rpms / ntp

Clone
Source Code
GIT

Blame SOURCES/ntp-4.2.6p5-cve-2014-9298.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta
  1.   2b78f720d4176726c1d27400684acfb0362c2ff6
  2.   SOURCES
  3.   ntp-4.2.6p5-cve-2014-9298.patch
Blob History Raw
2b78f7 
http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=54922b65gDSbE4G7c3JjkuK1Tv33qQ
2b78f7 
http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5492d2879rotbnnuVch_ZC3RAfS8AA
2b78f7 
http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5496213frLaEz5PHLZVhuYjM7Lalkw
2b78f7 
http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=54c2228bpOp4_zrX9aGXdMEZJEGzkg
2b78f7
2b78f7 
diff -up ntp-4.2.6p5/ntpd/ntp_io.c.cve-2014-9298 ntp-4.2.6p5/ntpd/ntp_io.c
2b78f7 
--- ntp-4.2.6p5/ntpd/ntp_io.c.cve-2014-9298	2015-02-04 11:49:30.506083987 +0100
2b78f7 
+++ ntp-4.2.6p5/ntpd/ntp_io.c	2015-02-04 12:09:12.638449788 +0100
2b78f7 
@@ -3498,6 +3498,29 @@ read_network_packet(
2b78f7 
 		    fd, buflen, stoa(&rb->recv_srcadr)));
2b78f7
2b78f7 
 	/*
2b78f7 
+	** Bug 2672: Some OSes (MacOSX and Linux) don't block spoofed ::1
2b78f7 
+	*/
2b78f7 
+
2b78f7 
+	if (AF_INET6 == itf->family) {
2b78f7 
+		DPRINTF(2, ("Got an IPv6 packet, from <%s> (%d) to <%s> (%d)\n",
2b78f7 
+			stoa(&rb->recv_srcadr),
2b78f7 
+			IN6_IS_ADDR_LOOPBACK(PSOCK_ADDR6(&rb->recv_srcadr)),
2b78f7 
+			stoa(&itf->sin),
2b78f7 
+			!IN6_IS_ADDR_LOOPBACK(PSOCK_ADDR6(&itf->sin))
2b78f7 
+			));
2b78f7 
+
2b78f7 
+		if (   IN6_IS_ADDR_LOOPBACK(PSOCK_ADDR6(&rb->recv_srcadr))
2b78f7 
+		    && !IN6_IS_ADDR_LOOPBACK(PSOCK_ADDR6(&itf->sin))
2b78f7 
+		   ) {
2b78f7 
+			packets_dropped++;
2b78f7 
+			DPRINTF(2, ("DROPPING that packet\n"));
2b78f7 
+			freerecvbuf(rb);
2b78f7 
+			return buflen;
2b78f7 
+		}
2b78f7 
+		DPRINTF(2, ("processing that packet\n"));
2b78f7 
+	}
2b78f7 
+
2b78f7 
+	/*
2b78f7 
 	 * Got one.  Mark how and when it got here,
2b78f7 
 	 * put it on the full list and do bookkeeping.
2b78f7 
 	 */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation