Product Bulletins

Network Security Bulletins
Field Service Bulletins
Leap Second Bulletins
Product Phaseout Bulletins

Bulletin	Summary
240228 Feb 28, 2024	Security Vulnerability Announcements re: c_rehash script CVE-2022-1292 CVE-2022-2068 EndRun products are not vulnerable.
180606 Aug 3, 2018	February 2018 NTP Security Vulnerability Announcement The NTP Project announced a list of vulnerabilities. EndRun Time Servers may be affected if you use peering, Stratum 2 or interleave mode. This bulletin also has recommendations for securing your NTP clients.
180104 Jan 4, 2018	January 2018 Meltdown and Spectre Vulnerabilities The Google Project Zero team announced three cpu vulnerabilities. EndRun's Sonoma, Meridian II, Tycho II, RTM3205 and Distribution Chassis products are not affected.
170328 Mar 28, 2017	March 2017 NTP Security Vulnerability Announcement The NTP Project announced a list of vulnerabilities. EndRun Time Servers may be affected if you use peering or Stratum 2. This bulletin also has recommendations for securing your NTP clients.
161205 Dec 5, 2016	November 2016 NTP Security Vulnerability Announcement The NTP Project announced a list of vulnerabilities. EndRun Time Servers may be affected if you changed the factory configuration to allow remote control, peering, traps, or rate limiting.
160606 Jun 6, 2016	June 2016 NTP Security Vulnerability Announcement The NTP Project announced a list of vulnerabilities. EndRun Time Servers may be affected if you use peering or Stratum 2. This bulletin also has recommendations for securing your NTP clients.
160321 Mar 21, 2016	GNU glibc Vulnerability to Crafted DNS Responses CVE-2015-7547. EndRun's Sonoma, Meridian II, Tycho II, and Distribution Chassis are unaffected. Legacy products are vulnerable.
151026 Oct 26, 2015	October 2015 NTP Security Vulnerability Announcement The NTP Project announced a list of vulnerabilities. EndRun Time Servers may be affected if you use peering or Stratum 2. This bulletin also has recommendations for securing your NTP clients.
150414 Apr 14, 2015	NTP Client/Peering Vulnerabilities CVE-2015-1798, 1799 EndRun Time Servers may be affected if you use peering.
150130 Jan 30, 2015	Linux Ghost Vulnerability CVE-2015-0235 EndRun products are affected.
141222 Dec 22, 2014	NTP Remote Query and Crypto Vulnerabilities CVE-2014-9293, 9294, 9295, 9296 EndRun Time Servers are affected.
140926 Sep 26, 2014	Linux Bash Shellshock Vulnerability CVE-2014-6271, 6277, 6278, 7169 Most EndRun products are affected. See Security Bulletin for details.
140409 Apr 9, 2014	OpenSSL Heartbleed Vulnerability CVE-2014-0160 EndRun products are NOT affected.
140110 Jan 10, 2014	NTP Monlist Vulnerability CVE-2013-5211 Some EndRun products are vulnerable.

