rpms/ntp/F-12 ntp-4.2.4p8-editline.patch, NONE, 1.1 ntp-4.2.4p8-gettime.patch, NONE, 1.1 ntp-4.2.4p8-mlock.patch, NONE, 1.1 ntp-4.2.4p8-nosntp.patch, NONE, 1.1 .cvsignore, 1.29, 1.30 ntp.spec, 1.95, 1.96 sources, 1.30, 1.31 ntp-4.2.4p7-editline.patch, 1.1, NONE ntp-4.2.4p7-gettime.patch, 1.1, NONE ntp-4.2.4p7-ipv6.patch, 1.1, NONE ntp-4.2.4p7-mlock.patch, 1.1, NONE ntp-4.2.4p7-nosntp.patch, 1.1, NONE
Miroslav Lichvar
mlichvar at fedoraproject.org
Wed Dec 9 11:44:37 UTC 2009
- Previous message: rpms/ntp/devel ntp-4.2.4p8-editline.patch, NONE, 1.1 ntp-4.2.4p8-gettime.patch, NONE, 1.1 ntp-4.2.4p8-mlock.patch, NONE, 1.1 ntp-4.2.4p8-nosntp.patch, NONE, 1.1 .cvsignore, 1.29, 1.30 ntp.spec, 1.96, 1.97 sources, 1.30, 1.31 ntp-4.2.4p7-editline.patch, 1.1, NONE ntp-4.2.4p7-gettime.patch, 1.1, NONE ntp-4.2.4p7-ipv6.patch, 1.1, NONE ntp-4.2.4p7-mlock.patch, 1.1, NONE ntp-4.2.4p7-nosntp.patch, 1.1, NONE
- Next message: rpms/openoffice.org/F-11 workspace.vcl105.patch, NONE, 1.1 openoffice.org.spec, 1.1945, 1.1946
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mlichvar
Update of /cvs/pkgs/rpms/ntp/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29090
Modified Files:
.cvsignore ntp.spec sources
Added Files:
ntp-4.2.4p8-editline.patch ntp-4.2.4p8-gettime.patch
ntp-4.2.4p8-mlock.patch ntp-4.2.4p8-nosntp.patch
Removed Files:
ntp-4.2.4p7-editline.patch ntp-4.2.4p7-gettime.patch
ntp-4.2.4p7-ipv6.patch ntp-4.2.4p7-mlock.patch
ntp-4.2.4p7-nosntp.patch
Log Message:
- update to 4.2.4p8 (#545557, CVE-2009-3563)
ntp-4.2.4p8-editline.patch:
configure | 8 +++++++-
ntpdc/ntpdc.c | 5 ++---
ntpq/ntpq.c | 5 ++---
3 files changed, 11 insertions(+), 7 deletions(-)
--- NEW FILE ntp-4.2.4p8-editline.patch ---
diff -up ntp-4.2.4p8/configure.editline ntp-4.2.4p8/configure
--- ntp-4.2.4p8/configure.editline 2009-12-08 14:07:43.000000000 +0100
+++ ntp-4.2.4p8/configure 2009-12-08 17:51:52.000000000 +0100
@@ -17216,9 +17216,15 @@ fi
done
+READLINE_LIBS="-ledit"
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_LIBEDIT
+_ACEOF
+
# following block becomes on 4.2.5: NTP_LINEEDITLIBS
for ac_header in readline/history.h readline/readline.h
do :
+ break
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
eval as_val=\$$as_ac_Header
@@ -17232,7 +17238,7 @@ fi
done
case "$ac_cv_header_readline_history_h$ac_cv_header_readline_readline_h" in
- *no*) ;;
+ *) ;;
*) save_LIBS=$LIBS
LIBS=
# Ralf Wildenhues: either unset ... or cache READLINE_LIBS
diff -up ntp-4.2.4p8/ntpdc/ntpdc.c.editline ntp-4.2.4p8/ntpdc/ntpdc.c
--- ntp-4.2.4p8/ntpdc/ntpdc.c.editline 2009-12-08 12:55:59.000000000 +0100
+++ ntp-4.2.4p8/ntpdc/ntpdc.c 2009-12-08 17:50:14.000000000 +0100
@@ -26,9 +26,8 @@
# define closesocket close
#endif /* SYS_WINNT */
-#if defined(HAVE_LIBREADLINE) || defined (HAVE_LIBEDIT)
-# include <readline/readline.h>
-# include <readline/history.h>
+#if defined (HAVE_LIBEDIT)
+# include <editline/readline.h>
#endif /* HAVE_LIBREADLINE || HAVE_LIBEDIT */
#ifdef SYS_VXWORKS
diff -up ntp-4.2.4p8/ntpq/ntpq.c.editline ntp-4.2.4p8/ntpq/ntpq.c
--- ntp-4.2.4p8/ntpq/ntpq.c.editline 2009-12-08 12:55:59.000000000 +0100
+++ ntp-4.2.4p8/ntpq/ntpq.c 2009-12-08 17:50:14.000000000 +0100
@@ -30,9 +30,8 @@
