3505 description updates

author Harlan Stenn <stenn@ntp.org>

Sat, 28 Jul 2018 05:03:57 +0000 (05:03 +0000)

committer Harlan Stenn <stenn@ntp.org>

Sat, 28 Jul 2018 05:03:57 +0000 (05:03 +0000)
author Harlan Stenn <stenn@ntp.org>
Sat, 28 Jul 2018 05:03:57 +0000 (05:03 +0000)
committer Harlan Stenn <stenn@ntp.org>
Sat, 28 Jul 2018 05:03:57 +0000 (05:03 +0000)
diff --git a/ChangeLog b/ChangeLog

index 3024022364a951ce5d4b6a9a8fb22b6a1ae54d8f..7572d1ec9876a987300bb5fb16b4d1b2407a8520 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,8 @@
  ---
  
  * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability
-  - fixed stack buffer overflow in NTPQ/NTPDC <perlinger@ntp.org>
+  - fixed stack buffer overflow in the openhost() command-line call
+    of NTPQ/NTPDC <perlinger@ntp.org>
  * [Sec 3012] noepeer tweaks.  <stenn@ntp.org>
  * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin,
               other TrustedBSD platforms
diff --git a/NEWS b/NEWS

index d3ac2e6dbf9332ecedd567f4b3b41dd7d404557c..99d37683bfb283c066e11f024c7e792500291c08 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -11,9 +11,9 @@ This release fixes a "hole" in the noepeer capability introduced to ntpd
  in ntp-4.2.8p11, and a buffer overflow in the openhost() function used by
  ntpq and ntpdc.  It also provides 26 other bugfixes, and 4 other improvements:
  
-* [Sec 3505]
+* [Sec 3505] Buffer overflow in the openhost() call of ntpq and ntpdc.
  
-* [Sec 3012] 
+* [Sec 3012] Fix a hole in the new "noepeer" processing.
  
  * Bug Fixes:
   [Bug 3509] Add support for running as non-root on FreeBSD, Darwin,
author	Harlan Stenn <stenn@ntp.org>
	Sat, 28 Jul 2018 05:03:57 +0000 (05:03 +0000)
committer	Harlan Stenn <stenn@ntp.org>
	Sat, 28 Jul 2018 05:03:57 +0000 (05:03 +0000)
ChangeLog		patch \| blob \| blame \| history
NEWS		patch \| blob \| blame \| history