Bulletin	Summary
220531 Jun 19, 2022	CDMA-Synchronized: Sonoma, Tempus LX, Meridian, Unison, Tempus Cntp, Praecis Cntp, Praecis. CDMA Base Stations throughout the U.S. are being repurposed, resulting in loss of timing synchronization signal for products listed above.
180427 Apr 27, 2018	GPS-Synchronized: Sonoma, Tempus LX, Unison, Meridian, Tycho, RTM3204, Tempus Gntp, Praecis Gntp, Praecis Gfr GPS week rollover event on April 7, 2019. Note: Meridian II, Tycho II, RTM3205 are unaffected by this event. Sonoma shipped after June 2017 is also unaffected.
160218 Feb 18, 2016	Tempus LX, Unison, Meridian, Tycho, RTM3204, Praecis Gntp, Tempus Gntp (GPS-Synchronized) Time fault alarm due to improper GPS receiver week rollover at 00:00:00 UTC February 14, 2016.
160126 Jan 26, 2016	Sonoma, Tempus LX, Unison, Meridian, Tycho (GPS-Synchronized) Potential 13-microsecond offset due to GPS system anomaly.
151026 Oct 26, 2015	Sonoma, Tempus LX, Unison, Meridian, Meridian II, Tycho II NTP Vulnerabilities identified by the NTP Project.
141222-01 Dec 22, 2014	Sonoma NTP Vulnerability: ntpq, ntpdc, crypto.
141222-02 Dec 22, 2014	Tempus LX, Meridian, Unison NTP Vulnerability: ntpq, ntpdc, crypto.
141222-03 Dec 22, 2014	Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp NTP Vulnerability: ntpq, ntpdc, crypto.
140926-01 Sep 26, 2014	Sonoma Shellshock Vulnerability.
140926-02 Sep 26, 2014	Tempus LX, Meridian, Unison, Tycho Shellshock Vulnerability.
140926-03 Sep 26, 2014	Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp Shellshock Vulnerability.
140110-01 Jan 10, 2014	Sonoma NTP Vulnerability: monlist, ntpq, ntpdc.
140110-02 Jan 10, 2014	Tempus LX, Meridian, Unison NTP Vulnerability: monlist, ntpq, ntpdc.
140110-03 Jan 10, 2014	Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp NTP Vulnerability: monlist, ntpq, ntpdc.
131216 Dec 16, 2013	Sonoma SNMP MIB correction.
130930 Sep 30, 2013	Tempus LX, Meridian, Unison, Tycho IPv6 syslog-ng memory usage.
110825-01 Aug 25, 2011	Praecis II CDMA carrier in South Korea changed frequencies.
110825-02 Aug 25, 2011	Praecis Ce, Praecis Cf, Praecis Ct CDMA carrier in South Korea changed frequencies.
110825-03 Aug 25, 2011	Tempus LX and Unison (CDMA only) CDMA carrier in South Korea changed frequencies.
100118 Jan 18, 2010	Tempus LX, Unison, Meridian, Tycho, RTM3204 (GPS only) Operation without GPS Antenna connected for long periods.
100105-01 Jan 5, 2010	Tempus LX, Unison, Meridian, Tycho, RTM3204 Unprivileged user log-in expired.
100105-02 Jan 5, 2010	Praecis Cntp, Praecis Gntp, Tempus Cntp, Tempus Gntp Unprivileged user log-in expired.
071030 Nov 1, 2007	Tempus LX, Meridian (with Rubidium Oscillators only) Some product covers need replacement.

Bulletin	Summary
170101 Jan 1, 2017	Sonoma, Meridian II, Tycho II, Tempus LX, Unison, Meridian, Tycho, Praecis
160707 Jul 7, 2016	Sonoma, Meridian II, Tycho II, Tempus LX, Unison, Meridian, Tycho, Praecis
150701 Jul 1, 2015	Sonoma, Tempus LX, Unison, Meridian, Tycho, Praecis
150106 Jan 6, 2015	Sonoma, Tempus LX, Unison, Meridian, Tycho, Praecis

Bulletin	Summary
201228 Jan 14, 2021	CDMA-Synchronized Sonoma Time Server
200228 Feb 28, 2020	Praecis II CDMA Timing Module
190206 Jan 24, 2019	Distribution Chassis: FDC3300, PDC3301, FDC3302, TDC3303
150608 Jun 8, 2015	Meridian CDMA Frequency Reference Tycho CDMA Frequency Reference
150223 Feb 23, 2015	Tycho GPS Frequency Reference
150219 Feb 19, 2015	Meridian Precision GPS TimeBase
141215 Dec 15, 2014	RTM3204 GPS Timing Module
130920 Sep 20, 2013	Unison Network Time Server
130603 Jun 3, 2013	Tempus LX Network Time Server

HEADQUARTERS

EndRun Technologies
2270 Northpoint Parkway
Santa Rosa, California 95407
U.S.A.

HOURS

7 am to 4 pm Pacific Time

CONTACT

Phone: 1-877-749-3878 (U.S. & Canada)
or +1 707-573-8633

Fax: 707-573-8619

Email:
sales@endruntechnologies.com
support@endruntechnologies.com
info@endruntechnologies.com