Package: chrony Severity: important Hi,
the following vulnerabilities were published for chrony. CVE-2012-4502[0]: Buffer overflow when processing crafted command packets CVE-2012-4503[1]: Uninitialized data in command replies Upstream commits fixing these issues are at [2] and [3]. See also [4]. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2012-4502 [1] http://security-tracker.debian.org/tracker/CVE-2012-4503 [2] http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=commitdiff;h=7712455d9aa33d0db0945effaa07e900b85987b1 [3] http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=commitdiff;h=c6fdeeb6bb0b17dc28c19ae492c4a1c498e54ea3 [4] http://permalink.gmane.org/gmane.comp.time.chrony.announce/15 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
