Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 600430 (CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9311, CVE-2016-9312)

Summary: <net-misc/ntp-4.2.8_p9: Multiple vulnerabilities (CVE-2016-{7426,7427,7429,7428,7431,7434,7433,9310,9311,9312})
Product: Gentoo Security Reporter: Jeremy Banks <Korethr>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: base-system, bertrand, Korethr
Priority: Normal Flags: kensington: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa cve]
Package list:
=net-misc/ntp-4.2.8_p9
 Runtime testing required: ---

Description Jeremy Banks 2016-11-21 20:17:12 UTC 
ntp.org has a new release which fixes multiple vulnerabilities present in previous versions.[1]

1. http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2016-11-21 21:11:28 UTC 
commit 66e3c190a8b2905ee2868e86f9c62e123826213c
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Mon Nov 21 22:09:19 2016

    net-misc/ntp: Security bump to version 4.2.8_p9 (bug #600430).

    Package-Manager: portage-2.3.2
Comment 2 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2016-11-21 21:12:45 UTC 
Arches please test and mark stable =net-misc/ntp-4.2.8_p9 with target KEYWORDS:

alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux ~m68k-mint
Comment 3 Agostino Sarubbo gentoo-dev 2016-11-22 11:31:50 UTC 
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2016-11-22 11:33:07 UTC 
x86 stable
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2016-11-23 09:21:17 UTC 
Stable on alpha.
Comment 6 Markus Meier gentoo-dev 2016-11-29 17:46:33 UTC 
arm stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-12-19 14:40:31 UTC 
sparc stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-12-19 15:16:54 UTC 
ia64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-12-20 09:49:52 UTC 
ppc stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-12-22 09:38:18 UTC 
ppc64 stable
Comment 11 Aaron Bauman (RETIRED) gentoo-dev 2017-01-02 07:34:58 UTC 
hppa ping
Comment 12 Jeroen Roovers (RETIRED) gentoo-dev 2017-01-10 09:53:03 UTC 
Stable for HPPA.
Comment 13 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-10 14:30:58 UTC 
GLSA Vote: No


@ Maintainer(s): Please cleanup and drop =net-misc/ntp-4.2.8_p8!
Comment 14 Aaron Bauman (RETIRED) gentoo-dev 2017-01-24 07:46:06 UTC 
https://github.com/gentoo/gentoo/pull/3617
Comment 15 Aaron Bauman (RETIRED) gentoo-dev 2017-01-28 01:07:51 UTC 
Tree is clean.