CVE-2016-1548 / CVE-2016-1549 / CVE-2016-1550 / CVE-2016-2518 (ntp)

buahho · Post by **buahho** » 2016/05/16 13:43:50

There is no information about these CVEs but Red Hat has published that ntp-4.2.6p5-40 has been pushed to stable repository.

The information is contained in the following link: https://bugzilla.redhat.com/show_bug.cgi?id=1332160

If it's fixed in RHEL and they have released it then it should also be fixed in CentOS.

Could you give me more information about the update?

Thanks.

Post by **TrevorH** » 2016/05/16 14:29:26

They're not fixed in RHEL yet.

https://access.redhat.com/security/cve/CVE-2016-2518
https://access.redhat.com/security/cve/CVE-2016-1548
https://access.redhat.com/security/cve/CVE-2016-1549
https://access.redhat.com/security/cve/CVE-2016-1550
https://access.redhat.com/solutions/2300641

buahho · Post by **buahho** » 2016/05/18 07:15:27

OK, I see. It's solved in Fedora.

How long could take to RedHat solving these issues and then CentOS incorporate to it?

Thanks at all.

Post by **TrevorH** » 2016/05/18 10:59:06

That's a question for Redhat I'm afraid. No-one in the CentOS space knows what Redhat may or may not do until they've done it and published the fix. Since the highest severity there is 'moderate' I suspect that it's not right at the top of the pile in any case.

CentOS

CVE-2016-1548 / CVE-2016-1549 / CVE-2016-1550 / CVE-2016-2518 (ntp)

CVE-2016-1548 / CVE-2016-1549 / CVE-2016-1550 / CVE-2016-2518 (ntp)

Re: CVE-2016-1548 / CVE-2016-1549 / CVE-2016-1550 / CVE-2016-2518 (ntp)

Re: CVE-2016-1548 / CVE-2016-1549 / CVE-2016-1550 / CVE-2016-2518 (ntp)

Re: CVE-2016-1548 / CVE-2016-1549 / CVE-2016-1550 / CVE-2016-2518 (ntp)