# define closesocket close
#endif /* SYS_WINNT */
-#if defined(HAVE_LIBREADLINE) || defined(HAVE_LIBEDIT)
-# include <readline/readline.h>
-# include <readline/history.h>
+#if defined(HAVE_LIBEDIT)
+# include <editline/readline.h>
#endif /* HAVE_LIBREADLINE || HAVE_LIBEDIT */
#ifdef SYS_VXWORKS
ntp-4.2.4p8-gettime.patch:
configure | 4 ++++
1 file changed, 4 insertions(+)
--- NEW FILE ntp-4.2.4p8-gettime.patch ---
diff -up ntp-4.2.4p8/configure.gettime ntp-4.2.4p8/configure
--- ntp-4.2.4p8/configure.gettime 2009-12-08 18:04:54.000000000 +0100
+++ ntp-4.2.4p8/configure 2009-12-08 18:06:07.000000000 +0100
@@ -20221,6 +20221,10 @@ case "$host" in
;;
*) for ac_func in clock_gettime clock_settime
do :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+ continue
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
eval as_val=\$$as_ac_var
ntp-4.2.4p8-mlock.patch:
html/ntpd.html | 4 +++-
ntpd/ntpd-opts.c | 23 ++++++++++++++++++++++-
ntpd/ntpd-opts.h | 15 +++++++++++----
ntpd/ntpd.c | 6 ++++--
4 files changed, 40 insertions(+), 8 deletions(-)
--- NEW FILE ntp-4.2.4p8-mlock.patch ---
diff -up ntp-4.2.4p8/html/ntpd.html.mlock ntp-4.2.4p8/html/ntpd.html
--- ntp-4.2.4p8/html/ntpd.html.mlock 2009-12-08 17:56:35.000000000 +0100
+++ ntp-4.2.4p8/html/ntpd.html 2009-12-08 17:56:35.000000000 +0100
@@ -34,7 +34,7 @@
</ul>
<hr>
<h4 id="synop">Synopsis</h4>
- <tt>ntpd [ -46aAbdDgLnNqx ] [ -c <i>conffile</i> ] [ -f <i>driftfile</i> ] [ -i <i>jaildir</i> ] [ -I <i>iface</i> ] [ -k <i>keyfile</i> ] [ -l <i>logfile</i> ] [ -p <i>pidfile</i> ] [ -P <i>priority</i> ] [ -r <i>broadcastdelay</i> ] [ -s <i>statsdir</i> ] [ -t <i>key</i> ] [ -u <i>user</i>[:<i>group</i>] ] [ -U <i>interface_update_interval</i> ] [ -v <i>variable</i> ] [ -V <i>variable</i> ]</tt>
+ <tt>ntpd [ -46aAbdDgLmnNqx ] [ -c <i>conffile</i> ] [ -f <i>driftfile</i> ] [ -i <i>jaildir</i> ] [ -I <i>iface</i> ] [ -k <i>keyfile</i> ] [ -l <i>logfile</i> ] [ -p <i>pidfile</i> ] [ -P <i>priority</i> ] [ -r <i>broadcastdelay</i> ] [ -s <i>statsdir</i> ] [ -t <i>key</i> ] [ -u <i>user</i>[:<i>group</i>] ] [ -U <i>interface_update_interval</i> ] [ -v <i>variable</i> ] [ -V <i>variable</i> ]</tt>
<h4 id="descr">Description</h4>
<p>The <tt>ntpd</tt> program is an operating system daemon which sets and maintains the system time of day in synchronism with Internet standard time servers. It is a complete implementation of the Network Time Protocol (NTP) version 4, but also retains compatibility with version 3, as defined by RFC-1305, and version 1 and 2, as defined by RFC-1059 and RFC-1119, respectively. <tt>ntpd</tt> does most computations in 64-bit floating point arithmetic and does relatively clumsy 64-bit fixed point operations only when necessary to preserve the ultimate precision, about 232 picoseconds. While the ultimate precision is not achievable with ordinary workstations and networks of today, it may be required with future gigahertz CPU clocks and gigabit LANs.</p>
<h4 id="op">How NTP Operates</h4>
@@ -96,6 +96,8 @@
<dd>Specify the name and path of the log file. The default is the system log file. This is the same operation as the <tt>logfile <i>logfile</i></tt> configuration command.
