Fedora 28: NTP Update 2019-694e3aa4e8 Critical Null Dereference

The Network Time Protocol (NTP) is used to synchronize a computer's

time with another reference time source. This package includes ntpd

(a daemon which continuously adjusts system time) and utilities used

to query and configure the ntpd daemon.

Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate

package and sntp is in the sntp package. The documentation in HTML

format is in the ntp-doc package.

Security fix for CVE-2019-8936

* Thu Mar 7 2019 Miroslav Lichvar 4.2.8p13-1

- update to 4.2.8p13 (CVE-2019-8936)

* Fri Feb 1 2019 Fedora Release Engineering - 4.2.8p12-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Wed Aug 15 2018 Miroslav Lichvar 4.2.8p12-1

- update to 4.2.8p12 (CVE-2018-12327 CVE-2018-7170)

* Fri Jul 13 2018 Fedora Release Engineering - 4.2.8p11-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[ 1 ] Bug #1686605 - CVE-2019-8936 ntp: Crafted null dereference attack in authenticated mode 6 packet

https://bugzilla.redhat.com/show_bug.cgi?id=1686605

su -c 'dnf upgrade --advisory FEDORA-2019-694e3aa4e8' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/