From: Harlan Stenn <stenn@ntp.org>
Date: Sat, 17 Oct 2015 01:39:22 +0000 (+0000)
Subject: [Sec 2941] NAK to the Future: Symmetric association authentication bypass via crypto-NAK
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d78d3f7537faa09becf1bc5f7efa78327a16304d;p=thirdparty%2Fntp.git

[Sec 2941] NAK to the Future: Symmetric association authentication bypass via crypto-NAK

bk: 5621a6cak64N71lGJd7s3vwXJCyieQ
---

diff --git a/ChangeLog b/ChangeLog
index 354a148c2..536392afc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
 ---
-* [Bug 2941] NAK to the Future: Symmetric association authentication
+
+* [Sec 2941] NAK to the Future: Symmetric association authentication
   bypass via crypto-NAK. Patch applied. perlinger@ntp.org
 ---
 (4.2.8p4-RC1) 2015/10/06 Released by Harlan Stenn <stenn@ntp.org>
@@ -21,6 +22,8 @@
   and memory corruption. perlinger@ntp.org
 * [Sec 2921] TALOS-CAN-0065: password length memory corruption. JPerlinger.
 * [Sec 2922] decodenetnum() will ASSERT botch instead of returning FAIL
+* [Sec 2941] NAK to the Future: Symmetric association authentication
+  bypass via crypto-NAK. Patch applied. perlinger@ntp.org
   on some bogus values.  Harlan Stenn.
 * [Bug 2332] (reopened) Exercise thread cancellation once before dropping
   privileges and limiting resources in NTPD removes the need to link