[chrony-users] chrony-2.0-pre2 released (security)

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


The second prerelease for chrony-2.0 is now available. It includes the
three security fixes from 1.31.1, and also some new bug fixes and
improvements.

The sources can be downloaded here:
http://download.tuxfamily.org/chrony/chrony-2.0-pre2.tar.gz

MD5 and SHA1 sums:
0b41c021c5efe1ee7b8870d6e2b6b625  chrony-2.0-pre2.tar.gz
878bfdfd1fcde62126b8d23d38326ae0623454ff  chrony-2.0-pre2.tar.gz

Changes since version 2.0-pre1:

Security fixes
--------------
* Protect authenticated symmetric NTP associations against DoS attacks
  (CVE-2015-1799)
* Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821)
* Fix initialization of reply slots for authenticated commands (CVE-2015-1822)

Enhancements
------------
* Add leapsecmode directive to select how to correct clock for leap second
* Add smoothtime directive to smooth served time and enable leap smear
* Change default maxdelay to 3 seconds

Bug fixes
---------
* Add sanity checks for time and frequency offset
* Don't report synchronised status during leap second
* Fix initial fallback drift setting
* Fix maxdelayratio option
* Start default refclock reference ID numbering at zero

-- 
Miroslav Lichvar

Attachment: pgp1cmciPmpeT.pgp
Description: PGP signature



Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/