Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#13711 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: high Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New patch level version.

Change History (6)

comment:1 by Bruce Dubbs, 2 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 2 years ago

NTP 4.2.8p15 (Harlan Stenn <stenn@…>, 2020 Jun 23)

Focus: Security, Bug fixes

Severity: MEDIUM

This release fixes one vulnerability: Associations that use CMAC authentication between ntpd from versions 4.2.8p11/4.3.97 and 4.2.8p14/4.3.100 will leak a small amount of memory for each packet. Eventually, ntpd will run out of memory and abort.

It also fixes 13 other bugs.

  • [Sec 3661] memory leak with AES128CMAC keys
  • [Bug 3670] Regression from bad merger between 3592 and 3596
  • [Bug 3667] decodenetnum fails with numeric port
    • rewrite 'decodenetnum()' in terms of inet_pton
  • [Bug 3666] avoid unlimited receive buffer allocation
    • limit number of receive buffers, with an iron reserve for refclocks
  • [Bug 3664] Enable openSSL CMAC support on Windows
  • [Bug 3662] Fix build errors on Windows with VS2008
  • [Bug 3660] Manycast orphan mode startup discovery problem.
  • [Bug 3659] Move definition of psl[] from ntp_config.h to ntp_config.h
  • [Bug 3657] Wrong "Autokey group mismatch" debug message
  • [Bug 3655] ntpdc memstats hash counts
  • [Bug 3653] Refclock jitter RMS calculation
  • [Bug 3646] Avoid sync with unsync orphan
  • [Bug 3644] Unsynchronized server [...] selected as candidate
  • [Bug 3639] refclock_jjy: TS-JJY0x can skip time sync depending on the STUS reply.

comment:3 by Douglas R. Reno, 2 years ago

Priority: normalhigh

comment:4 by Bruce Dubbs, 2 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 23322.

comment:5 by Bruce Dubbs, 2 years ago

Milestone: 9.210,0

Milestone renamed

comment:6 by Bruce Dubbs, 2 years ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.