mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Armin Kuster
01511d4cde
LICENSE_FILE md5 changed do to copyright date change.
NTF's NTP Project is releasing ntp-4.2.8p10, which addresses:
6 MEDIUM severity vulnerabilities (1 is about the Windows PPSAPI DLL)
5 LOW severity vulnerabilities (2 are in the Windows Installer)
4 Informational-level vulnerabilities
15 other non-security fixes and improvements
All of the security issues in this release are listed in VU#633849.
ntp-4.2.8p10 was released on 21 March 2017.
Sec 3389 / CVE-2017-6464 / VU#325339: NTP-01-016 NTP: Denial of Service via Malformed Config (Pentest report 01.2017)
Sec 3388 / CVE-2017-6462 / VU#325339: NTP-01-014 NTP: Buffer Overflow in DPTS Clock (Pentest report 01.2017)
Sec 3387 / CVE-2017-6463 / VU#325339: NTP-01-012 NTP: Authenticated DoS via Malicious Config Option (Pentest report 01.2017)
Sec 3386: NTP-01-011 NTP: ntpq_stripquotes() returns incorrect Value (Pentest report 01.2017)
Sec 3385: NTP-01-010 NTP: ereallocarray()/eallocarray() underused (Pentest report 01.2017)
Sec 3384 / CVE-2017-6455 / VU#325339: NTP-01-009 NTP: Windows: Privileged execution of User Library code (Pentest report 01.2017)
Sec 3383 / CVE-2017-6452 / VU#325339: NTP-01-008 NTP: Windows Installer: Stack Buffer Overflow from Command Line (Pentest report 01.2017)
Sec 3382 / CVE-2017-6459 / VU#325339: NTP-01-007 NTP: Windows Installer: Data Structure terminated insufficiently (Pentest report 01.2017)
Sec 3381: NTP-01-006 NTP: Copious amounts of Unused Code (Pentest report 01.2017)
Sec 3380: NTP-01-005 NTP: Off-by-one in Oncore GPS Receiver (Pentest report 01.2017)
Sec 3379 / CVE-2017-6458 / VU#325339: NTP-01-004 NTP: Potential Overflows in ctl_put() functions (Pentest report 01.2017)
Sec 3378 / CVE-2017-6451 / VU#325339: NTP-01-003 Improper use of snprintf() in mx4200_send() (Pentest report 01.2017)
Sec 3377 / CVE-2017-6460 / VU#325339: NTP-01-002 Buffer Overflow in ntpq when fetching reslist (Pentest report 01.2017)
Sec 3376: NTP-01-001 Makefile does not enforce Security Flags (Pentest report 01.2017)
Sec 3361 / CVE-2016-9042 / VU#325339: 0rigin
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
meta-networking
===============
This layer is intended to be a central point for networking-related
packages and configuration. It should be useful directly on top of
oe-core and compliments meta-openembedded. It should be primarily useful
to the following groups:
- Anyone building a small networking device (eg. a home router /
bridge / switch).
- Anyone wanting to add network services to their device (eg.
anything that might benefit from a small ftp/tftp server)
Dependencies
------------
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git
branch: master
revision: HEAD
For some recipes, the meta-oe layer is required:
URI: git://github.com/openembedded/meta-openembedded.git
subdirectory: meta-oe
branch: master
revision: HEAD
URI: git://github.com/openembedded/meta-openembedded.git
subdirectory: meta-python
branch: master
revision: HEAD
Maintenance
-----------
Please see the MAINTAINERS file for information on contacting the
maintainers of this layer, as well as instructions for submitting patches.