-
ntp (1:4.2.8p4+dfsg-3ubuntu5.10) xenial-security; urgency=medium
* SECURITY UPDATE: crash or possible code execution via a long string as
the ipv4 host argument
- debian/patches/CVE-2018-12327.patch prevent overflow of host
in openhost() in ntpq/ntpq.c and ntpdc/ntpdc.c.
- CVE-2018-12327
-- Mark Morlino <email address hidden> Mon, 06 Jan 2020 09:25:46 -0500
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.9) xenial-security; urgency=medium
* SECURITY UPDATE: code execution via buffer overflow in decodearr
- debian/patches/CVE-2018-7183.patch: prevent writing beyons limits in
ntpq/ntpq.c.
- CVE-2018-7183
* SECURITY UPDATE: DoS via certain packets with a zero-origin timestamp
- debian/patches/CVE-2018-7185.patch: add additional checks to
ntpd/ntp_proto.c.
- CVE-2018-7185
-- Marc Deslauriers <email address hidden> Fri, 06 Jul 2018 15:34:25 -0400
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.8) xenial; urgency=medium
* d/apparmor-profile: fix denial checking for running ntpdate (LP: #1749389)
-- Christian Ehrhardt <email address hidden> Wed, 14 Feb 2018 13:10:39 +0100
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.7) xenial; urgency=medium
* d/ntp.init: fix lock path to match the ntpdate ifup hook. Furthermore
drop the usage of lockfile-progs calls and instead use flock directly.
This is a backport of changes made in 1:4.2.8p7+dfsg-1 (LP: #1706818)
-- Christian Ehrhardt <email address hidden> Tue, 05 Sep 2017 17:24:43 +0200
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.6) xenial; urgency=medium
* debian/ntpdate.if-up: Drop delta to stop/start service around ntpdate
updates - fixes ntp restart storms due to network changes, fixes
accidential start of ntp, avoids issues of ntpdate jumping too far while
running ntp was supposed to drift (LP: #1593907)
-- Christian Ehrhardt <email address hidden> Fri, 07 Jul 2017 07:56:45 +0200
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.5) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via large request data value
- debian/patches/CVE-2016-2519.patch: check packet in
ntpd/ntp_control.c.
- CVE-2016-2519
* SECURITY UPDATE: DoS via responses with a spoofed source address
- debian/patches/CVE-2016-7426.patch: improve rate limiting in
ntpd/ntp_proto.c.
- CVE-2016-7426
* SECURITY UPDATE: DoS via crafted broadcast mode packet
- debian/patches/CVE-2016-7427-1.patch: improve replay prevention
logic in ntpd/ntp_proto.c.
- CVE-2016-7427
* SECURITY UPDATE: DoS via poll interval in a broadcast packet
- debian/patches/CVE-2016-7428.patch: ensure at least one poll interval
has elapsed in ntpd/ntp_proto.c, include/ntp.h.
- CVE-2016-7428
* SECURITY UPDATE: DoS via response for a source to an interface the
source does not use
- debian/patches/CVE-2016-7429-1.patch: add extra checks to
ntpd/ntp_peer.c.
- debian/patches/CVE-2016-7429-2.patch: check for NULL first in
ntpd/ntp_peer.c.
- debian/patches/CVE-2016-7429-3.patch: fix multicastclient regression
in ntpd/ntp_peer.c.
- CVE-2016-7429
* SECURITY UPDATE: incorrect initial sync calculations
- debian/patches/CVE-2016-7433.patch: use peer dispersion in
ntpd/ntp_proto.c.
- CVE-2016-7433
* SECURITY UPDATE: DoS via crafted mrulist query
- debian/patches/CVE-2016-7434.patch: added missing parameter
validation to ntpd/ntp_control.c.
- CVE-2016-7434
* SECURITY UPDATE: traps can be set or unset via a crafted control mode
packet
- debian/patches/CVE-2016-9310.patch: require AUTH in
ntpd/ntp_control.c.
- CVE-2016-9310
* SECURITY UPDATE: DoS when trap service is enabled
- debian/patches/CVE-2016-9311.patch: make sure peer events are
associated with a peer in ntpd/ntp_control.c.
- CVE-2016-9311
* SECURITY UPDATE: potential Overflows in ctl_put() functions
- debian/patches/CVE-2017-6458.patch: check lengths in
ntpd/ntp_control.c.
- CVE-2017-6458
* SECURITY UPDATE: overflow via long flagstr variable
- debian/patches/CVE-2017-6460.patch: check length in ntpq/ntpq-subs.c.
