Ubuntu Pastebin

Paste from kick at Thu, 14 Jan 2016 16:28:18 +0000

Download as text 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
* cfdd2ee - (il y a 5 heures)   [ Cam Cope ]   * Use a single lockfile again - instead unlock the file before starting the     init script. The lock sho uld be shared - both services can't run at the     same time. (LP: #1125726) - kickinz1 (HEAD, tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu9)
* 4182235 - (il y a 5 heures)   * SECURITY UPDATE: symmetric association authentication bypass via     crypto-NAK     - debian/patches/CVE-2015-7871.patch: drop unhandled packet in       ntpd/ntp_proto.c.     - CVE-2015-7871 - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu8.1)
* 3f2142a - (il y a 5 heures)   * SECURITY UPDATE: denial of service via ASSERT in decodenetnum     - debian/patches/CVE-2015-7855.patch: simply return fail in       libntp/decodenetnum.c.     - CVE-2015-7855 - kickinz1
* 38d2eae - (il y a 5 heures)   * SECURITY UPDATE: buffer overflow via custom refclock driver     - debian/patches/CVE-2015-7853.patch: properly calculate length in       ntpd/ntp_io.c.     - CVE-2015-7853 - kickinz1
* ab6efa8 - (il y a 5 heures)   * SECURITY UPDATE: ntpq atoascii memory corruption     - debian/patches/CVE-2015-7852.patch: avoid buffer overrun in       ntpq/ntpq.c.     - CVE-2015-7852 - kickinz1
* 2a2bbc1 - (il y a 5 heures)   * SECURITY UPDATE: denial of service via same logfile and keyfile     - debian/patches/CVE-2015-7850.patch: rate limit errors in       include/ntp_stdlib.h, include/ntp_syslog.h, libntp/authreadkeys.c,       libntp/msyslog.c.     - CVE-2015-7850 - kickinz1
* 9decaa4 - (il y a 5 heures)   * SECURITY UPDATE: denial of service by spoofed KoD     - debian/patches/CVE-2015-7704.patch: add check to ntpd/ntp_proto.c.     - CVE-2015-7704     - CVE-2015-7705 - kickinz1
* de0cc1f - (il y a 5 heures)   * SECURITY UPDATE: file overwrite via remote pidfile and driftfile     configuration directives     - debian/patches/CVE-2015-5196.patch: disable remote configuration in       ntpd/ntp_parser.y.     - CVE-2015-5196     - CVE-2015-7703 - kickinz1
* 863911d - (il y a 5 heures)   * SECURITY UPDATE: memory leak in CRYPTO_ASSOC     - debian/patches/CVE-2015-7701.patch: add missing free in       ntpd/ntp_crypto.c.     - CVE-2015-7701 - kickinz1
* 1fe765a - (il y a 5 heures)   * SECURITY UPDATE: incomplete autokey data packet length checks     - debian/patches/CVE-2015-7691.patch: add length and size checks to       ntpd/ntp_crypto.c.     - CVE-2015-7691     - CVE-2015-7692     - CVE-2015-7702 - kickinz1
* caf579f - (il y a 5 heures)   * SECURITY UPDATE: timeshifting by reboot issue     - debian/patches/CVE-2015-5300.patch: disable panic in       ntpd/ntp_loopfilter.c.     - CVE-2015-5300 - kickinz1
* 1eeac34 - (il y a 5 heures)   * SECURITY UPDATE: denial of service via precision value conversion     - debian/patches/CVE-2015-5219.patch: use ldexp for LOGTOD in       include/ntp.h.     - CVE-2015-5219 - kickinz1
* fca819e - (il y a 5 heures)   * SECURITY UPDATE: denial of service via disabled statistics type     - debian/patches/CVE-2015-5195.patch: handle unrecognized types in       ntpd/ntp_config.c.     - CVE-2015-5195 - kickinz1
* 73ae81f - (il y a 5 heures)   * SECURITY UPDATE: denial of service via malformed logconfig commands     - debian/patches/CVE-2015-5194.patch: fix logconfig logic in       ntpd/ntp_parser.y.     - CVE-2015-5194 - kickinz1
* d45ccf5 - (il y a 5 heures)   * SECURITY UPDATE: denial of service via crafted NUL-byte in     configuration directive     - debian/patches/CVE-2015-5146.patch: properly validate command in       ntpd/ntp_control.c.     - CVE-2015-5146 - kickinz1
* aba5133 - (il y a 5 heures)   * debian/control: add bison to Build-Depends. - kickinz1
* 40394be - (il y a 5 heures)   * debian/rules: remove ntp/ntp_parser.{c,h} or they don't get properly     regenerated for some reason. - kickinz1
* 9f77076 - (il y a 5 heures)   * debian/ntp.init: Don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is     newer - it can get stale. Patch by Simon Déziel. (LP: #1472056) - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu8)
* 5e5c2de - (il y a 5 heures)   * Fix to ignore ENOBUFS on routing netlink socket     - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch       fix logic in ntpd/ntp_io.c - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu7)
* c3ed208 - (il y a 5 heures)   * Fix use-after-free in routing socket code (LP: #1481388)     - debian/patches/use-after-free-in-routing-socket.patch       fix logic in ntpd/ntp_io.c - kickinz1
* 1451cca - (il y a 5 heures)   * SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big     endian platforms     - debian/patches/ntp-keygen-endless-loop.patch: fix logic in       util/ntp-keygen.c.     - CVE number pending - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu6)
* 8462f12 - (il y a 5 heures)   * SECURITY UPDATE: symmetric association DoS attack     - debian/patches/CVE-2015-1799.patch: don't update state variables when       authentication fails in ntpd/ntp_proto.c.     - CVE-2015-1799 - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu5)
* f82428c - (il y a 5 heures)   * SECURITY UPDATE: symmetric key unauthenticated packet MITM attack     - debian/patches/CVE-2015-1798.patch: reject packets without MAC in       ntpd/ntp_proto.c.     - CVE-2015-1798 - kickinz1
