[Git][NTPsec/ntpsec][master] NEWS: Add re-resolutiuon of CVE-2014-9295 in 2017.

Gary E. Miller gitlab at mg.gitlab.com
Thu Aug 29 03:26:47 UTC 2019



Gary E. Miller pushed to branch master at NTPsec / ntpsec


Commits:
f6815ab8 by Gary E. Miller at 2019-08-29T03:25:38Z
NEWS: Add re-resolutiuon of CVE-2014-9295 in 2017.

- - - - -


1 changed file:

- NEWS


Changes:

=====================================
NEWS
=====================================
@@ -194,6 +194,11 @@ CVE-2017-6463: Authenticated DoS via Malicious Config Option
 CVE-2017-6458: Potential Overflows in ctl_put() functions
 CVE-2017-6451: Improper use of snprintf() in mx4200_send()
 
+A Pentest report by Cure53 noted that a previously fixed CVE had been
+reintroduced into the code.  This was resolved, again.
+
+CVE-2014-9295: Multiple stack-based buffer overflows in ntpd
+
 The following CVEs, announced simultaneously, affected NTP Classic but
 not NTPsec, because we had already removed the attack surface:
 



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/f6815ab88b4c9d0e0e2096661dd8fd2ae992ca69

-- 
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/f6815ab88b4c9d0e0e2096661dd8fd2ae992ca69
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20190829/98c6bf61/attachment.htm>


More information about the vc mailing list