[Oraclevm-errata] OVMSA-2015-0002 Important: Oracle VM 2.2 ntp security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Tue Jan 6 15:58:09 PST 2015
Oracle VM Security Advisory OVMSA-2015-0002
The following updated rpms for Oracle VM 2.2 have been uploaded to the
Unbreakable Linux Network:
i386:
ntp-4.2.2p1-18.el5_11.i386.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/2.2/SRPMS-updates/ntp-4.2.2p1-18.el5_11.src.rpm
Description of changes:
[4.2.2p1-18.el5]
- don't generate weak control key for resolver (CVE-2014-9293)
- don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294)
- fix buffer overflows via specially-crafted packets (CVE-2014-9295)
[4.2.2p1-17.el5]
- increase memlock limit again (#1035198)
[4.2.2p1-16.el5]
- allow selection of cipher for private key files (#741573)
[4.2.2p1-15.el5]
- revert init script priority (#470945, #689636)
- drop tentative patch (#489835)
- move restorecon call to %posttrans
[4.2.2p1-14.el5]
- call restorecon on ntpd and ntpdate on start (#470945)
[4.2.2p1-13.el5]
- don't crash with more than 512 local addresses (#661934)
- add -I option (#528799)
- fix -L option to not require argument (#460434)
- move ntpd and ntpdate to /sbin and start earlier on boot (#470945,
#689636)
- increase memlock limit (#575874)
- ignore tentative addresses (#489835)
- print synchronization distance instead of dispersion in ntpstat (#679034)
- fix typos in ntpq and ntp-keygen man pages (#664524, #664525)
- clarify ntpd -q description (#591838)
- don't verify ntp.conf (#481151)
- replace Prereq tag
[4.2.2p1-12.el5]
- fix DoS with mode 7 packets (#532640, CVE-2009-3563)
- compile with -fno-strict-aliasing
[4.2.2p1-11.el5]
- fix buffer overflow when parsing Autokey association message
(#500784, CVE-2009-1252)
- fix buffer overflow in ntpq (#500784, CVE-2009-0159)
[4.2.2p1-10.el5]
- fix check for malformed signatures (#479699, CVE-2009-0021)
More information about the Oraclevm-errata
mailing list