Fedora 25 NTP Update FEDORA-2017-5ebac1c112 Critical DoS and Buffer Issues

fedora

March 29, 2017

Security fix for CVE-2017-6464 CVE-2017-6462 CVE-2017-6463 CVE-2017-6458 CVE-2017-6451.

Summary

The Network Time Protocol (NTP) is used to synchronize a computer's

time with another reference time source. This package includes ntpd

(a daemon which continuously adjusts system time) and utilities used

to query and configure the ntpd daemon.

Perl scripts ntp-wait and ntptrace are in the ntp-perl package,

ntpdate is in the ntpdate package and sntp is in the sntp package.

The documentation is in the ntp-doc package.

Update Information:

Security fix for CVE-2017-6464 CVE-2017-6462 CVE-2017-6463 CVE-2017-6458 CVE-2017-6451.

Topics Covered

security advisory buffer overflow critical Fedora DoS ntp service patch

Change Log

References

[ 1 ] Bug #1434011 - CVE-2017-6451 ntp: Improper use of snprintf() in mx4200_send() https://bugzilla.redhat.com/show_bug.cgi?id=1434011 [ 2 ] Bug #1434005 - CVE-2017-6458 ntp: Potential Overflows in ctl_put() functions https://bugzilla.redhat.com/show_bug.cgi?id=1434005 [ 3 ] Bug #1434002 - CVE-2017-6463 ntp: Authenticated DoS via Malicious Config Option https://bugzilla.redhat.com/show_bug.cgi?id=1434002 [ 4 ] Bug #1433995 - CVE-2017-6462 ntp: Buffer Overflow in DPTS Clock https://bugzilla.redhat.com/show_bug.cgi?id=1433995 [ 5 ] Bug #1433987 - CVE-2017-6464 ntp: Denial of Service via Malformed Config https://bugzilla.redhat.com/show_bug.cgi?id=1433987

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade ntp' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity

critical

Lowest

Low

Medium

High

Critical

Name: ntp

Product: Fedora 25

Version: 4.2.6p5

Release: 44.fc25

URL: http://www.ntp.org

Summary: The NTP daemon and utilities

Topics Covered

security advisory buffer overflow critical Fedora DoS ntp service patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 25 NTP Update FEDORA-2017-5ebac1c112 Critical DoS and Buffer Issues

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 25 NTP Update FEDORA-2017-5ebac1c112 Critical DoS and Buffer Issues

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!