- CVE-2017-6460
* SECURITY UPDATE: buffer overflow in DPTS refclock driver
- debian/patches/CVE-2017-6462.patch: don't overrun buffer in
ntpd/refclock_datum.c.
- CVE-2017-6462
* SECURITY UPDATE: DoS via invalid setting in a :config directive
- debian/patches/CVE-2017-6463.patch: protect against overflow in
ntpd/ntp_config.c.
- CVE-2017-6463
* SECURITY UPDATE: Dos via malformed mode configuration directive
- debian/patches/CVE-2017-6464.patch: validate directives in
ntpd/ntp_config.c, ntpd/ntp_proto.c.
- CVE-2017-6464
-- Marc Deslauriers <email address hidden> Wed, 28 Jun 2017 10:23:27 -0400
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.4) xenial; urgency=medium
* Fix ntp.dhcp to also check for pool and better handle spaces and tabs.
(LP: #1656801)
-- Phil Roche <email address hidden> Thu, 19 Jan 2017 11:06:04 +0000
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.3) xenial-security; urgency=medium
* SECURITY UPDATE: Deja Vu replay attack on authenticated broadcast mode
- debian/patches/CVE-2015-7973.patch: improve timestamp verification in
include/ntp.h, ntpd/ntp_proto.c.
- CVE-2015-7973
* SECURITY UPDATE: impersonation between authenticated peers
- debian/patches/CVE-2015-7974.patch: check key ID in ntpd/ntp_proto.c.
- CVE-2015-7974
* SECURITY UPDATE: ntpq buffer overflow
- debian/patches/CVE-2015-7975.patch: add length check to ntpq/ntpq.c.
- CVE-2015-7975
* SECURITY UPDATE: ntpq saveconfig command allows dangerous characters in
filenames
- debian/patches/CVE-2015-7976.patch: check filename in
ntpd/ntp_control.c.
- CVE-2015-7976
* SECURITY UPDATE: restrict list denial of service
- debian/patches/CVE-2015-7977-7978.patch: improve restrict list
processing in ntpd/ntp_request.c.
- CVE-2015-7977
- CVE-2015-7978
* SECURITY UPDATE: authenticated broadcast mode off-path denial of
service
- debian/patches/CVE-2015-7979.patch: add more checks to
ntpd/ntp_proto.c.
- CVE-2015-7979
- CVE-2016-1547
* SECURITY UPDATE: Zero Origin Timestamp Bypass
- debian/patches/CVE-2015-8138.patch: check p_org in ntpd/ntp_proto.c.
- CVE-2015-8138
* SECURITY UPDATE: potential infinite loop in ntpq
- debian/patches/CVE-2015-8158.patch: add time checks to ntpdc/ntpdc.c,
ntpq/ntpq.c.
- CVE-2015-8158
* SECURITY UPDATE: NTP statsdir cleanup cronjob insecure (LP: #1528050)
- debian/ntp.cron.daily: fix security issues, patch thanks to halfdog!
- CVE-2016-0727
* SECURITY UPDATE: time spoofing via interleaved symmetric mode
- debian/patches/CVE-2016-1548.patch: check for bogus packets in
ntpd/ntp_proto.c.
- CVE-2016-1548
* SECURITY UPDATE: buffer comparison timing attacks
- debian/patches/CVE-2016-1550.patch: use CRYPTO_memcmp in
libntp/a_md5encrypt.c, sntp/crypto.c.
- CVE-2016-1550
* SECURITY UPDATE: DoS via duplicate IPs on unconfig directives
- debian/patches/CVE-2016-2516.patch: improve logic in
ntpd/ntp_request.c.
- CVE-2016-2516
* SECURITY UPDATE: denial of service via crafted addpeer
- debian/patches/CVE-2016-2518.patch: check mode value in
ntpd/ntp_request.c.
- CVE-2016-2518
* SECURITY UPDATE: denial of service via spoofed packets
- debian/patches/CVE-2016-4954.patch: discard packet that fails tests
in ntpd/ntp_proto.c.
- CVE-2016-4954
* SECURITY UPDATE: denial of service via spoofed crypto-NAK or incorrect
MAC
- debian/patches/CVE-2016-4955.patch: fix checks in ntpd/ntp_proto.c.
- CVE-2016-4955
* SECURITY UPDATE: denial of service via spoofed broadcast packet
- debian/patches/CVE-2016-4956.patch: properly handle switch in
broadcast interleaved mode in ntpd/ntp_proto.c.
