|
|
| Problem Description |
When starting xntpd with the -u option and specifying the group
by using a string not a numeric gid the daemon uses the gid of
the user not the group.
The updated packages have been patched to correct this problem.
| Updated Packages |
Mandriva Linux LE2005
f8c40868f356423814da1ed1c96fa467 10.2/RPMS/ntp-4.2.0-18.1.102mdk.i586.rpm bbfded59532b51fb226f4a1d770b17ad 10.2/RPMS/ntp-client-4.2.0-18.1.102mdk.i586.rpm fa12c82a51e78230bedfb1b60bfd2076 10.2/SRPMS/ntp-4.2.0-18.1.102mdk.src.rpm
Mandriva Linux LE2005/X86_64
11d77745e05f559a9e3fa1beb2b19187 x86_64/10.2/RPMS/ntp-4.2.0-18.1.102mdk.x86_64.rpm c64b3db1d415c80e76fab18066ef05ef x86_64/10.2/RPMS/ntp-client-4.2.0-18.1.102mdk.x86_64.rpm fa12c82a51e78230bedfb1b60bfd2076 x86_64/10.2/SRPMS/ntp-4.2.0-18.1.102mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2496
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.