Repository 32bit  Forum
Repository 64bit  Wiki
Mon Nov 21 19:21:22 UTC 2016
patches/packages/ntp-4.2.8p9-i486-1_slack14.1.txz: Upgraded.
  In addition to bug fixes and enhancements, this release fixes the
  following 1 high- (Windows only :-), 2 medium-, 2 medium-/low, and
  5 low-severity vulnerabilities, and provides 28 other non-security
  fixes and improvements.
  CVE-2016-9311: Trap crash
  CVE-2016-9310: Mode 6 unauthenticated trap info disclosure and DDoS vector
  CVE-2016-7427: Broadcast Mode Replay Prevention DoS
  CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS
  CVE-2016-9312: Windows: ntpd DoS by oversized UDP packet
  CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp Bypass
  CVE-2016-7434: Null pointer dereference in _IO_str_init_static_internal()
  CVE-2016-7429: Interface selection attack
  CVE-2016-7426: Client rate limiting and server responses
  CVE-2016-7433: Reboot sync calculation problem
  For more information, see:
  https://www.kb.cert.org/vuls/id/633847
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7427
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7428
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7431
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433
  (* Security fix *)