<dt><tt>-L</tt>
<dd>Do not listen to virtual IPs. The default is to listen.
+ <dt><tt>-m</tt>
+ <dd>Lock memory.
<dt><tt>-n</tt>
<dd>Don't fork.
<dt><tt>-N</tt>
diff -up ntp-4.2.4p8/ntpd/ntpd-opts.c.mlock ntp-4.2.4p8/ntpd/ntpd-opts.c
--- ntp-4.2.4p8/ntpd/ntpd-opts.c.mlock 2009-12-08 14:13:09.000000000 +0100
+++ ntp-4.2.4p8/ntpd/ntpd-opts.c 2009-12-08 17:56:35.000000000 +0100
@@ -264,6 +264,15 @@ tSCC zNice_Name[] = "ni
#define NICE_FLAGS (OPTST_DISABLED)
/*
+ * Mlock option description:
+ */
+tSCC zMlockText[] =
+ "Lock memory";
+tSCC zMlock_NAME[] = "MLOCK";
+tSCC zMlock_Name[] = "mlock";
+#define MLOCK_FLAGS (OPTST_DISABLED)
+
+/*
* Pidfile option description:
*/
tSCC zPidfileText[] =
@@ -789,6 +798,18 @@ static tOptDesc optDesc[ OPTION_CT ] = {
OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT
#endif
+ { /* entry idx, value */ 29, VALUE_OPT_MLOCK,
+ /* equiv idx, value */ 29, VALUE_OPT_MLOCK,
+ /* equivalenced to */ NO_EQUIVALENT,
+ /* min, max, act ct */ 0, 1, 0,
+ /* opt state flags */ MLOCK_FLAGS, 0,
+ /* last opt argumnt */ { NULL },
+ /* arg list/cookie */ NULL,
+ /* must/cannot opts */ NULL, NULL,
+ /* option proc */ NULL,
+ /* desc, NAME, name */ zMlockText, zMlock_NAME, zMlock_Name,
+ /* disablement strs */ NULL, NULL },
+
{ /* entry idx, value */ INDEX_OPT_VERSION, VALUE_OPT_VERSION,
/* equiv idx value */ NO_EQUIVALENT, 0,
/* equivalenced to */ NO_EQUIVALENT,
@@ -881,7 +902,7 @@ tOptions ntpdOptions = {
NO_EQUIVALENT /* index of '-#' option */,
NO_EQUIVALENT /* index of default opt */
},
- 32 /* full option count */, 29 /* user option count */
+ 33 /* full option count */, 30 /* user option count */
};
/*
diff -up ntp-4.2.4p8/ntpd/ntpd-opts.h.mlock ntp-4.2.4p8/ntpd/ntpd-opts.h
--- ntp-4.2.4p8/ntpd/ntpd-opts.h.mlock 2009-12-08 14:13:09.000000000 +0100
+++ ntp-4.2.4p8/ntpd/ntpd-opts.h 2009-12-08 17:56:35.000000000 +0100
@@ -81,12 +81,13 @@ typedef enum {
INDEX_OPT_VAR = 26,
INDEX_OPT_DVAR = 27,
INDEX_OPT_SLEW = 28,
- INDEX_OPT_VERSION = 29,
- INDEX_OPT_HELP = 30,
- INDEX_OPT_MORE_HELP = 31
+ INDEX_OPT_MLOCK = 29,
+ INDEX_OPT_VERSION = 30,
+ INDEX_OPT_HELP = 31,
+ INDEX_OPT_MORE_HELP = 32
} teOptIndex;
-#define OPTION_CT 32
+#define OPTION_CT 33
#define NTPD_VERSION "4.2.4p8"
#define NTPD_FULL_VERSION "ntpd - NTP daemon program - Ver. 4.2.4p8"
@@ -179,6 +180,10 @@ typedef enum {
# warning undefining MODIFYMMTIMER due to option name conflict
# undef MODIFYMMTIMER
# endif
+# ifdef MLOCK
+# warning undefining MLOCK due to option name conflict
+# undef MLOCK
+# endif
# ifdef NOFORK
# warning undefining NOFORK due to option name conflict
# undef NOFORK
@@ -248,6 +253,7 @@ typedef enum {
# undef LOGFILE
# undef NOVIRTUALIPS
# undef MODIFYMMTIMER
+# undef MLOCK
# undef NOFORK
# undef NICE
# undef PIDFILE
@@ -290,6 +296,7 @@ typedef enum {
#ifdef SYS_WINNT
#define VALUE_OPT_MODIFYMMTIMER 'M'
#endif /* SYS_WINNT */
+#define VALUE_OPT_MLOCK 'm'
#define VALUE_OPT_NOFORK 'n'
#define VALUE_OPT_NICE 'N'
#define VALUE_OPT_PIDFILE 'p'
diff -up ntp-4.2.4p8/ntpd/ntpd.c.mlock ntp-4.2.4p8/ntpd/ntpd.c
--- ntp-4.2.4p8/ntpd/ntpd.c.mlock 2009-12-08 17:56:35.000000000 +0100
+++ ntp-4.2.4p8/ntpd/ntpd.c 2009-12-08 17:56:35.000000000 +0100
@@ -691,7 +691,8 @@ ntpdmain(
}
#endif
-#if defined(HAVE_MLOCKALL) && defined(MCL_CURRENT) && defined(MCL_FUTURE)
+#if defined(MCL_CURRENT) && defined(MCL_FUTURE)
+ if (HAVE_OPT( MLOCK )) {
# ifdef HAVE_SETRLIMIT
/*
* Set the stack limit to something smaller, so that we don't lock a lot
@@ -717,7 +718,7 @@ ntpdmain(
* fail if we drop root privlege. To be useful the value
* has to be larger than the largest ntpd resident set size.
*/
- rl.rlim_cur = rl.rlim_max = 32*1024*1024;
+ rl.rlim_cur = rl.rlim_max = 64*1024*1024;
if (setrlimit(RLIMIT_MEMLOCK, &rl) == -1) {
msyslog(LOG_ERR, "Cannot set RLIMIT_MEMLOCK: %m");
}
@@ -729,6 +730,7 @@ ntpdmain(
*/
if (mlockall(MCL_CURRENT|MCL_FUTURE) < 0)
msyslog(LOG_ERR, "mlockall(): %m");
+ }
#else /* not (HAVE_MLOCKALL && MCL_CURRENT && MCL_FUTURE) */
# ifdef HAVE_PLOCK
# ifdef PROCLOCK
ntp-4.2.4p8-nosntp.patch:
Makefile.in | 3 +--
configure | 2 +-
2 files changed, 2 insertions(+), 3 deletions(-)
--- NEW FILE ntp-4.2.4p8-nosntp.patch ---
diff -up ntp-4.2.4p8/Makefile.in.nosntp ntp-4.2.4p8/Makefile.in
--- ntp-4.2.4p8/Makefile.in.nosntp 2009-12-08 14:07:31.000000000 +0100
+++ ntp-4.2.4p8/Makefile.in 2009-12-08 17:59:39.000000000 +0100
@@ -246,7 +246,7 @@ ACLOCAL_AMFLAGS = -I m4 -I libopts/m4
NULL =
SUBDIRS = $(am__append_1) scripts include ElectricFence @ARLIB_DIR@ \
libntp libparse ntpd ntpdate ntpdc ntpq parseutil adjtimed \
- clockstuff kernel sntp util $(NULL)
+ clockstuff kernel util $(NULL)
DIST_SUBDIRS = \
scripts \
include \
@@ -263,7 +263,6 @@ DIST_SUBDIRS = \
adjtimed \
clockstuff \
kernel \
- sntp \
util \
$(NULL)
diff -up ntp-4.2.4p8/configure.nosntp ntp-4.2.4p8/configure
--- ntp-4.2.4p8/configure.nosntp 2009-12-08 17:59:39.000000000 +0100
+++ ntp-4.2.4p8/configure 2009-12-08 18:01:09.000000000 +0100
@@ -25770,7 +25770,7 @@ ac_config_files="$ac_config_files script
ac_config_files="$ac_config_files util/Makefile"
-subdirs="$subdirs sntp"
+subdirs="$subdirs"
cat >confcache <<\_ACEOF
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/F-12/.cvsignore,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -p -r1.29 -r1.30
--- .cvsignore 19 May 2009 14:45:44 -0000 1.29
+++ .cvsignore 9 Dec 2009 11:44:36 -0000 1.30
@@ -1,2 +1,2 @@
ntpstat-0.2.tgz
-ntp-4.2.4p7.tar.gz
+ntp-4.2.4p8.tar.gz
Index: ntp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/F-12/ntp.spec,v
retrieving revision 1.95
retrieving revision 1.96
diff -u -p -r1.95 -r1.96
--- ntp.spec 21 Oct 2009 14:24:55 -0000 1.95
+++ ntp.spec 9 Dec 2009 11:44:37 -0000 1.96
@@ -1,7 +1,7 @@
Summary: The NTP daemon and utilities
Name: ntp
-Version: 4.2.4p7
-Release: 7%{?dist}
+Version: 4.2.4p8
+Release: 1%{?dist}
# primary license (COPYRIGHT) : MIT
# ElectricFence/ (not used) : GPLv2
# kernel/sys/ppsclock.h (not used) : BSD with advertising
@@ -65,13 +65,13 @@ Patch11: ntp-4.2.4p2-filegen.patch
# ntpbz #738
Patch12: ntp-4.2.4-sprintf.patch
# use editline instead of readline
-Patch13: ntp-4.2.4p7-editline.patch
