mlichvar pushed to ntp (f22). "protect symmetric associations with symmetric key against DoS attack (CVE-2015-1799)"
notifications at fedoraproject.org
notifications at fedoraproject.org
Wed Apr 8 11:42:38 UTC 2015
>From 8ad9d6b9f1ec74daf6c8574089d892076ac55c12 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar at redhat.com>
Date: Wed, 8 Apr 2015 13:10:11 +0200
Subject: protect symmetric associations with symmetric key against DoS attack
(CVE-2015-1799)
diff --git a/ntp-4.2.6p5-cve-2015-1799.patch b/ntp-4.2.6p5-cve-2015-1799.patch
new file mode 100644
index 0000000..10548ab
--- /dev/null
+++ b/ntp-4.2.6p5-cve-2015-1799.patch
@@ -0,0 +1,37 @@
+diff -up ntp-4.2.6p5/ntpd/ntp_proto.c.cve-2015-1799 ntp-4.2.6p5/ntpd/ntp_proto.c
+--- ntp-4.2.6p5/ntpd/ntp_proto.c.cve-2015-1799 2015-04-08 13:06:43.083810350 +0200
++++ ntp-4.2.6p5/ntpd/ntp_proto.c 2015-04-08 13:08:12.679980322 +0200
+@@ -1101,16 +1101,6 @@ receive(
+ }
+
+ /*
+- * Update the state variables.
+- */
+- if (peer->flip == 0) {
+- if (hismode != MODE_BROADCAST)
+- peer->rec = p_xmt;
+- peer->dst = rbufp->recv_time;
+- }
+- peer->xmt = p_xmt;
+-
+- /*
+ * If this is a crypto_NAK, the server cannot authenticate a
+ * client packet. The server might have just changed keys. Clear
+ * the association and restart the protocol.
+@@ -1157,6 +1147,16 @@ receive(
+ }
+
+ /*
++ * Update the state variables.
++ */
++ if (peer->flip == 0) {
++ if (hismode != MODE_BROADCAST)
++ peer->rec = p_xmt;
++ peer->dst = rbufp->recv_time;
++ }
++ peer->xmt = p_xmt;
++
++ /*
+ * Set the peer ppoll to the maximum of the packet ppoll and the
+ * peer minpoll. If a kiss-o'-death, set the peer minpoll to
+ * this maximumn and advance the headway to give the sender some
diff --git a/ntp.spec b/ntp.spec
index 5cc146c..5324f06 100644
--- a/ntp.spec
+++ b/ntp.spec
@@ -121,6 +121,8 @@ Patch34: ntp-4.2.6p5-shmperm.patch
Patch35: ntp-4.2.6p5-xleap.patch
# ntpbz #2779
Patch36: ntp-4.2.6p5-cve-2015-1798.patch
+# ntpbz #2781
+Patch37: ntp-4.2.6p5-cve-2015-1799.patch
# handle unknown clock types
Patch50: ntpstat-0.2-clksrc.patch
@@ -250,6 +252,7 @@ This package contains NTP documentation in HTML format.
%patch34 -p1 -b .shmperm
%patch35 -p1 -b .xleap
%patch36 -p1 -b .cve-2015-1798
+%patch37 -p1 -b .cve-2015-1799
# ntpstat patches
%patch50 -p1 -b .clksrc
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/ntp.git/commit/?h=f22&id=8ad9d6b9f1ec74daf6c8574089d892076ac55c12
More information about the scm-commits
mailing list