Package "python3-ntp"
Name: |
python3-ntp
|
Description: |
Python 3 NTP Helper Classes
|
Latest version: |
1.1.0+dfsg1-1ubuntu0.2 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Head package: |
ntpsec |
Homepage: |
https://www.ntpsec.org |
Links
Download "python3-ntp"
Other versions of "python3-ntp" in Bionic
Changelog
ntpsec (1.1.0+dfsg1-1ubuntu0.2) bionic-security; urgency=medium
* Backport three commits from 1.1.3 to fix (LP: #1812458)
- CVE-2019-6442: "An authenticated attacker can write one byte out of
bounds in ntpd via a malformed config request, related to
config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and
yyerror in ntp_parser.y."
- CVE-2019-6443: "Because of a bug in ctl_getitem, there is a stack-based
buffer over-read in read_sysvars in ntp_control.c in ntpd.
- CVE-2019-6444: "process_control() in ntp_control.c has a stack-based
buffer over-read because attacker-controlled data is dereferenced by
ntohl() in ntpd."
- CVE-2019-6445: "An authenticated attacker can cause a NULL pointer
dereference and ntpd crash in ntp_control.c, related to ctl_getitem."
-- Richard Laager <email address hidden> Fri, 18 Jan 2019 20:07:06 -0600
|
1812458 |
ntpsec security fixes for bionic \u0026 cosmic |
CVE-2019-6442 |
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, re |
CVE-2019-6443 |
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_contr |
CVE-2019-6444 |
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled dat |
CVE-2019-6445 |
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, relat |
|
About
-
Send Feedback to @ubuntu_updates