[chrony-users] chrony-2.0-pre2 released (security) |
[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]
The second prerelease for chrony-2.0 is now available. It includes the three security fixes from 1.31.1, and also some new bug fixes and improvements. The sources can be downloaded here: http://download.tuxfamily.org/chrony/chrony-2.0-pre2.tar.gz MD5 and SHA1 sums: 0b41c021c5efe1ee7b8870d6e2b6b625 chrony-2.0-pre2.tar.gz 878bfdfd1fcde62126b8d23d38326ae0623454ff chrony-2.0-pre2.tar.gz Changes since version 2.0-pre1: Security fixes -------------- * Protect authenticated symmetric NTP associations against DoS attacks (CVE-2015-1799) * Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821) * Fix initialization of reply slots for authenticated commands (CVE-2015-1822) Enhancements ------------ * Add leapsecmode directive to select how to correct clock for leap second * Add smoothtime directive to smooth served time and enable leap smear * Change default maxdelay to 3 seconds Bug fixes --------- * Add sanity checks for time and frequency offset * Don't report synchronised status during leap second * Fix initial fallback drift setting * Fix maxdelayratio option * Start default refclock reference ID numbering at zero -- Miroslav Lichvar
Attachment:
pgp1cmciPmpeT.pgp
Description: PGP signature
Mail converted by MHonArc 2.6.19+ | http://listengine.tuxfamily.org/ |