12 matches found
CentOS 7 : chrony (CESA-2015:2241)
Updated chrony packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
RedHat Update for chrony RHSA-2015:2241-03
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : chrony (ALAS-2015-539)
As reported upstream : When NTP or cmdmon access was configured from chrony.conf or via authenticated cmdmon with a subnet size that is indivisible by 4 and an address that has nonzero bits in the 4-bit subnet remainder e.g. 192.168.15.0/22 or f000::/3, the new setting was written to an incorrect...
Fedora Update for chrony FEDORA-2015-5809
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : chrony-2.0-0.3.pre2.fc22 (2015-5748)
Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
[SECURITY] [DSA 3222-1] chrony security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3222-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini April 12, 2015 http://www.debian.org/security/faq -...
CVE-2015-1822
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service uninitialized pointer dereference and daemon crash or possibly execute arbitrary code via a large number of...
CVE-2015-1822
Chrony CVE-2015-1822 affects chrony before 1.31.1, where the last “next” pointer is not initialized when saving unacknowledged replies to authenticated command requests. This uninitialized pointer can cause a denial of service (daemon crash) and may allow arbitrary code execution under heavy comm...
Debian DSA-3222-1 : chrony - security update
Miroslav Lichvar of Red Hat discovered multiple vulnerabilities in chrony, an alternative NTP client and server : - CVE-2015-1821 Using particular address/subnet pairs when configuring access control would cause an invalid memory write. This could allow attackers to cause a denial of service cras...
[SECURITY] [DSA 3222-1] chrony security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3222-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini April 12, 2015 http://www.debian.org/security/faq -...
DSA-3222-1 chrony - security update
Bulletin has no description...
DLA-193-1 chrony - security update
Bulletin has no description...