What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-5816
2015-04-09 04:56:47
--------------------------------------------------------------------------------

Name        : chrony
Product     : Fedora 21
Version     : 1.31.1
Release     : 1.fc21
URL         : Summary     : An NTP client/server
Description :
A client/server for the Network Time Protocol, this program keeps your
computer's clock accurate. It was specially designed to support
systems with intermittent internet connections, but it also works well
in permanently connected environments. It can use also hardware reference
clocks, system real-time clock or manual input as time references.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr  8 2015 Miroslav Lichvar  1.31.1-1
- update to 1.31.1 (CVE-2015-1853 CVE-2015-1821 CVE-2015-1822)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1209631 - CVE-2015-1821 chrony: Heap out of bound write in address filter
        https://bugzilla.redhat.com/show_bug.cgi?id=1209631
  [ 2 ] Bug #1209572 - CVE-2015-1853 chrony: authentication doesn't protect symmetric associations against DoS attacks
        https://bugzilla.redhat.com/show_bug.cgi?id=1209572
  [ 3 ] Bug #1209632 - CVE-2015-1822 chrony: uninitialized pointer in cmdmon reply slots
        https://bugzilla.redhat.com/show_bug.cgi?id=1209632
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update chrony' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 21: chrony Security Update

April 22, 2015
Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822

Summary

A client/server for the Network Time Protocol, this program keeps your

computer's clock accurate. It was specially designed to support

systems with intermittent internet connections, but it also works well

in permanently connected environments. It can use also hardware reference

clocks, system real-time clock or manual input as time references.

Update Information:

Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822

Change Log

* Wed Apr 8 2015 Miroslav Lichvar 1.31.1-1 - update to 1.31.1 (CVE-2015-1853 CVE-2015-1821 CVE-2015-1822)

References

[ 1 ] Bug #1209631 - CVE-2015-1821 chrony: Heap out of bound write in address filter https://bugzilla.redhat.com/show_bug.cgi?id=1209631 [ 2 ] Bug #1209572 - CVE-2015-1853 chrony: authentication doesn't protect symmetric associations against DoS attacks https://bugzilla.redhat.com/show_bug.cgi?id=1209572 [ 3 ] Bug #1209632 - CVE-2015-1822 chrony: uninitialized pointer in cmdmon reply slots https://bugzilla.redhat.com/show_bug.cgi?id=1209632

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update chrony' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : chrony
Product : Fedora 21
Version : 1.31.1
Release : 1.fc21
URL : Summary : An NTP client/server

Related News

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Nov 17, 2023

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo