rpms/ntp/devel ntp-4.2.4p6-ntpqsprintf.patch, NONE, 1.1 ntp-4.2.4p5-sleep.patch, 1.1, 1.2 ntp.dhclient, 1.1, 1.2 ntp.spec, 1.87, 1.88 ntpd.init, 1.27, 1.28
Miroslav Lichvar
mlichvar at fedoraproject.org
Mon Apr 20 11:44:56 UTC 2009
Author: mlichvar
Update of /cvs/pkgs/rpms/ntp/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19218
Modified Files:
ntp-4.2.4p5-sleep.patch ntp.dhclient ntp.spec ntpd.init
Added Files:
ntp-4.2.4p6-ntpqsprintf.patch
Log Message:
- don't restart ntpd in dhclient script with every renewal
- fix buffer overflow in ntpq (#490617)
- check status in condrestart (#481261)
- don't crash when compiled with HAVE_TIMER_CREATE (#486217)
ntp-4.2.4p6-ntpqsprintf.patch:
--- NEW FILE ntp-4.2.4p6-ntpqsprintf.patch ---
#### ChangeSet ####
2009-04-09 04:13:41-04:00, stenn at whimsy.udel.edu
[Sec 1144] limited buffer overflow in ntpq. CVE-2009-0159
==== ntpq/ntpq.c ====
2009-04-09 04:13:30-04:00, stenn at whimsy.udel.edu +2 -2
[Sec 1144] limited buffer overflow in ntpq. CVE-2009-0159
--- 1.65/ntpq/ntpq.c 2006-07-26 00:55:41 -07:00
+++ 1.66/ntpq/ntpq.c 2009-04-09 01:13:30 -07:00
@@ -3185,9 +3185,9 @@ cookedprint(
if (!decodeuint(value, &uval))
output_raw = '?';
else {
- char b[10];
+ char b[12];
- (void) sprintf(b, "%03lo", uval);
+ (void) snprintf(b, sizeof b, "%03lo", uval);
output(fp, name, b);
}
break;
ntp-4.2.4p5-sleep.patch:
Index: ntp-4.2.4p5-sleep.patch
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/devel/ntp-4.2.4p5-sleep.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ntp-4.2.4p5-sleep.patch 29 Aug 2008 08:26:04 -0000 1.1
+++ ntp-4.2.4p5-sleep.patch 20 Apr 2009 11:44:54 -0000 1.2
@@ -116,24 +116,40 @@
/*
* Stats. Number of overflows and number of calls to transmit().
-@@ -116,6 +117,8 @@ reinit_timer(void)
- itimer.it_interval.tv_nsec = 0;
- timer_settime(ntpd_timerid, 0 /*!TIMER_ABSTIME*/, &itimer, NULL);
- # else
+@@ -99,6 +100,8 @@ static RETSIGTYPE alarming P((int));
+ void
+ reinit_timer(void)
+ {
+ get_systime(&timer_base);
-+ return;
- getitimer(ITIMER_REAL, &itimer);
- if (itimer.it_value.tv_sec < 0 || itimer.it_value.tv_sec > (1<<EVENT_TIMEOUT)) {
- itimer.it_value.tv_sec = (1<<EVENT_TIMEOUT);
-@@ -160,6 +163,8 @@ init_timer(void)
++#if 0
+ #if !defined(SYS_WINNT) && !defined(VMS)
+ # if defined(HAVE_TIMER_CREATE) && defined(HAVE_TIMER_SETTIME)
+ timer_gettime(ntpd_timerid, &itimer);
+@@ -132,6 +135,7 @@ reinit_timer(void)
+ setitimer(ITIMER_REAL, &itimer, (struct itimerval *)0);
+ # endif
+ # endif /* VMS */
++#endif
+ }
+
+ /*
+@@ -159,6 +163,8 @@ init_timer(void)
+ timer_xmtcalls = 0;
timer_timereset = 0;
- #if !defined(SYS_WINNT)
+ get_systime(&timer_base);
-+ return;
++#if 0
+ #if !defined(SYS_WINNT)
/*
* Set up the alarm interrupt. The first comes 2**EVENT_TIMEOUT
- * seconds from now and they continue on every 2**EVENT_TIMEOUT
+@@ -242,6 +248,7 @@ init_timer(void)
+ }
+
+ #endif /* SYS_WINNT */
++#endif
+ }
+
+ #if defined(SYS_WINNT)
@@ -252,6 +257,46 @@ get_timer_handle(void)
}
#endif
Index: ntp.dhclient
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/devel/ntp.dhclient,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ntp.dhclient 14 Jan 2009 17:46:22 -0000 1.1
+++ ntp.dhclient 20 Apr 2009 11:44:54 -0000 1.2
@@ -25,32 +25,35 @@
CONF=/etc/ntp.conf
SAVECONF=${SAVEDIR}/${CONF##*/}.predhclient.${interface}
+ntp_replace_conf() {
+ echo "$1" | diff -q ${CONF} - > /dev/null 2>&1
+ if [ $? -eq 1 ]; then
+ echo "$1" > ${CONF}
+ restorecon ${CONF} >/dev/null 2>&1
+ service ntpd condrestart >/dev/null 2>&1
+ fi
+}
+
ntp_config() {
if [ ! "${PEERNTP}" = "no" ] && [ -n "${new_ntp_servers}" ] &&
[ -e ${CONF} ] && [ -d ${SAVEDIR} ]; then
- mv -f ${CONF} ${SAVECONF}
+ local conf=$(egrep -v '^server .* # added by /sbin/dhclient-script$' < ${CONF})
- egrep -v '^server .* # added by /sbin/dhclient-script$' < ${SAVECONF} > ${CONF}
+ conf=$(echo "$conf"
+ for s in ${new_ntp_servers}; do
+ echo "server ${s} # added by /sbin/dhclient-script"
+ done)
- diff -q ${CONF} ${SAVECONF} >/dev/null 2>&1
- if [ $? -eq 1 ]; then
- rm -f ${SAVECONF}
- cp -f ${CONF} ${SAVECONF}
- fi
-
- for s in ${new_ntp_servers}; do
- echo "server ${s} # added by /sbin/dhclient-script" >> ${CONF}
- done
-
- restorecon ${CONF} ${SAVECONF} >/dev/null 2>&1
- service ntpd condrestart >/dev/null 2>&1
+ [ -f ${SAVECONF} ] || touch ${SAVECONF}
+ ntp_replace_conf "$conf"
fi
}
ntp_restore() {
- if [ ! "${PEERNTP}" = "no" ] && [ -f ${SAVECONF} ]; then
- mv -f ${SAVECONF} ${CONF}
- restorecon ${CONF} >/dev/null 2>&1
- service ntpd condrestart >/dev/null 2>&1
+ if [ -e ${CONF} ] && [ -f ${SAVECONF} ]; then
+ local conf=$(egrep -v '^server .* # added by /sbin/dhclient-script$' < ${CONF})
+
+ ntp_replace_conf "$conf"
+ rm -f ${SAVECONF}
fi
}
Index: ntp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/devel/ntp.spec,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- ntp.spec 26 Feb 2009 06:20:05 -0000 1.87
+++ ntp.spec 20 Apr 2009 11:44:54 -0000 1.88
@@ -1,7 +1,7 @@
Summary: The NTP daemon and utilities
Name: ntp
Version: 4.2.4p6
-Release: 3%{?dist}
+Release: 4%{?dist}
# primary license (COPYRIGHT) : MIT
# ElectricFence/ (not used) : GPLv2
# kernel/sys/ppsclock.h (not used) : BSD with advertising
@@ -84,6 +84,8 @@
Patch26: ntp-4.2.4p5-retryres.patch
# ntpbz #808
Patch27: ntp-4.2.4p5-driftonexit.patch
+# ntpbz #1144
+Patch28: ntp-4.2.4p6-ntpqsprintf.patch
URL: http://www.ntp.org
Requires(post): /sbin/chkconfig
@@ -150,6 +152,7 @@
%patch25 -p1 -b .rtnetlink
%patch26 -p1 -b .retryres
%patch27 -p1 -b .driftonexit
+%patch28 -p1 -b .ntpqsprintf
# clock_gettime needs -lrt
sed -i.gettime 's|^LIBS = @LIBS@|& -lrt|' ntp{d,q,dc,date}/Makefile.in
@@ -319,6 +322,12 @@
%{_mandir}/man8/ntpdate.8*
%changelog
+* Mon Apr 20 2009 Miroslav Lichvar <mlichvar at redhat.com> 4.2.4p6-4
+- don't restart ntpd in dhclient script with every renewal
+- fix buffer overflow in ntpq (#490617)
+- check status in condrestart (#481261)
+- don't crash when compiled with HAVE_TIMER_CREATE (#486217)
+
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 4.2.4p6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
Index: ntpd.init
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/devel/ntpd.init,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- ntpd.init 29 Feb 2008 14:54:31 -0000 1.27
+++ ntpd.init 20 Apr 2009 11:44:54 -0000 1.28
@@ -74,7 +74,7 @@
start
;;
try-restart|condrestart)
- if [ -f $lockfile ]; then
+ if status $prog > /dev/null; then
stop
start
fi
More information about the scm-commits
mailing list