Back to bug 1299442
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Martin Prpič | 2016-01-18 11:53:33 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-18 11:53:33 UTC | Doc Type | --- | Bug Fix |
| Martin Prpič | 2016-01-18 11:53:43 UTC | Blocks | 1297474 | |
| Martin Prpič | 2016-01-18 12:21:39 UTC | Whiteboard | impact=important,public=no,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,fedora-all/ntp=affected,rhel-5/ntp=affected,rhel-6/ntp=affected,rhel-7/ntp=affected | impact=important,public=no,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,fedora-all/ntp=affected,rhel-5/ntp=notaffected,rhel-6/ntp=affected,rhel-7/ntp=affected |
| Martin Prpič | 2016-01-18 12:23:27 UTC | Depends On | 1299457 | |
| Martin Prpič | 2016-01-18 12:23:32 UTC | Depends On | 1299458 | |
| Martin Prpič | 2016-01-18 12:23:41 UTC | Depends On | 1299459 | |
| Martin Prpič | 2016-01-18 12:23:46 UTC | Depends On | 1299460 | |
| Martin Prpič | 2016-01-20 11:45:35 UTC | Whiteboard | impact=important,public=no,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,fedora-all/ntp=affected,rhel-5/ntp=notaffected,rhel-6/ntp=affected,rhel-7/ntp=affected | impact=important,public=20160120,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,fedora-all/ntp=affected,rhel-5/ntp=notaffected,rhel-6/ntp=affected,rhel-7/ntp=affected |
| Martin Prpič | 2016-01-20 11:45:37 UTC | Summary | EMBARGOED CVE-2015-8138 ntp: missing check for zero originate timestamp | CVE-2015-8138 ntp: missing check for zero originate timestamp |
| Martin Prpič | 2016-01-20 11:45:40 UTC | Group | security, qe_staff | |
| Martin Prpič | 2016-01-20 12:01:23 UTC | Depends On | 1300277 | |
| Slawomir Czarko | 2016-01-21 07:27:46 UTC | CC | slawomir | |
| Salvatore Bonaccorso | 2016-01-21 21:31:45 UTC | CC | carnil | |
| Norman Sardella | 2016-01-22 13:03:30 UTC | CC | sardella | |
| Martin Prpič | 2016-01-25 11:08:02 UTC | Doc Text | It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. | |
| Martin Prpič | 2016-01-25 12:55:25 UTC | Whiteboard | impact=important,public=20160120,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,fedora-all/ntp=affected,rhel-5/ntp=notaffected,rhel-6/ntp=affected,rhel-7/ntp=affected | impact=important,public=20160120,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,cwe=CWE-294,fedora-all/ntp=affected,rhel-5/ntp=notaffected,rhel-6/ntp=affected,rhel-7/ntp=affected |
| Martin Prpič | 2016-01-25 13:51:33 UTC | Status | NEW | CLOSED |
| Resolution | --- | CURRENTRELEASE | ||
| Last Closed | 2016-01-25 08:51:33 UTC | |||
| Tomas Hoger | 2016-01-25 14:08:49 UTC | Resolution | CURRENTRELEASE | ERRATA |
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=important,public=20160120,reported=20160115,source=redhat,cvss2=6.4/AV:N/AC:L/Au:N/C:N/I:P/A:P,cwe=CWE-294,fedora-all/ntp=affected,rhel-5/ntp=notaffected,rhel-6/ntp=affected,rhel-7/ntp=affected |
Back to bug 1299442