- CVE-2016-4956
-- Marc Deslauriers <email address hidden> Wed, 05 Oct 2016 08:01:29 -0400
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.2) xenial; urgency=medium
* Fix ntpdate-debian to be able to parse new config of ntp (LP: #1576698)
-- Christian Ehrhardt <email address hidden> Tue, 20 Sep 2016 14:24:29 +0200
-
ntp (1:4.2.8p4+dfsg-3ubuntu5.1) xenial; urgency=medium
* d/p/ntp-4.2.8p4-segfaults-[1-3]-3.patch fix startup crashes by
including Juergen Perlinger's work on upstream bugs 2954 and 2831 to
fix those (LP: #1567540).
-- Christian Ehrhardt <email address hidden> Mon, 01 Aug 2016 10:50:52 +0200
-
ntp (1:4.2.8p4+dfsg-3ubuntu5) xenial; urgency=medium
* debian/apparmor-profile: allow 'rw' access to /dev/pps[0-9]* devices.
Patch thanks to Mark Shuttleworth. (LP: #1564832)
-- Jamie Strandboge <email address hidden> Thu, 07 Apr 2016 15:12:41 -0500
-
ntp (1:4.2.8p4+dfsg-3ubuntu4) xenial; urgency=medium
* d/p/fix_local_sync.patch: fix local clock sync (LP: #1558125).
-- Pierre-André MOREY <email address hidden> Thu, 17 Mar 2016 10:42:44 +0100
-
ntp (1:4.2.8p4+dfsg-3ubuntu3) xenial; urgency=medium
* debian/patches/ntpdate-fix-lp1526264.patch:
- Add Alfonso Sanchez-Beato's patch for fixing the cannot correct dates in
the future bug (LP: #1526264)
-- Łukasz 'sil2100' Zemczak <email address hidden> Wed, 24 Feb 2016 12:29:32 +0100
-
ntp (1:4.2.8p4+dfsg-3ubuntu2) xenial; urgency=medium
* debian/apparmor-profile: adjust to handle AF_UNSPEC with dgram and stream
-- Jamie Strandboge <email address hidden> Wed, 17 Feb 2016 10:41:20 -0600
-
ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium
* Merge from Debian testing. Remaining changes:
+ debian/rules: enable debugging. Ask debian to add this.
+ debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook.
+ Add enforcing AppArmor profile:
- debian/control: Add Conflicts/Replaces on apparmor-profiles.
- debian/control: Add Suggests on apparmor.
- debian/control: Build-Depends on dh-apparmor.
- add debian/apparmor-profile*.
- debian/ntp.dirs: Add apparmor directories.
- debian/rules: Install apparmor-profile and apparmor-profile.tunable.
- debian/source_ntp.py: Add filter on AppArmor profile names to prevent
false positives from denials originating in other packages.
- debian/README.Debian: Add note on AppArmor.
+ debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before
running ntpdate when an interface comes up, then start again afterwards.
+ debian/ntp.init, debian/rules: Only stop when entering single user mode,
don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can
get stale. Patch by Simon Déziel.
+ debian/ntp.conf, debian/ntpdate.default: Change default server to
ntp.ubuntu.com.
+ debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y).
* Includes fix for requests with source ports < 123, fixed upstream in
4.2.8p1 (LP: #1479652).
* Add PPS support (LP: #1512980):
+ debian/README.Debian: Add a PPS section to the README.Debian,
removed all PPSkit one.
+ debian/ntp.conf: Add some configuration examples from the offical
documentation.
+ debian/control: Add Build-Depends on pps-tools
* Drop Changes:
+ debian/rules: Update config.{guess,sub} for AArch64, because upstream use
dh_autoreconf now.
+ debian/{control,rules}: Add and enable hardened build for PIE.
Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is
never applied, (cf. dpkg-buildflags manual), checked with Marc
Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC.
+ debian/rules: Remove update-rcd-params in dh_installinit command. When
setting up ntp package, the following message is presented to the user
due to deprecated use:
"update-rc.d: warning: start and stop actions are no longer
supported; falling back to defaults". The defaults are taken from the
init.d script LSB comment header, which contain what we need anyway.
+ debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly
regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y
patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed.
+ debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock
now.
+ Remove natty timeframe old deltas (transitional code not needed since
Trusty): Those patches were for an incorrect behaviour of
system-tools-backend, around natty time
(https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23)
- debian/ntpdate-debian: Disregard empty ntp.conf files.
- debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation.
+ debian/ntp.dhcp: Rewrite sed rules. This was done incorrectly as pointed
out in LP 575458. This decision is explained in detail there.
