Module Name: src
Committed By: taca
Date: Thu Jul 9 15:58:51 UTC 2015
Modified Files:
src/doc: 3RDPARTY
Log Message:
Latest ntp is 4.2.8p3 which contains security fix (low risk).
Security Fix:
* [Sec 2853] Crafted remote config packet can crash some versions of
ntpd. Aleksis Kauppinen, Juergen Perlinger, Harlan Stenn.
Under specific circumstances an attacker can send a crafted packet to
cause a vulnerable ntpd instance to crash. This requires each of the
following to be true:
1) ntpd set up to allow remote configuration (not allowed by default), and
2) knowledge of the configuration password, and
3) access to a computer entrusted to perform remote configuration.
This vulnerability is considered low-risk.
To generate a diff of this commit:
cvs rdiff -u -r1.1234 -r1.1235 src/doc/3RDPARTY
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/3RDPARTY
diff -u src/doc/3RDPARTY:1.1234 src/doc/3RDPARTY:1.1235
--- src/doc/3RDPARTY:1.1234 Thu Jul 9 14:32:24 2015
+++ src/doc/3RDPARTY Thu Jul 9 15:58:51 2015
@@ -1,4 +1,4 @@
-# $NetBSD: 3RDPARTY,v 1.1234 2015/07/09 14:32:24 christos Exp $
+# $NetBSD: 3RDPARTY,v 1.1235 2015/07/09 15:58:51 taca Exp $
#
# This file contains a list of the software that has been integrated into
# NetBSD where we are not the primary maintainer.
@@ -922,7 +922,7 @@ HAVE_STRICT_ALIGNMENT. Fix RCS IDs, imp
Package: ntp
Version: 4.2.8p2
-Current Vers: 4.2.8p2
+Current Vers: 4.2.8p3
Maintainer: David L. Mills <[email protected]>
Archive Site: http://www.ntp.org/
Home Page: http://www.ntp.org/, http://support.ntp.org/
