UbuntuUpdates.org

Package "python3-ntp"

Name: python3-ntp

Description:

Python 3 NTP Helper Classes

Latest version: 1.1.0+dfsg1-1ubuntu0.2
Release: bionic (18.04)
Level: updates
Repository: universe
Head package: ntpsec
Homepage: https://www.ntpsec.org

Links


Download "python3-ntp"


Other versions of "python3-ntp" in Bionic

Repository Area Version
security universe 1.1.0+dfsg1-1ubuntu0.2

Changelog

Version: 1.1.0+dfsg1-1ubuntu0.2 2019-01-24 15:06:58 UTC

  ntpsec (1.1.0+dfsg1-1ubuntu0.2) bionic-security; urgency=medium

  * Backport three commits from 1.1.3 to fix (LP: #1812458)
    - CVE-2019-6442: "An authenticated attacker can write one byte out of
      bounds in ntpd via a malformed config request, related to
      config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and
      yyerror in ntp_parser.y."
    - CVE-2019-6443: "Because of a bug in ctl_getitem, there is a stack-based
      buffer over-read in read_sysvars in ntp_control.c in ntpd.
    - CVE-2019-6444: "process_control() in ntp_control.c has a stack-based
      buffer over-read because attacker-controlled data is dereferenced by
      ntohl() in ntpd."
    - CVE-2019-6445: "An authenticated attacker can cause a NULL pointer
      dereference and ntpd crash in ntp_control.c, related to ctl_getitem."

 -- Richard Laager <email address hidden> Fri, 18 Jan 2019 20:07:06 -0600

Source diff to previous version
1812458 ntpsec security fixes for bionic \u0026 cosmic
CVE-2019-6442 An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, re
CVE-2019-6443 An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_contr
CVE-2019-6444 An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled dat
CVE-2019-6445 An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, relat

Version: 1.1.0+dfsg1-1ubuntu0.1 2018-10-25 16:06:55 UTC

  ntpsec (1.1.0+dfsg1-1ubuntu0.1) bionic; urgency=medium

  * Update apparmor for new drift temp file (LP: #1788102)

 -- Richard Laager <email address hidden> Tue, 21 Aug 2018 00:27:21 -0500

1788102 ntpsec's ntpd fails to write ntp.drift file because of apparmor



About   -   Send Feedback to @ubuntu_updates