Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Fedora 23 NTP Update FEDORA-2016-5b2eb0bf9c Critical DoS Issues

fedora
Calendar Grey May 10, 2016
Dist Fedora Esm H88
Important update for NTP issued for Fedora 23, resolving various security flaws and strengthening overall system integrity.
Security fix for CVE-2016-1548, CVE-2016-2516, CVE-2016-2518, CVE-2016-1550

Summary

The Network Time Protocol (NTP) is used to synchronize a computer's

time with another reference time source. This package includes ntpd

(a daemon which continuously adjusts system time) and utilities used

to query and configure the ntpd daemon.

Perl scripts ntp-wait and ntptrace are in the ntp-perl package,

ntpdate is in the ntpdate package and sntp is in the sntp package.

The documentation is in the ntp-doc package.

Update Information:

Security fix for CVE-2016-1548, CVE-2016-2516, CVE-2016-2518, CVE-2016-1550

Change Log

References


[ 1 ] Bug #1331462 - CVE-2016-1548 ntp: ntpd switching to interleaved mode with spoofed packets https://bugzilla.redhat.com/show_bug.cgi?id=1331462 [ 2 ] Bug #1331466 - CVE-2016-2516 ntp: assertion failure in ntpd on duplicate IPs on unconfig directives https://bugzilla.redhat.com/show_bug.cgi?id=1331466 [ 3 ] Bug #1331468 - CVE-2016-2518 ntp: out-of-bounds references on crafted packet https://bugzilla.redhat.com/show_bug.cgi?id=1331468 [ 4 ] Bug #1331464 - CVE-2016-1550 ntp: libntp message digest disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1331464

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update ntp' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ntp
Product: Fedora 23
Version: 4.2.6p5
Release: 40.fc23
Summary: The NTP daemon and utilities

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.