mlichvar pushed to ntp (f20). "protect symmetric associations with symmetric key against DoS attack (CVE-2015-1799)"
notifications at fedoraproject.org
notifications at fedoraproject.org
Wed Apr 8 12:01:22 UTC 2015
>From bbb99b114f09ae6dca294eb5d52cac8451ce3b53 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar at redhat.com>
Date: Wed, 8 Apr 2015 13:10:11 +0200
Subject: protect symmetric associations with symmetric key against DoS attack
(CVE-2015-1799)
diff --git a/ntp-4.2.6p5-cve-2015-1799.patch b/ntp-4.2.6p5-cve-2015-1799.patch
new file mode 100644
index 0000000..10548ab
--- /dev/null
+++ b/ntp-4.2.6p5-cve-2015-1799.patch
@@ -0,0 +1,37 @@
+diff -up ntp-4.2.6p5/ntpd/ntp_proto.c.cve-2015-1799 ntp-4.2.6p5/ntpd/ntp_proto.c
+--- ntp-4.2.6p5/ntpd/ntp_proto.c.cve-2015-1799 2015-04-08 13:06:43.083810350 +0200
++++ ntp-4.2.6p5/ntpd/ntp_proto.c 2015-04-08 13:08:12.679980322 +0200
+@@ -1101,16 +1101,6 @@ receive(
+ }
+
+ /*
+- * Update the state variables.
+- */
+- if (peer->flip == 0) {
+- if (hismode != MODE_BROADCAST)
+- peer->rec = p_xmt;
+- peer->dst = rbufp->recv_time;
+- }
+- peer->xmt = p_xmt;
+-
+- /*
+ * If this is a crypto_NAK, the server cannot authenticate a
+ * client packet. The server might have just changed keys. Clear
+ * the association and restart the protocol.
+@@ -1157,6 +1147,16 @@ receive(
+ }
+
+ /*
++ * Update the state variables.
++ */
++ if (peer->flip == 0) {
++ if (hismode != MODE_BROADCAST)
++ peer->rec = p_xmt;
++ peer->dst = rbufp->recv_time;
++ }
++ peer->xmt = p_xmt;
++
++ /*
+ * Set the peer ppoll to the maximum of the packet ppoll and the
+ * peer minpoll. If a kiss-o'-death, set the peer minpoll to
+ * this maximumn and advance the headway to give the sender some
diff --git a/ntp.spec b/ntp.spec
index 7079a45..1e5fc42 100644
--- a/ntp.spec
+++ b/ntp.spec
@@ -103,6 +103,8 @@ Patch28: ntp-4.2.6p5-cve-2014-9297.patch
Patch29: ntp-4.2.6p5-cve-2014-9298.patch
# ntpbz #2779
Patch36: ntp-4.2.6p5-cve-2015-1798.patch
+# ntpbz #2781
+Patch37: ntp-4.2.6p5-cve-2015-1799.patch
# handle unknown clock types
Patch50: ntpstat-0.2-clksrc.patch
@@ -218,6 +220,7 @@ This package contains NTP documentation in HTML format.
%patch28 -p1 -b .cve-2014-9297
%patch29 -p1 -b .cve-2014-9298
%patch36 -p1 -b .cve-2015-1798
+%patch37 -p1 -b .cve-2015-1799
# ntpstat patches
%patch50 -p1 -b .clksrc
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/ntp.git/commit/?h=f20&id=bbb99b114f09ae6dca294eb5d52cac8451ce3b53
More information about the scm-commits
mailing list