE: stack overflow in ntpq when contacting malicious ntp
server
- debian/patches/CVE-2009-0159.patch: increase size of buffer in
cookedprint() in ntpq/ntpq.c and adjust to use snprintf()
- CVE-2009-0159
- files added:
- debian/patches/CVE-2009-0159.patch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
