chrony 1.29-1ubuntu0.1 source package in Ubuntu

Changelog

chrony (1.29-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow
    - debian/patches/CVE-2015-1821.patch: Fix access configuration with
      subnet size indivisible by 4.
    - CVE-2015-1821
  * SECURITY UPDATE: DoS (uninitialized pointer dereference and daemon
    crash) or possibly execute arbitrary code via a large number of
    command requests.
    - debian/patches/CVE-2015-1822.patch: Fix initialization of allocated
      reply slots.
    - CVE-2015-1822
  * SECURITY UPDATE: Authentication doesn't protect symmetric associations
    against DoS attacks
    - debian/patches/CVE-2015-1853.patch: Protect authenticated symmetric
      associations against DoS attacks.
    - CVE-2015-1853
  * SECURITY UPDATE: Remote attackers to conduct impersonation attacks via
    an arbitrary trusted key, aka a "skeleton key".
    - debian/patches/CVE-2016-1567.patch: restrict authentication of
      server/peer to specified key.
    - CVE-2016-1567

 -- Eduardo Barretto <email address hidden>  Wed, 05 Dec 2018 17:57:24 -0200

Upload details

Uploaded by:
Eduardo Barretto
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
linux-any
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates universe admin
Trusty security universe admin

Downloads

File Size SHA-256 Checksum
chrony_1.29.orig.tar.gz 383.7 KiB c685f072ba0663ab026a7f56870ab2c246bd97ca4629dd2e1899617bd16ad39b
chrony_1.29-1ubuntu0.1.debian.tar.gz 21.8 KiB 97a4c90254741361c74bc576dafe76251189516a1167ed6d5232ee0cf5c2abd0
chrony_1.29-1ubuntu0.1.dsc 2.0 KiB a5ab6bf7d03764e3c6a1537a207a478be13724f0a5afb03018a060eb8629592e

View changes file

Binary packages built by this source

chrony: Set the computer clock from time servers on the Net

 It consists of a pair of programs:
 .
 chronyd: This is a daemon which runs in background on the system.
 It obtains measurements (e.g. via the network) of the system's offset
 relative to other systems and adjusts the system time accordingly. For
 isolated systems, the user can periodically enter the correct time by
 hand (using 'chronyc'). In either case 'chronyd' determines the rate
 at which the computer gains or loses time, and compensates for this.
 Chronyd implements the NTP protocol and can act as either a client or
 a server.
 .
 chronyc: This is a command-line driven control and monitoring program.
 An administrator can use this to fine-tune various parameters within
 the daemon, add or delete servers etc whilst the daemon is running.

chrony-dbgsym: debug symbols for package chrony

 It consists of a pair of programs:
 .
 chronyd: This is a daemon which runs in background on the system.
 It obtains measurements (e.g. via the network) of the system's offset
 relative to other systems and adjusts the system time accordingly. For
 isolated systems, the user can periodically enter the correct time by
 hand (using 'chronyc'). In either case 'chronyd' determines the rate
 at which the computer gains or loses time, and compensates for this.
 Chronyd implements the NTP protocol and can act as either a client or
 a server.
 .
 chronyc: This is a command-line driven control and monitoring program.
 An administrator can use this to fine-tune various parameters within
 the daemon, add or delete servers etc whilst the daemon is running.