Fedora 21: chrony Security Update
Summary
A client/server for the Network Time Protocol, this program keeps your
computer's clock accurate. It was specially designed to support
systems with intermittent internet connections, but it also works well
in permanently connected environments. It can use also hardware reference
clocks, system real-time clock or manual input as time references.
Update Information:
Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822
Change Log
* Wed Apr 8 2015 Miroslav Lichvar
References
[ 1 ] Bug #1209631 - CVE-2015-1821 chrony: Heap out of bound write in address filter https://bugzilla.redhat.com/show_bug.cgi?id=1209631 [ 2 ] Bug #1209572 - CVE-2015-1853 chrony: authentication doesn't protect symmetric associations against DoS attacks https://bugzilla.redhat.com/show_bug.cgi?id=1209572 [ 3 ] Bug #1209632 - CVE-2015-1822 chrony: uninitialized pointer in cmdmon reply slots https://bugzilla.redhat.com/show_bug.cgi?id=1209632
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update chrony' at the command line. For more information, refer to "Managing Software with yum", available at .