* All previous ubuntu security patches/fixes have been upstreamed:
+ CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196,
CVE-2015-7703, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691,
CVE-2015-7692, CVE-2015-7702, CVE-2015-7701, CVE-2015-7704,
CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853,
CVE-2015-7855, CVE-2015-7871, CVE-2015-1798, CVE-2015-1799,
CVE-2014-9297, CVE-2014-9298, CVE-2014-9293, CVE-2014-9294,
CVE-2014-9295, CVE-2014-9296
+ Fix to ignore ENOBUFS on routing netlink socket
+ Fix use-after-free in routing socket code
+ ntp-keygen infinite loop or lack of randonmess on big endian platforms
-- Pierre-André MOREY <email address hidden> Fri, 5 Feb 2016 18:28:52 +0100
-
ntp (1:4.2.6.p5+dfsg-3ubuntu9) xenial; urgency=medium
[ Cam Cope ]
* Use a single lockfile again - instead unlock the file before starting the
init script. The lock sho uld be shared - both services can't run at the
same time. (LP: #1125726)
-- Iain Lane <email address hidden> Mon, 07 Dec 2015 13:38:16 +0000
-
ntp (1:4.2.6.p5+dfsg-3ubuntu8.1) wily-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted NUL-byte in
configuration directive
- debian/patches/CVE-2015-5146.patch: properly validate command in
ntpd/ntp_control.c.
- CVE-2015-5146
* SECURITY UPDATE: denial of service via malformed logconfig commands
- debian/patches/CVE-2015-5194.patch: fix logconfig logic in
ntpd/ntp_parser.y.
- CVE-2015-5194
* SECURITY UPDATE: denial of service via disabled statistics type
- debian/patches/CVE-2015-5195.patch: handle unrecognized types in
ntpd/ntp_config.c.
- CVE-2015-5195
* SECURITY UPDATE: file overwrite via remote pidfile and driftfile
configuration directives
- debian/patches/CVE-2015-5196.patch: disable remote configuration in
ntpd/ntp_parser.y.
- CVE-2015-5196
- CVE-2015-7703
* SECURITY UPDATE: denial of service via precision value conversion
- debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in
include/ntp.h.
- CVE-2015-5219
* SECURITY UPDATE: timeshifting by reboot issue
- debian/patches/CVE-2015-5300.patch: disable panic in
ntpd/ntp_loopfilter.c.
- CVE-2015-5300
* SECURITY UPDATE: incomplete autokey data packet length checks
- debian/patches/CVE-2015-7691.patch: add length and size checks to
ntpd/ntp_crypto.c.
- CVE-2015-7691
- CVE-2015-7692
- CVE-2015-7702
* SECURITY UPDATE: memory leak in CRYPTO_ASSOC
- debian/patches/CVE-2015-7701.patch: add missing free in
ntpd/ntp_crypto.c.
- CVE-2015-7701
* SECURITY UPDATE: denial of service by spoofed KoD
- debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c.
- CVE-2015-7704
- CVE-2015-7705
* SECURITY UPDATE: denial of service via same logfile and keyfile
- debian/patches/CVE-2015-7850.patch: rate limit errors in
include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c,
libntp/msyslog.c.
- CVE-2015-7850
* SECURITY UPDATE: ntpq atoascii memory corruption
- debian/patches/CVE-2015-7852.patch: avoid buffer overrun in
ntpq/ntpq.c.
- CVE-2015-7852
* SECURITY UPDATE: buffer overflow via custom refclock driver
- debian/patches/CVE-2015-7853.patch: properly calculate length in
ntpd/ntp_io.c.
- CVE-2015-7853
* SECURITY UPDATE: denial of service via ASSERT in decodenetnum
- debian/patches/CVE-2015-7855.patch: simply return fail in
libntp/decodenetnum.c.
- CVE-2015-7855
* SECURITY UPDATE: symmetric association authentication bypass via
crypto-NAK
- debian/patches/CVE-2015-7871.patch: drop unhandled packet in
ntpd/ntp_proto.c.
- CVE-2015-7871
* debian/control: add bison to Build-Depends.
* debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly
regenerated for some reason.
-- Marc Deslauriers <email address hidden> Thu, 22 Oct 2015 16:38:14 -0400
-
ntp (1:4.2.6.p5+dfsg-3ubuntu8) wily; urgency=medium
* debian/ntp.init: Don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is
newer - it can get stale. Patch by Simon Déziel. (LP: #1472056)
-- Iain Lane <email address hidden> Fri, 02 Oct 2015 10:45:41 +0100