+Patch13: ntp-4.2.4p8-editline.patch
# add option -m to lock memory
-Patch14: ntp-4.2.4p7-mlock.patch
+Patch14: ntp-4.2.4p8-mlock.patch
# fixed in 4.2.5
Patch15: ntp-4.2.4p2-clockselect.patch
# don't build sntp
-Patch16: ntp-4.2.4p7-nosntp.patch
+Patch16: ntp-4.2.4p8-nosntp.patch
# ntpbz #802
Patch17: ntp-4.2.4p7-sleep.patch
# ntpbz #779, #823
@@ -80,12 +80,10 @@ Patch18: ntp-4.2.4p7-bcast.patch
Patch19: ntp-4.2.4p0-retcode.patch
# ntpbz #397
Patch20: ntp-4.2.4p2-noif.patch
-# force IPv6 support
-Patch21: ntp-4.2.4p7-ipv6.patch
# align buffer for control messages
Patch22: ntp-4.2.4p4-cmsgalign.patch
# force use of clock_gettime
-Patch23: ntp-4.2.4p7-gettime.patch
+Patch23: ntp-4.2.4p8-gettime.patch
# reload resolv.conf after failure in name resolution
Patch24: ntp-4.2.4p4-resinit.patch
# ntpbz #992
@@ -183,7 +181,6 @@ This package contains NTP documentation
%patch18 -p1 -b .bcast
%patch19 -p1 -b .retcode
%patch20 -p1 -b .noif
-%patch21 -p1 -b .ipv6
%patch22 -p1 -b .cmsgalign
%patch24 -p1 -b .resinit
%patch25 -p1 -b .rtnetlink
@@ -370,6 +367,9 @@ fi
%{ntpdocdir}/html
%changelog
+* Wed Dec 09 2009 Miroslav Lichvar <mlichvar at redhat.com> 4.2.4p8-1
+- update to 4.2.4p8 (#545557, CVE-2009-3563)
+
* Wed Oct 21 2009 Miroslav Lichvar <mlichvar at redhat.com> 4.2.4p7-7
- add ntp-wait man page (#526161)
- fix init scripts (#527987)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/ntp/F-12/sources,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -p -r1.30 -r1.31
--- sources 19 May 2009 14:45:47 -0000 1.30
+++ sources 9 Dec 2009 11:44:37 -0000 1.31
@@ -1,2 +1,2 @@
6b2bedefe2e7c63ea52609b222022121 ntpstat-0.2.tgz
-8c19ff62ed4f7d64f8e2aa59cb11f364 ntp-4.2.4p7.tar.gz
+fe137056e7e611798a46971a783567ce ntp-4.2.4p8.tar.gz
--- ntp-4.2.4p7-editline.patch DELETED ---
--- ntp-4.2.4p7-gettime.patch DELETED ---
--- ntp-4.2.4p7-ipv6.patch DELETED ---
--- ntp-4.2.4p7-mlock.patch DELETED ---
--- ntp-4.2.4p7-nosntp.patch DELETED ---
- Previous message: rpms/ntp/devel ntp-4.2.4p8-editline.patch, NONE, 1.1 ntp-4.2.4p8-gettime.patch, NONE, 1.1 ntp-4.2.4p8-mlock.patch, NONE, 1.1 ntp-4.2.4p8-nosntp.patch, NONE, 1.1 .cvsignore, 1.29, 1.30 ntp.spec, 1.96, 1.97 sources, 1.30, 1.31 ntp-4.2.4p7-editline.patch, 1.1, NONE ntp-4.2.4p7-gettime.patch, 1.1, NONE ntp-4.2.4p7-ipv6.patch, 1.1, NONE ntp-4.2.4p7-mlock.patch, 1.1, NONE ntp-4.2.4p7-nosntp.patch, 1.1, NONE
- Next message: rpms/openoffice.org/F-11 workspace.vcl105.patch, NONE, 1.1 openoffice.org.spec, 1.1945, 1.1946
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list