#
362716 |
|
28-Jun-2020 |
cy |
MFC r362568:
MFV r362565:
Update 4.2.8p14 --> 4.2.8p15
Summary: Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC keyid, eventually causing ntpd to run out of memory and fail. The CMAC cleanup from https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby the CMAC data structure was no longer completely removed.
Security: NTP Bug 3661
|
#
358659 |
|
05-Mar-2020 |
cy |
MFC r358652:
MFV r358616:
Update ntp-4.2.8p13 --> 4.2.8p14.
The advisory can be found at: http://support.ntp.org/bin/view/Main/SecurityNotice#\ March_2020_ntp_4_2_8p14_NTP_Rele
No CVEs have been documented yet.
Security: http://support.ntp.org/bin/view/Main/NtpBug3610 http://support.ntp.org/bin/view/Main/NtpBug3596 http://support.ntp.org/bin/view/Main/NtpBug3592
|
#
344884 |
|
07-Mar-2019 |
cy |
MFC r344883:
(MFV r344878:)
4.2.8p12 --> 4.2.8p13
Security: CVE-2019-8936 VuXML: c2576e14-36e2-11e9-9eda-206a8a720317 Obtained from: nwtime.org
|
#
338530 |
|
08-Sep-2018 |
delphij |
MFC r338126: MFV r338092: ntp 4.2.8p12.
Relnotes: yes
|
#
330106 |
|
28-Feb-2018 |
delphij |
MFC r330104: MFV r330102: ntp 4.2.8p11
|
#
316068 |
|
28-Mar-2017 |
delphij |
MFC r315871: MFV r315791: ntp 4.2.8p10.
|
#
309007 |
|
22-Nov-2016 |
delphij |
MFC r308957: MFV r308954:
ntp 4.2.8p9.
Approved by: so
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
301247 |
|
03-Jun-2016 |
delphij |
MFV r301238:
ntp 4.2.8p8.
Security: CVE-2016-4957, CVE-2016-4953, CVE-2016-4954 Security: CVE-2016-4955, CVE-2016-4956 Security: FreeBSD-SA-16:24.ntp With hat: so
|
#
298695 |
|
27-Apr-2016 |
delphij |
MFV r298691:
ntp 4.2.8p7.
Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550 Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518 Security: CVE-2016-2519 Security: FreeBSD-SA-16:16.ntp With hat: so
|
#
294554 |
|
22-Jan-2016 |
delphij |
MFV r294491: ntp 4.2.8p6.
Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975 Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978 Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139 Security: CVE-2015-8140, CVE-2015-8158 With hat: so
|
#
293423 |
|
08-Jan-2016 |
delphij |
MFV r293415:
ntp 4.2.8p5
Reviewed by: cy, roberto Relnotes: yes Differential Revision: https://reviews.freebsd.org/D4828
|
#
289764 |
|
22-Oct-2015 |
glebius |
MFV ntp-4.2.8p4 (r289715)
Security: VuXML: c4a18a12-77fc-11e5-a687-206a8a720317 Security: CVE-2015-7871 Security: CVE-2015-7855 Security: CVE-2015-7854 Security: CVE-2015-7853 Security: CVE-2015-7852 Security: CVE-2015-7851 Security: CVE-2015-7850 Security: CVE-2015-7849 Security: CVE-2015-7848 Security: CVE-2015-7701 Security: CVE-2015-7703 Security: CVE-2015-7704, CVE-2015-7705 Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner Sponsored by: Nginx, Inc.
|
#
285169 |
|
05-Jul-2015 |
cy |
MFV ntp-4.2.8p3 (r284990).
Approved by: roberto, delphij Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0 Security: http://bugs.ntp.org/show_bug.cgi?id=2853 Security: https://www.kb.cert.org/vuls/id/668167 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
|
#
282408 |
|
04-May-2015 |
cy |
MFV ntp 4.2.8p2 (r281348)
Reviewed by: delphij (suggested MFC) Approved by: roberto Security: CVE-2015-1798, CVE-2015-1799 Security: VuXML ebd84c96-dd7e-11e4-854e-3c970e169bc2 MFC after: 1 month
|
#
280849 |
|
30-Mar-2015 |
cy |
MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284)
Thanks to roberto for providing pointers to wedge this into HEAD.
Approved by: roberto
|
#
275970 |
|
20-Dec-2014 |
cy |
Vendor import ntp 4.2.8.
Reviewed by: roberto Security: VUXML: 4033d826-87dd-11e4-9079-3c970e169bc2 Security: http://www.kb.cert.org/vuls/id/852879 Security: CVE-2014-9293 Security CVE-2014-9294 Security CVE-2014-9295 Security CVE-2014-9296
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
301247 |
|
03-Jun-2016 |
delphij |
MFV r301238:
ntp 4.2.8p8.
Security: CVE-2016-4957, CVE-2016-4953, CVE-2016-4954 Security: CVE-2016-4955, CVE-2016-4956 Security: FreeBSD-SA-16:24.ntp With hat: so
|
#
298695 |
|
27-Apr-2016 |
delphij |
MFV r298691:
ntp 4.2.8p7.
Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550 Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518 Security: CVE-2016-2519 Security: FreeBSD-SA-16:16.ntp With hat: so
|
#
294554 |
|
22-Jan-2016 |
delphij |
MFV r294491: ntp 4.2.8p6.
Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975 Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978 Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139 Security: CVE-2015-8140, CVE-2015-8158 With hat: so
|
#
293423 |
|
08-Jan-2016 |
delphij |
MFV r293415:
ntp 4.2.8p5
Reviewed by: cy, roberto Relnotes: yes Differential Revision: https://reviews.freebsd.org/D4828
|
#
289764 |
|
22-Oct-2015 |
glebius |
MFV ntp-4.2.8p4 (r289715)
Security: VuXML: c4a18a12-77fc-11e5-a687-206a8a720317 Security: CVE-2015-7871 Security: CVE-2015-7855 Security: CVE-2015-7854 Security: CVE-2015-7853 Security: CVE-2015-7852 Security: CVE-2015-7851 Security: CVE-2015-7850 Security: CVE-2015-7849 Security: CVE-2015-7848 Security: CVE-2015-7701 Security: CVE-2015-7703 Security: CVE-2015-7704, CVE-2015-7705 Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner Sponsored by: Nginx, Inc.
|
#
285169 |
|
05-Jul-2015 |
cy |
MFV ntp-4.2.8p3 (r284990).
Approved by: roberto, delphij Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0 Security: http://bugs.ntp.org/show_bug.cgi?id=2853 Security: https://www.kb.cert.org/vuls/id/668167 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
|
#
282408 |
|
04-May-2015 |
cy |
MFV ntp 4.2.8p2 (r281348)
Reviewed by: delphij (suggested MFC) Approved by: roberto Security: CVE-2015-1798, CVE-2015-1799 Security: VuXML ebd84c96-dd7e-11e4-854e-3c970e169bc2 MFC after: 1 month
|
#
280849 |
|
30-Mar-2015 |
cy |
MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284)
Thanks to roberto for providing pointers to wedge this into HEAD.
Approved by: roberto
|
#
275970 |
|
20-Dec-2014 |
cy |
Vendor import ntp 4.2.8.
Reviewed by: roberto Security: VUXML: 4033d826-87dd-11e4-9079-3c970e169bc2 Security: http://www.kb.cert.org/vuls/id/852879 Security: CVE-2014-9293 Security CVE-2014-9294 Security CVE-2014-9295 Security CVE-2014-9296
|