This bug was fixed in the package ntp - 1:4.2.8p11+dfsg-1ubuntu1
---------------
ntp (1:4.2.8p11+dfsg-1ubuntu1) cosmic; urgency=medium
* Merge with Debian unstable (LP: #1773921). Remaining changes:
- d/ntp.conf, d/ntpdate.default: Change default server to ntp.ubuntu.com.
- Add PPS support (LP 1512980):
+ debian/README.Debian: Add a PPS section to the README.Debian
+ debian/ntp.conf: Add some PPS configuration examples from the offical
documentation.
- d/ntp.dhcp add support for parsing systemd networkd lease files LP 1717983
* Dropped Changes (accepted in Debian)
- d/ntp-systemd-wrapper protect systemd service startup from concurrent
ntpdate processes the same way it was protected on sysv-init (LP 1706818)
- debian/apparmor-profile: add attach_disconnected which is needed in some
cases to let ntp report its log messages (LP 1727202).
- debian/apparmor-profile: avoid denies to to arg checks (LP 1741227)
- fix apparmor denial when checking for running ntpdate (LP 1749389)
ntp (1:4.2.8p11+dfsg-1) unstable; urgency=medium
* New upstream version 4.2.8p11+dfsg (Closes: #851096)
- Refresh patches
- Drop ntpd-increase-stack-size included upstream
- CVE-2018-7185: Unauthenticated packet can reset authenticated
interleaved association (LOW/MED)
- CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state
(LOW/MED)
- CVE-2018-7170 / CVE-2016-1549: Provide a way to prevent authenticated
symmetric passive peering (LOW)
- CVE-2018-7183: decodearr() can write beyond its 'buf' limits (Medium)
- CVE-2018-7182: ctl_getitem(): buffer read overrun leads to undefined
behavior and information leak (Info/Medium)
- CVE-2016-1549: Sybil vulnerability: ephemeral association attack
(mitigated in 4.2.8p7)
* convert dfsg.sh into mk-origtargz script
* Run wrap-and-sort
* Sync AppArmor profile changes from Ubuntu, including a fix for a
harmless AppArmor denial in /usr/local (Closes: #883022)
* Don't chown in postinst recursively.
Thanks to Daniel Kahn Gillmor (Closes: #889488)
* Build sntp against system libevent
* Drop versioned build-deps already fulfilled by oldoldstable
ntp (1:4.2.8p10+dfsg-6) unstable; urgency=medium
* Make sntp KoD path FHS-compliant.
Thanks to Aaron Smith (Closes: #863873)
* Drop historic Breaks/Pre-Depends
* Drop historic conffile handling from pre-jessie
* Adjust ntpdate description stating that it is deprecated
* Move Vcs-* to salsa
* Bump Standards-Version to 4.1.3.0, no changes necessary
* Cherry-pick patch from upstream to increase stack size.
Thanks to Frederic Endner-Dühr for testing (Closes: #887385)
* Temporarily add ntpdate lock for systemd wrapper.
Thanks to Christian Ehrhardt (Closes: #874540)
* Add note about AppArmor tunable in README.Debian (Closes: #883949)
-- Christian Ehrhardt <[email protected]> Tue, 29 May
2018 10:34:11 +0200
** Changed in: ntp (Ubuntu)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-1549
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7170
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7182
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7183
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7184
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7185
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1773921
Title:
merge ntp 1:4.2.8p11+dfsg-1 for cosmic
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1773921/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
