From: Harlan Stenn Date: Tue, 6 Oct 2015 11:35:56 +0000 (+0000) Subject: Merge bk://bk.ntp.org/ntp-stable X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ec5d65798dc864d18c4458db30564dac8aa8d457;p=thirdparty%2Fntp.git Merge bk://bk.ntp.org/ntp-stable into psp-deb1.ntp.org:/home/stenn/ntp-stable-sec bk: 5613b21cLkQXvFW90dMvxgA3I-vcgg --- ec5d65798dc864d18c4458db30564dac8aa8d457 diff --cc ChangeLog index 81cf32688,b022ef6f6..afb65efdb --- a/ChangeLog +++ b/ChangeLog @@@ -1,22 -1,6 +1,24 @@@ --- + (4.2.8p4-RC1) 2015/10/06 Released by Harlan Stenn + +* [Sec 2899] CVE-2014-9297 perlinger@ntp.org +* [Sec 2901] Drop invalid packet before checking KoD. Check for all KoD's. + Danny Mayer. Log incoming packets that fail TEST2. Harlan Stenn. +* [Sec 2902] configuration directives "pidfile" and "driftfile" + should be local-only. perlinger@ntp.org (patch by Miroslav Lichvar) +* [Sec 2909] added missing call to 'free()' in ntp_crypto.c. perlinger@ntp.org +* [Sec 2913] TALOS-CAN-0052: crash by loop counter underrun. perlinger@ntp.org +* [Sec 2916] TALOS-CAN-0054: memory corruption in password store. JPerlinger +* [Sec 2917] TALOS-CAN-0055: Infinite loop if extended logging enabled and + the logfile and keyfile are the same. perlinger@ntp.org +* [Sec 1918] TALOS-CAN-0062: prevent directory traversal for VMS, too, when + using 'saveconfig' command. perlinger@ntp.org +* [Bug 2919] TALOS-CAN-0063: avoid buffer overrun in ntpq. perlinger@ntp.org +* [Sec 2020] TALOS-CAN-0064: signed/unsiged clash could lead to buffer overun + and memory corruption. perlinger@ntp.org +* [Sec 2921] TALOS-CAN-0065: password length memory corruption. JPerlinger. +* [Sec 2922] decodenetnum() will ASSERT botch instead of returning FAIL + on some bogus values. Harlan Stenn. * [Bug 2332] (reopened) Exercise thread cancellation once before dropping privileges and limiting resources in NTPD removes the need to link forcefully against 'libgcc_s' which does not always work. J.Perlinger