Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Pullup ticket #4660 - requested by hannken
net/chrony: security update
Revisions pulled up:
- net/chrony/Makefile 1.30
- net/chrony/distinfo 1.10
- net/chrony/patches/patch-Makefile.in 1.1
- net/chrony/patches/patch-aa deleted
- net/chrony/patches/patch-ab deleted
- net/chrony/patches/patch-ac deleted
- net/chrony/patches/patch-ad deleted
- net/chrony/patches/patch-ae deleted
- net/chrony/patches/patch-af deleted
- net/chrony/patches/patch-ag deleted
- net/chrony/patches/patch-conf.c 1.1
- net/chrony/patches/patch-examples_chrony.conf.example 1.1
- net/chrony/patches/patch-examples_chrony.keys.example 1.1
- net/chrony/patches/patch-ntp__io.c 1.2
---
Module Name: pkgsrc
Committed By: hannken
Date: Mon Apr 13 10:03:21 UTC 2015
Modified Files:
pkgsrc/net/chrony: Makefile distinfo
pkgsrc/net/chrony/patches: patch-ntp__io.c
Added Files:
pkgsrc/net/chrony/patches: patch-Makefile.in patch-conf.c
patch-examples_chrony.conf.example
patch-examples_chrony.keys.example
Removed Files:
pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae
patch-af patch-ag
Log Message:
Update chrony to version 1.31.1. For a full list of changes
since 1.29 see file NEWS in the distfile.
Security fixes since 1.29:
* Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021)
(incompatible with previous protocol version, chronyc supports both)
* Protect authenticated symmetric NTP associations against DoS attacks
(CVE-2015-1799)
* Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821)
* Fix initialization of reply slots for authenticated commands (CVE-2015-1822)