Stay Secure with the Latest Linux Advisories

security advisoryupdateFedora

Fedora 37: 2023-C0762A0E57 Critical: NTP-Refclock DoS Attack Fix

Update to latest ntp-refclock and ntp, which fixes CVE-2023-26555.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-c0762a0e57 2023-06-14 00:40:28.127451 --------------------------------------------------------------------------------Name : ntp-refclock Product : Fedora 37 Version : 0.6 Release : 1.fc37 URL : https://github.com/mlichvar/ntp-refclock Summary : Drivers for hardware reference clocks Description : ntp-refclock is a wrapper for reference clock drivers included in the ntpd daemon, which enables other NTP implementations to use the supported hardware reference clocks for synchronization of the system clock. It provides a minimal environment for the drivers to be able to run in a separate process, measuring the offset of the system clock relative to the reference clock and sending the measurements to another process controlling the system clock. --------------------------------------------------------------------------------Update Information: Update to latest ntp-refclock and ntp, which fixes CVE-2023-26555. --------------------------------------------------------------------------------ChangeLog: * Thu Jun 1 2023 Miroslav Lichvar 0.6-1 - update ntp-refclock to 0.6 and ntp to 4.2.8p16 * Thu Jan 19 2023 Fedora Release Engineering - 0.5-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Dec 16 2022 Florian Weimer - 0.5-5 - Port configure scripts to C99 --------------------------------------------------------------------------------References: [ 1 ] Bug #2186494 - CVE-2023-26555 ntp: an out-of-bounds write may lead to a DoS https://bugzilla.redhat.com/show_bug.cgi?id=2186494 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c0762a0e57' at the command line. For more information, refer tothe dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Improvements to ntp-refclock for mitigating DoS vulnerabilities in Fedora 37. Maintain system integrity by applying updates for essential security concerns.. NTP Refclock Update,Fedora Security Advisory,DoS Threat Fix,System Clock Sync,Software Patch. . Severity: Critical. LinuxSecurity.com Team

Jun 14, 2023 •Critical Fedora