Product Bulletins
Network Security, Field Service, Leap Second and Product Phaseout Bulletins


Network Security Bulletins
Network Security Bulletin
Date
Description
170328
Mar 28, 2017
March 2017 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering or Stratum 2.  See Security Bulletin for details.  This bulletin also has recommendations for securing your NTP clients.
161205
Dec 5, 2016
November 2016 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you changed the factory configuration to allow remote control, peering, traps, or rate limiting.  See Security Bulletin for details. 
160606
June 6, 2016
June 2016 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering or Stratum 2.  See Security Bulletin for details.  This bulletin also has recommendations for securing your NTP clients.
160321
Mar 21, 2016
GNU glibc Vulnerability to Crafted DNS Responses
CVE-2015-7547.
EndRun's Sonoma, Meridian II, Tycho II, and Distribution Chassis are unaffected.  Legacy products are vulnerable.  See Security Bulletin for details. 
151026
Oct 26, 2015
October 2015 NTP Security Vulnerability Announcement
The NTP Project announced a list of vulnerabilities.
EndRun Time Servers may be affected if you use peering or Stratum 2.  See Security Bulletin for details.  This bulletin also has recommendations for securing your NTP clients.
150414
Apr 14, 2015
NTP Client/Peering Vulnerabilities
CVE-2015-1798, 1799
EndRun Time Servers may be affected if you use peering.  See Security Bulletin for details.
150130
Jan 30, 2015
Linux Ghost Vulnerability
CVE-2015-0235
EndRun products are affected.  See Security Bulletin for details.
141222
Dec 22, 2014
NTP Remote Query and Crypto Vulnerabilities
CVE-2014-9293, 9294, 9295, 9296
EndRun Time Servers are affected.  See Security Bulletin for details.
140926
Sep 26, 2014
Linux Bash Shellshock Vulnerability
CVE-2014-6271, 6277, 6278, 7169
EndRun products are affected.  See Security Bulletin for details.
140409
Apr 9, 2014
OpenSSL Heartbleed Vulnerability
CVE-2014-0160
EndRun products are NOT affected.  See Security Bulletin for details.
140110
Jan 10, 2014
NTP Monlist Vulnerability
CVE-2013-5211
Some EndRun products are vulnerable.  See Security Bulletin for details.



Field Service Bulletins
Field Service Bulletin
Date
Description
160218
Feb 18, 2016
Tempus LX, Unison, Meridian, Tycho, RTM3204,
Praecis Gntp, Tempus Gntp (GPS-Synchronized)

Time fault alarm due to improper GPS receiver week rollover at 00:00:00 UTC February 14, 2016.
160126
Jan 26, 2016
Sonoma, Tempus LX, Unison, Meridian, Tycho
(GPS-Synchronized)

Potential 13-microsecond offset due to GPS system anomaly.
151026
Oct 26, 2015
Sonoma, Tempus LX, Unison, Meridian,
Meridian II, Tycho II

NTP Vulnerabilities identified by the NTP Project.
141222-01
Dec 22, 2014
Sonoma
NTP Vulnerability: ntpq, ntpdc, crypto.
141222-02
Dec 22, 2014
Tempus LX, Meridian, Unison
NTP Vulnerability: ntpq, ntpdc, crypto.
141222-03
Dec 22, 2014
Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp
NTP Vulnerability: ntpq, ntpdc, crypto.
140926-01
Sep 26, 2014
Sonoma
Shellshock Vulnerability.
140926-02
Sep 26, 2014
Tempus LX, Meridian, Unison, Tycho
Shellshock Vulnerability.
140926-03
Sep 26, 2014
Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp
Shellshock Vulnerability.
140110-01
Jan 10, 2014
Sonoma
NTP Vulnerability: monlist, ntpq, ntpdc.
140110-02
Jan 10, 2014
Tempus LX, Meridian, Unison
NTP Vulnerability: monlist, ntpq, ntpdc.
140110-03
Jan 10, 2014
Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp
NTP Vulnerability: monlist, ntpq, ntpdc.
131216
Dec 16, 2013
Sonoma
SNMP MIB correction.
130930
Sep 30, 2013
Tempus LX, Meridian, Unison, Tycho
IPv6 syslog-ng memory usage.
110825-01
Aug 25, 2011
Praecis II
CDMA carrier in South Korea changed frequencies.
110825-02
Aug 25, 2011
Praecis Ce, Praecis Cf, Praecis Ct
CDMA carrier in South Korea changed frequencies.
110825-03
Aug 25, 2011
Tempus LX and Unison (CDMA only)
CDMA carrier in South Korea changed frequencies.
100118
Jan 18, 2010
Tempus LX, Unison, Meridian, Tycho, RTM3204 (GPS only)
Operation without GPS Antenna connected for long periods.
100105-01
Jan 5, 2010
Tempus LX, Unison, Meridian, Tycho, RTM3204
Unprivileged user log-in expired.
100105-02
Jan 5, 2010
Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp
Unprivileged user log-in expired.
071030
Nov 1, 2007
Tempus LX, Meridian (with Rubidium Oscillators only)
Some product covers need replacement.



Leap Second Bulletins
Leap Second Bulletin
Date
Product(s)
170101
Jan 1, 2017
Sonoma, Meridian II, Tycho II, Tempus LX, Unison, Meridian, Tycho, Praecis
160707
Jul 7, 2016
Sonoma, Meridian II, Tycho II, Tempus LX, Unison, Meridian, Tycho, Praecis
150701
Jul 1, 2015
Sonoma, Tempus LX, Unison, Meridian, Tycho, Praecis
150106
Jan 6, 2015
Sonoma, Tempus LX, Unison, Meridian, Tycho, Praecis



Product Phaseout Bulletins
Product Phaseout Bulletin
Date
Product(s)
150608
Jun 8, 2015
Meridian CDMA Frequency Reference
Tycho CDMA Frequency Reference
150223
Feb 23, 2015
Tycho GPS Frequency Reference
150219
Feb 19, 2015
Meridian Precision GPS TimeBase
141215
Dec 15, 2014
RTM3204 GPS Timing Module
130920
Sep 20, 2013
Unison Network Time Server
130603
Jun 3, 2013
Tempus LX Network Time Server

NOTE: If you currently own one of these discontinued products do not worry - we still provide FREE technical support by phone/email for as long as you need it.



Copyright 2005-2015. All rights reserved.Site Map