Oracle Linux 6265 Published by

A ntp security update has been released for Oracle Linux 7.



El-errata: ELSA-2020-2663 Moderate: Oracle Linux 7 ntp security update


Oracle Linux Security Advisory ELSA-2020-2663

  http://linux.oracle.com/errata/ELSA-2020-2663.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ntp-4.2.6p5-29.0.1.el7_8.2.x86_64.rpm
ntp-doc-4.2.6p5-29.0.1.el7_8.2.noarch.rpm
ntp-perl-4.2.6p5-29.0.1.el7_8.2.noarch.rpm
ntpdate-4.2.6p5-29.0.1.el7_8.2.x86_64.rpm
sntp-4.2.6p5-29.0.1.el7_8.2.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/ntp-4.2.6p5-29.0.1.el7_8.2.src.rpm


Description of changes:

[4.2.6p5-29.0.1]
- Bump release to avoid ULN conflict with Oracle modified errata.

[4.2.6p5-29.el7_8.2]
- don't update transmission time on invalid response (CVE-2020-11868)
- randomize transmit timestamp in client requests (CVE-?, #1813787)