[chrony-users] chrony-2.0-pre2 released (security)

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]

The second prerelease for chrony-2.0 is now available. It includes the
three security fixes from 1.31.1, and also some new bug fixes and

The sources can be downloaded here:

MD5 and SHA1 sums:
0b41c021c5efe1ee7b8870d6e2b6b625  chrony-2.0-pre2.tar.gz
878bfdfd1fcde62126b8d23d38326ae0623454ff  chrony-2.0-pre2.tar.gz

Changes since version 2.0-pre1:

Security fixes
* Protect authenticated symmetric NTP associations against DoS attacks
* Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821)
* Fix initialization of reply slots for authenticated commands (CVE-2015-1822)

* Add leapsecmode directive to select how to correct clock for leap second
* Add smoothtime directive to smooth served time and enable leap smear
* Change default maxdelay to 3 seconds

Bug fixes
* Add sanity checks for time and frequency offset
* Don't report synchronised status during leap second
* Fix initial fallback drift setting
* Fix maxdelayratio option
* Start default refclock reference ID numbering at zero

Miroslav Lichvar

Attachment: pgp1cmciPmpeT.pgp
Description: PGP signature

Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/