Opened 5 years ago

Closed 5 years ago

#11020 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 8.3
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version.

Change History (3)

comment:1 by Bruce Dubbs, 5 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 5 years ago

NTP 4.2.8p12

Focus: Security, Bug fixes, enhancements.

This release fixes a "hole" in the noepeer capability introduced to ntpd
in ntp-4.2.8p11, and a buffer overflow in the openhost() function used by
ntpq and ntpdc.  It also provides 26 other bugfixes, and 4 other improvements:

* [Sec 3505] Buffer overflow in the openhost() call of ntpq and ntpdc.

* [Sec 3012] Fix a hole in the new "noepeer" processing.

* Bug Fixes:
 [Bug 3521] Fix a logic bug in the INVALIDNAK checks.  <>
 [Bug 3509] Add support for running as non-root on FreeBSD, Darwin,
            other TrustedBSD platforms
 - applied patch by Ian Lepore <>
 [Bug 3506] Service Control Manager interacts poorly with NTPD <>
 - changed interaction with SCM to signal pending startup
 [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <>
 - applied patch by Gerry Garvey
 [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <>
 - applied patch by Gerry Garvey
 [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <>
 - rework of ntpq 'nextvar()' key/value parsing
 [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <>
 - applied patch by Gerry Garvey (with mods)
 [Bug 3480] Refclock sample filter not cleared on clock STEP <>
 - applied patch by Gerry Garvey
 [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <>
 - applied patch by Gerry Garvey (with mods)
 [Bug 3476]ctl_putstr() sends empty unquoted string [...] <>
 - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though
 [Bug 3475] modify prettydate() to suppress output of zero time <>
 - applied patch by Gerry Garvey
 [Bug 3474] Missing pmode in mode7 peer info response <>
 - applied patch by Gerry Garvey
 [Bug 3471] Check for openssl/[ch]mac.h.  HStenn.
 - add #define ENABLE_CMAC support in configure.  HStenn.
 [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <>
 [Bug 3469] Incomplete string compare [...] in is_refclk_addr <>
 - patch by Stephen Friedl
 [Bug 3467] Potential memory fault in ntpq [...] <>
 - fixed IO redirection and CTRL-C handling in ntq and ntpdc
 [Bug 3465] Default TTL values cannot be used <>
 [Bug 3461] refclock_shm.c: clear error status on clock recovery <>
 - initial patch by Hal Murray; also fixed refclock_report() trouble
 [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph.  <>
 [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer
 - According to Brooks Davis, there was only one location <>
 [Bug 3449] ntpq - display "loop" instead of refid [...] <>
 - applied patch by Gerry Garvey
 [Bug 3445] Symmetric peer won't sync on startup <>
 - applied patch by Gerry Garvey
 [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey,
 with modifications
 New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c. 
 [Bug 3434] ntpd clears STA_UNSYNC on start <>
 - applied patch by Miroslav Lichvar 
 [Bug 3426] ntpdate.html -t default is 2 seconds.  Leonid Evdokimov.
 [Bug 3121] Drop root privileges for the forked DNS worker <>
 - integrated patch by  Reinhard Max
 [Bug 2821] minor build issues <>
 - applied patches by Christos Zoulas, including real bug fixes
 html/authopt.html: cleanup, from <>
 ntpd/ntpd.c: DROPROOT cleanup.  <>
 Symmetric key range is 1-65535.  Update docs.

comment:3 by Bruce Dubbs, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 20364.

Note: See TracTickets for help on using tickets.