Format: 1.8
Date: Sat, 20 Dec 2014 06:31:53 -0500
Source: ntp
Binary: ntp ntpdate ntp-doc
Architecture: sparc
Version: 1:4.2.4p8+dfsg-1ubuntu2.2
Distribution: lucid
Urgency: medium
Maintainer: Ubuntu/sparc Build Daemon <buildd@artigas.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 ntp        - Network Time Protocol daemon and utility programs
 ntp-doc    - Network Time Protocol documentation
 ntpdate    - client for setting system time from NTP servers
Changes: 
 ntp (1:4.2.4p8+dfsg-1ubuntu2.2) lucid-security; urgency=medium
 .
   * SECURITY UPDATE: weak default key in config_auth()
     - debian/patches/CVE-2014-9293.patch: use openssl for random key in
       ntpd/ntp_config.c, ntpd/ntpd.c.
     - CVE-2014-9293
   * SECURITY UPDATE: non-cryptographic random number generator with weak
     seed used by ntp-keygen to generate symmetric keys
     - debian/patches/CVE-2014-9294.patch: use openssl for random key in
       include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c.
     - CVE-2014-9294
   * SECURITY UPDATE: buffer overflows in crypto_recv() and ctl_putdata()
     - debian/patches/CVE-2014-9295.patch: check lengths in
       ntpd/ntp_control.c, ntpd/ntp_crypto.c.
     - CVE-2014-9295
Checksums-Sha1: 
 86622da7f0c70afb01a1a06252297d0754904f04 549268 ntp_4.2.4p8+dfsg-1ubuntu2.2_sparc.deb
 ce0b2d58f07a9241f9c1483202f76b7027849d96 70914 ntpdate_4.2.4p8+dfsg-1ubuntu2.2_sparc.deb
Checksums-Sha256: 
 f9b28d77f59fd21dc90877fa9b2abf7a9ddf55fcfd47aaa9d5990899eeb57cbf 549268 ntp_4.2.4p8+dfsg-1ubuntu2.2_sparc.deb
 fa182398f3fc6177948c093f7f31eb76f20124de3d9fe1041320c6858de634f2 70914 ntpdate_4.2.4p8+dfsg-1ubuntu2.2_sparc.deb
Files: 
 84b2a335e61032fe7ee46755ec347875 549268 net optional ntp_4.2.4p8+dfsg-1ubuntu2.2_sparc.deb
 c5a3b1487e04e50660c11c978a360f46 70914 net optional ntpdate_4.2.4p8+dfsg-1ubuntu2.2_sparc.deb
Original-Maintainer: Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>