1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
PublicDateAtUSN: 2015-02-05
Candidate: CVE-2014-9298
PublicDate: 2015-10-05
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298
http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so
http://www.ubuntu.com/usn/usn-2497-1
Description:
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750,
CVE-2014-9751. Reason: this ID was intended for one issue, but was
associated with two issues. Notes: All CVE users should consult
CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All
references and descriptions in this candidate have been removed to prevent
accidental usage.
Ubuntu-Description:
Notes:
Bugs:
http://bugs.ntp.org/show_bug.cgi?id=2672 (not yet public)
Priority: medium
Discovered-by: Stephen Roettger
Assigned-to: mdeslaur
Patches_ntp:
upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=54922b65gDSbE4G7c3JjkuK1Tv33qQ
upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5492d2879rotbnnuVch_ZC3RAfS8AA
upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5493f333hALqPcXLR4-76bC6j-16xQ
upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5496213frLaEz5PHLZVhuYjM7Lalkw
upstream: http://bk1.ntp.org/ntp-stable/ntpd/ntp_io.c?PAGE=diffs&REV=54a0f621LdfQSkkWKUKN6PaFbH25_Q
upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=54c2228bpOp4_zrX9aGXdMEZJEGzkg
vendor: https://www.debian.org/security/2015/dsa-3154
upstream_ntp: released (1:4.2.6.p5+dfsg-4)
lucid_ntp: released (1:4.2.4p8+dfsg-1ubuntu2.3)
precise_ntp: released (1:4.2.6.p3+dfsg-1ubuntu3.3)
trusty_ntp: released (1:4.2.6.p5+dfsg-3ubuntu2.14.04.2)
utopic_ntp: released (1:4.2.6.p5+dfsg-3ubuntu2.14.10.2)
devel_ntp: released (4.2.6.p5+dfsg-3ubuntu4)
|