You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ntp

Sigurnosni nedostaci programskog paketa ntp

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-04-18 12:16:29.568350

Name : ntp
Product : Fedora 24
Version : 4.2.6p5
Release : 44.fc24
Summary : The NTP daemon and utilities
Description :
The Network Time Protocol (NTP) is used to synchronize a computer’s
time with another reference time source. This package includes ntpd
(a daemon which continuously adjusts system time) and utilities used
to query and configure the ntpd daemon.

Perl scripts ntp-wait and ntptrace are in the ntp-perl package,
ntpdate is in the ntpdate package and sntp is in the sntp package.
The documentation is in the ntp-doc package.

Update Information:

Security fix for CVE-2017-6464 CVE-2017-6462 CVE-2017-6463 CVE-2017-6458

[ 1 ] Bug #1434011 – CVE-2017-6451 ntp: Improper use of snprintf() in mx4200_send()
[ 2 ] Bug #1434005 – CVE-2017-6458 ntp: Potential Overflows in ctl_put() functions
[ 3 ] Bug #1434002 – CVE-2017-6463 ntp: Authenticated DoS via Malicious Config Option
[ 4 ] Bug #1433995 – CVE-2017-6462 ntp: Buffer Overflow in DPTS Clock
[ 5 ] Bug #1433987 – CVE-2017-6464 ntp: Denial of Service via Malformed Config

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade ntp’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorVlatka Misic
Cert idNCERT-REF-2017-04-0087-ADV
More in Preporuke
Sigurnosni nedostatak programskih paketa qemu-kvm i qemu-kvm-rhev

Otkriven je sigurnosni nedostatak u programskim paketima qemu-kvm i qemu-kvm-rhev za operacijski sustav RHEL 7. Otkriveni nedostatak potencijalnim napadačima omogućuje...