[pkgsrc/trunk]: pkgsrc/net/ntp4 NTP 4.2.4p7, 2009/05/04

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/net/ntp4 NTP 4.2.4p7, 2009/05/04
From: tnn <tnn%pkgsrc.org@localhost>
Date: Mon, 16 Jan 2023 19:44:25 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/9379bbad55de
branches:  trunk
changeset: 398666:9379bbad55de
user:      tnn <tnn%pkgsrc.org@localhost>
date:      Sun Sep 06 10:20:21 2009 +0000

description:
NTP 4.2.4p7, 2009/05/04
Focus: Security and Bug Fixes
Severity: HIGH
This release fixes the following high-severity vulnerability:
* [Sec 1151] Remote exploit if autokey is enabled.  CVE-2009-1252
  See http://support.ntp.org/security for more information.
  If autokey is enabled (if ntp.conf contains a "crypto pw whatever"
  line) then a carefully crafted packet sent to the machine will cause
  a buffer overflow and possible execution of injected code, running
  with the privileges of the ntpd process (often root).
  Credit for finding this vulnerability goes to Chris Ries of CMU.
This release fixes the following low-severity vulnerabilities:
* [Sec 1144] limited (two byte) buffer overflow in ntpq.  CVE-2009-0159
  Credit for finding this vulnerability goes to Geoff Keating of Apple.
* [Sec 1149] use SO_EXCLUSIVEADDRUSE on Windows
  Credit for finding this issue goes to Dave Hart.
This release fixes a number of bugs and adds some improvements:
* Improved logging
* Fix many compiler warnings
* Many fixes and improvements for Windows
* Adds support for AIX 6.1
* Resolves some issues under MacOS X and Solaris

diffstat:

 net/ntp4/Makefile |  4 ++--
 net/ntp4/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (26 lines):

diff -r 8e05dc4446dd -r 9379bbad55de net/ntp4/Makefile
--- a/net/ntp4/Makefile Sun Sep 06 08:37:29 2009 +0000
+++ b/net/ntp4/Makefile Sun Sep 06 10:20:21 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.59 2009/01/26 20:06:15 kefren Exp $
+# $NetBSD: Makefile,v 1.60 2009/09/06 10:20:21 tnn Exp $
 #
 
-DISTNAME=      ntp-4.2.4p6
+DISTNAME=      ntp-4.2.4p7
 CATEGORIES=    net time
 MASTER_SITES=  http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/  \
                ftp://ftp.udel.edu/pub/ntp/ntp4/
diff -r 8e05dc4446dd -r 9379bbad55de net/ntp4/distinfo
--- a/net/ntp4/distinfo Sun Sep 06 08:37:29 2009 +0000
+++ b/net/ntp4/distinfo Sun Sep 06 10:20:21 2009 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.12 2009/01/26 20:06:15 kefren Exp $
+$NetBSD: distinfo,v 1.13 2009/09/06 10:20:21 tnn Exp $
 
-SHA1 (ntp-4.2.4p6.tar.gz) = ad4b068cc03ce346a6276ed6b31c026b6ffc3d92
-RMD160 (ntp-4.2.4p6.tar.gz) = d3853bdd593b49c435ec19b95066097ef5e71acc
-Size (ntp-4.2.4p6.tar.gz) = 3443787 bytes
+SHA1 (ntp-4.2.4p7.tar.gz) = 8476f75daffe9851cc6f33d170902bce77637499
+RMD160 (ntp-4.2.4p7.tar.gz) = 11d69176c8cb4b95f7e9f468c37ab8fc53a28876
+Size (ntp-4.2.4p7.tar.gz) = 3382146 bytes

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc Updated audio/speex to 1.2rc1nb1
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Updated net/ntp4 to 4.2.4p7
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated audio/speex to 1.2rc1nb1
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated net/ntp4 to 4.2.4p7
Indexes:

Home | Main Index | Thread Index | Old Index