Описание
ELSA-2015-2241: chrony security, bug fix, and enhancement update (MODERATE)
[2.1.1-1]
- update to 2.1.1 (#1117882)
- add -n option to gzip command to not save timestamp
[2.1-1]
- update to 2.1 (#1117882 #1169353 #1206504 #1209568 CVE-2015-1821 CVE-2015-1822 CVE-2015-1853)
- extend chrony-helper to allow using servers from DNS SRV records (#1211600)
- add servers from DHCP with iburst option by default (#1219492)
- execute test suite
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
chrony
2.1.1-1.el7
Связанные CVE
Связанные уязвимости
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when ...
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.