From c054b85192ea340529fc9a659cac7ea6b893b50e Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Sat, 20 Dec 2014 00:39:43 +0000
Subject: [PATCH] debrand ntp-4.2.6p5-19.el7_0

---
 SOURCES/ntp-4.2.6p5-cve-2014-9293.patch |   35 +++++++++++++++++++++++++++++++++++
 1 files changed, 35 insertions(+), 0 deletions(-)

diff --git a/SOURCES/ntp-4.2.6p5-cve-2014-9293.patch b/SOURCES/ntp-4.2.6p5-cve-2014-9293.patch
new file mode 100644
index 0000000..62ad523
--- /dev/null
+++ b/SOURCES/ntp-4.2.6p5-cve-2014-9293.patch
@@ -0,0 +1,35 @@
+diff -up ntp-4.2.6p5/ntpd/ntp_config.c.cve-2014-9293 ntp-4.2.6p5/ntpd/ntp_config.c
+--- ntp-4.2.6p5/ntpd/ntp_config.c.cve-2014-9293	2014-12-19 16:24:18.297578337 +0100
++++ ntp-4.2.6p5/ntpd/ntp_config.c	2014-12-19 16:24:18.311578368 +0100
+@@ -1866,13 +1866,16 @@ config_auth(
+ 		req_hashlen = digest_len;
+ #endif
+ 	} else {
+-		int	rankey;
++		unsigned char rankey[16];
++
++		if (ntp_crypto_random_buf(rankey, sizeof (rankey))) {
++			msyslog(LOG_ERR, "ntp_crypto_random_buf() failed.");
++			exit(1);
++		}
+ 
+-		rankey = ntp_random();
+ 		req_keytype = NID_md5;
+ 		req_hashlen = 16;
+-		MD5auth_setkey(req_keyid, req_keytype,
+-		    (u_char *)&rankey, sizeof(rankey));
++		MD5auth_setkey(req_keyid, req_keytype, rankey, sizeof(rankey));
+ 		authtrust(req_keyid, 1);
+ 	}
+ 
+diff -up ntp-4.2.6p5/ntpd/ntpd.c.cve-2014-9293 ntp-4.2.6p5/ntpd/ntpd.c
+--- ntp-4.2.6p5/ntpd/ntpd.c.cve-2014-9293	2014-12-19 16:24:02.000000000 +0100
++++ ntp-4.2.6p5/ntpd/ntpd.c	2014-12-19 16:24:18.298578339 +0100
+@@ -593,6 +593,7 @@ ntpdmain(
+ 	get_systime(&now);
+ 
+ 	ntp_srandom((int)(now.l_i * now.l_uf));
++	ntp_crypto_srandom();
+ 
+ #if !defined(VMS)
+ # ifndef NODETACH

--
Gitblit v1.8.0