* 05ce119 - (il y a 5 heures)   * SECURITY UPDATE: IPv6 ACL bypass     - debian/patches/CVE-2014-9298.patch: check for spoofed ::1 in       ntpd/ntp_io.c.     - CVE-2014-9298 - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu4)
* 838ae22 - (il y a 5 heures)   * SECURITY UPDATE: denial of service and possible info leakage via     extension fields     - debian/patches/CVE-2014-9297.patch: properly check lengths in       ntpd/ntp_crypto.c, ntpd/ntp_proto.c.     - CVE-2014-9297 - kickinz1
* 4dce618 - (il y a 6 heures)   * SECURITY UPDATE: missing return on error in receive()     - debian/patches/CVE-2015-9296.patch: add missing return in       ntpd/ntp_proto.c.     - CVE-2014-9296 - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu3)
* 38da965 - (il y a 6 heures)   * SECURITY UPDATE: buffer overflows in crypto_recv(), ctl_putdata(),     configure()     - debian/patches/CVE-2014-9295.patch: check lengths in       ntpd/ntp_control.c, ntpd/ntp_crypto.c.     - CVE-2014-9295 - kickinz1
* 8dc0316 - (il y a 6 heures)   * SECURITY UPDATE: non-cryptographic random number generator with weak     seed used by ntp-keygen to generate symmetric keys     - debian/patches/CVE-2014-9294.patch: use openssl for random key in       include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c.     - CVE-2014-9294 - kickinz1
* 73e3ac5 - (il y a 6 heures)   * SECURITY UPDATE: weak default key in config_auth()     - debian/patches/CVE-2014-9293.patch: use openssl for random key in       ntpd/ntp_config.c, ntpd/ntpd.c.     - CVE-2014-9293 - kickinz1
* e01d555 - (il y a 6 heures)   * debian/apparmor-profile: fix spurious noisy denials (LP: #1237508) - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu2)
* 712670b - (il y a 7 heures) NEW in changelog   + debian/rules, enable debugging - kickinz1 (tag: reconstruct/1_4.2.6.p5+dfsg-3ubuntu1)
* ad5598c - (il y a 8 heures)     + debian/ntp.conf, debian/ntpdate.default: Change default server to       ntp.ubuntu.com. !!!! Added debian/ntp.dhcp, which rewrite sed rules !!! - kickinz1
* 5b9adf5 - (il y a 8 heures)     + debian/ntpdate.ifup: Stop ntp before running ntpdate when an interface       comes up, then start again afterwards. - kickinz1
* 407ed01 - (il y a 8 heures)     + debian/ntp.init, debian/rules: Only stop when entering single user mode. - kickinz1
* 519bfdd - (il y a 3 heures) EMPTY       - debian/README.Debian: Add note on AppArmor. - kickinz1
* 983cc7e - (il y a 3 heures) EMPTY       - debian/ntp.postrm: Remove the force-complain file. - kickinz1
* d7436ee - (il y a 4 heures)        - debian/rules: install apparmor-profile and apparmor-profile.tunable. - kickinz1
* ff58855 - (il y a 8 heures)       - debian/ntp.dirs: Add apparmor directories. - kickinz1
* 999e3d5 - (il y a 71 minutes)     + debian/apparmor-profile: Adjust location of drift files. - kickinz1
* 7ee286b - (il y a 3 heures) - add debian/apparmor-profile*. - kickinz1
* a605457 - (il y a 8 heures)     + Add enforcing AppArmor profile:       - debian/control: Add Conflicts/Replaces on apparmor-profiles.       - debian/control: Add Suggests on apparmor. - kickinz1
* 8d087ca - (il y a 8 heures)     + debian/{control,rules}: Add and enable hardened build for PIE. - kickinz1
* 80be52e - (il y a 8 heures)     + debian/ntpdate-debian: Disregard empty ntp.conf files. - kickinz1
* a392fe6 - (il y a 8 heures)     + debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation. - kickinz1
* 28f1d4b - (il y a 8 heures)     + debian/ntpdate.if-up: Fix interaction with openntpd. - kickinz1
* 3c4f4a1 - (il y a 3 heures)     + debian/source_ntp.py: Add filter on AppArmor profile names to prevent - kickinz1
* a2dd675 - (il y a 3 heures)     + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. - kickinz1
* 193d57b - (il y a 9 heures)     + debian/rules: Update config.{guess,sub} for AArch64. - kickinz1
| * 04b751c - (il y a 20 heures) Import version 1:4.2.8p4+dfsg-3 - kickinz1 (tag: new/debian, tag: 1_4.2.8p4+dfsg-3, reconstruct/4.2.6.p5+dfsg-3ubuntu9, master)
| * 6a5f535 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu9 - kickinz1 (tag: old/ubuntu, tag: 1_4.2.6.p5+dfsg-3ubuntu9)
| * 755c68e - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu8 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu8)
| * f66211b - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu7 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu7)
| * aad52d7 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu6 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu6)
| * 3a781c3 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu5 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu5)
| * fe141e3 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu4 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu4)
| * 8ad2517 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu3 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu3)
| * 93cee99 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu2 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu2)
| * d7cac54 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3ubuntu1 - kickinz1 (tag: 1_4.2.6.p5+dfsg-3ubuntu1)
|/  
* 51c6dd8 - (il y a 20 heures) Import version 1:4.2.6.p5+dfsg-3 - kickinz1 (tag: old/debian, tag: 1_4.2.6.p5+dfsg-3)
Download as text