-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 1 Feb 2010 12:40:11 +0000 Source: chrony Binary: chrony Architecture: source amd64 Version: 1.21z-5+etch1 Distribution: oldstable-security Urgency: high Maintainer: John Hasler <[email protected]> Changed-By: Nico Golde <[email protected]> Description: chrony - Sets your computer's clock from time servers on the Net Changes: chrony (1.21z-5+etch1) oldstable-security; urgency=high . * Non-maintainer upload by the Security Team. * This update addresses the following security issues: - CVE-2010-0292: chronyd replies to all cmdmon packets from unauthorized hosts with. - CVE-2010-0293: missing memory limit for to keep client information which can lead to memory exhaustion through clients with spoofed IPs - CVE-2010-0294: missing syslog limit could lead to filling up the disc by triggering various log events in a loop. Files: 41c78c176d00f2034298f0f91d9dcc7e 629 admin extra chrony_1.21z-5+etch1.dsc 84f76a73dff5a3c9e9f11f3c29a4e93b 310709 admin extra chrony_1.21z.orig.tar.gz aef816a20684f142795441c9d0c2c39a 157657 admin extra chrony_1.21z-5+etch1.diff.gz d87cea1f14f0834d91540f6125f53de9 337452 admin extra chrony_1.21z-5+etch1_amd64.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAktmzYAACgkQHYflSXNkfP+z+ACgrcFdIgfFsrO2bRdoStz/72X/ +fsAn1qvF5crgnnLg0rKiWo/5yZqflr7 =rmYP -----END PGP SIGNATURE----- Accepted: chrony_1.21z-5+etch1.diff.gz to main/c/chrony/chrony_1.21z-5+etch1.diff.gz chrony_1.21z-5+etch1.dsc to main/c/chrony/chrony_1.21z-5+etch1.dsc chrony_1.21z-5+etch1_amd64.deb to main/c/chrony/chrony_1.21z-5+etch1_amd64.deb -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
