SECURITY: Fedora 32 Update: chrony-3.5.1-1.fc32
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-7aa962c55e
2020-08-23 01:03:15.733914
--------------------------------------------------------------------------------
Name : chrony
Product : Fedora 32
Version : 3.5.1
Release : 1.fc32
URL : https://chrony.tuxfamily.org
Summary : An NTP client/server
Description :
chrony is a versatile implementation of the Network Time Protocol (NTP).
It can synchronise the system clock with NTP servers, reference clocks
(e.g. GPS receiver), and manual input using wristwatch and keyboard. It
can also operate as an NTPv4 (RFC 5905) server and peer to provide a time
service to other computers in the network.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2020-14367
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 20 2020 Miroslav Lichvar 3.5.1-1
- update to 3.5.1 (CVE-2020-14367)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1870298 - CVE-2020-14367 chrony: Insecure writing to PID file
https://bugzilla.redhat.com/show_bug.cgi?id=1870298
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-7aa962c55e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
A chrony security update has been released for Fedora 32.