diff --git a/.gitignore b/.gitignore index 95b8f3e..86e0978 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ SOURCES/ntp-4.2.6p5.tar.gz -SOURCES/ntpstat-0.2.tgz +SOURCES/ntpstat-0.5.tar.gz diff --git a/.ntp.metadata b/.ntp.metadata index ffc3452..ab4a419 100644 --- a/.ntp.metadata +++ b/.ntp.metadata @@ -1,2 +1,2 @@ 4a5353a4791b6f4315a66c28d504ec6c7926b192 SOURCES/ntp-4.2.6p5.tar.gz -9b6baf20b5943651a6bf8d6cf9a78e318573b541 SOURCES/ntpstat-0.2.tgz +cb8ccc71c5b036bdefe9af8911ea4202dee84a54 SOURCES/ntpstat-0.5.tar.gz diff --git a/SOURCES/ntp-4.2.6p5-cve-2017-6464.patch b/SOURCES/ntp-4.2.6p5-cve-2017-6464.patch index 6725c83..a271db7 100644 --- a/SOURCES/ntp-4.2.6p5-cve-2017-6464.patch +++ b/SOURCES/ntp-4.2.6p5-cve-2017-6464.patch @@ -57,6 +57,17 @@ diff -up ntp-4.2.6p5/ntpd/ntp_config.c.cve-2017-6464 ntp-4.2.6p5/ntpd/ntp_config static void config_system_opts( +@@ -2920,7 +2941,9 @@ config_ttl( + + curr_ttl = next_node(curr_ttl); + } +- sys_ttlmax = i - 1; ++ ++ if (i) ++ sys_ttlmax = i - 1; + } + + diff -up ntp-4.2.6p5/ntpd/ntp_proto.c.cve-2017-6464 ntp-4.2.6p5/ntpd/ntp_proto.c --- ntp-4.2.6p5/ntpd/ntp_proto.c.cve-2017-6464 2017-03-22 12:54:11.270454677 +0100 +++ ntp-4.2.6p5/ntpd/ntp_proto.c 2017-03-22 12:54:11.279454706 +0100 diff --git a/SOURCES/ntp-4.2.6p5-cve-2018-12327.patch b/SOURCES/ntp-4.2.6p5-cve-2018-12327.patch new file mode 100644 index 0000000..8e250d4 --- /dev/null +++ b/SOURCES/ntp-4.2.6p5-cve-2018-12327.patch @@ -0,0 +1,38 @@ +diff -up ntp-4.2.6p5/ntpdc/ntpdc.c.cve-2018-12327 ntp-4.2.6p5/ntpdc/ntpdc.c +--- ntp-4.2.6p5/ntpdc/ntpdc.c.cve-2018-12327 2018-12-10 12:01:08.096202203 +0100 ++++ ntp-4.2.6p5/ntpdc/ntpdc.c 2018-12-10 12:02:05.385805767 +0100 +@@ -459,8 +459,14 @@ openhost( + + if (*cp == '[') { + cp++; +- for (i = 0; *cp && *cp != ']'; cp++, i++) ++ for (i = 0; *cp && *cp != ']'; cp++, i++) { ++ if (i + 1 == sizeof (name)) { ++ errno = EINVAL; ++ warning("%s", "bad hostname/address", ""); ++ return 0; ++ } + name[i] = *cp; ++ } + if (*cp == ']') { + name[i] = '\0'; + hname = name; +diff -up ntp-4.2.6p5/ntpq/ntpq.c.cve-2018-12327 ntp-4.2.6p5/ntpq/ntpq.c +--- ntp-4.2.6p5/ntpq/ntpq.c.cve-2018-12327 2018-12-10 12:01:08.157201781 +0100 ++++ ntp-4.2.6p5/ntpq/ntpq.c 2018-12-10 12:02:17.739720281 +0100 +@@ -640,8 +640,14 @@ openhost( + + if (*cp == '[') { + cp++; +- for (i = 0; *cp && *cp != ']'; cp++, i++) ++ for (i = 0; *cp && *cp != ']'; cp++, i++) { ++ if (i + 1 == sizeof (name)) { ++ errno = EINVAL; ++ warning("%s", "bad hostname/address", ""); ++ return 0; ++ } + name[i] = *cp; ++ } + if (*cp == ']') { + name[i] = '\0'; + hname = name; diff --git a/SOURCES/ntp-4.2.6p5-decodenetnum.patch b/SOURCES/ntp-4.2.6p5-decodenetnum.patch new file mode 100644 index 0000000..e456f01 --- /dev/null +++ b/SOURCES/ntp-4.2.6p5-decodenetnum.patch @@ -0,0 +1,21 @@ +Author: +Date: Tue Oct 6 08:51:27 2015 +0000 + + [Sec 2922] decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values. Harlan Stenn. + +diff --git a/libntp/decodenetnum.c b/libntp/decodenetnum.c +index ebcb2da69..35b908f39 100644 +--- a/libntp/decodenetnum.c ++++ b/libntp/decodenetnum.c +@@ -36,7 +36,10 @@ decodenetnum( + char name[80]; + + NTP_REQUIRE(num != NULL); +- NTP_REQUIRE(strlen(num) < sizeof(name)); ++ ++ if (strlen(num) >= sizeof(name)) { ++ return 0; ++ } + + port_str = NULL; + if ('[' != num[0]) { diff --git a/SOURCES/ntp-4.2.6p5-netlinkdrop.patch b/SOURCES/ntp-4.2.6p5-netlinkdrop.patch new file mode 100644 index 0000000..4422777 --- /dev/null +++ b/SOURCES/ntp-4.2.6p5-netlinkdrop.patch @@ -0,0 +1,34 @@ +Author: +Date: Mon Jun 11 17:22:29 2012 +0000 + + [Bug 2224] Use-after-free in routing socket code after dropping root. + +diff -up ntp-4.2.6p5/ntpd/ntp_io.c.netlinkdrop ntp-4.2.6p5/ntpd/ntp_io.c +--- ntp-4.2.6p5/ntpd/ntp_io.c.netlinkdrop 2019-01-11 12:34:21.356195246 +0100 ++++ ntp-4.2.6p5/ntpd/ntp_io.c 2019-01-11 12:37:55.719194867 +0100 +@@ -3584,7 +3584,8 @@ input_handler( + int select_count = 0; + endpt *ep; + #if defined(HAS_ROUTING_SOCKET) +- struct asyncio_reader *asyncio_reader; ++ struct asyncio_reader * asyncio_reader; ++ struct asyncio_reader * next_asyncio_reader; + #endif + + handler_calls++; +@@ -3687,11 +3688,13 @@ input_handler( + asyncio_reader = asyncio_reader_list; + + while (asyncio_reader != NULL) { ++ /* callback may unlink and free asyncio_reader */ ++ next_asyncio_reader = asyncio_reader->link; + if (FD_ISSET(asyncio_reader->fd, &fds)) { + ++select_count; +- (asyncio_reader->receiver)(asyncio_reader); ++ (*asyncio_reader->receiver)(asyncio_reader); + } +- asyncio_reader = asyncio_reader->link; ++ asyncio_reader = next_asyncio_reader; + } + #endif /* HAS_ROUTING_SOCKET */ + diff --git a/SOURCES/ntp-4.2.6p5-netlinknobuf.patch b/SOURCES/ntp-4.2.6p5-netlinknobuf.patch new file mode 100644 index 0000000..8ddf25f --- /dev/null +++ b/SOURCES/ntp-4.2.6p5-netlinknobuf.patch @@ -0,0 +1,28 @@ +Author: +Date: Fri Jul 31 07:58:11 2015 +0000 + + [Bug 2890] Ignore ENOBUFS on routing netlink socket. Konstantin Khlebnikov. + +diff -up ntp-4.2.6p5/ntpd/ntp_io.c.netlinknobuf ntp-4.2.6p5/ntpd/ntp_io.c +--- ntp-4.2.6p5/ntpd/ntp_io.c.netlinknobuf 2019-01-11 12:34:09.115195268 +0100 ++++ ntp-4.2.6p5/ntpd/ntp_io.c 2019-01-11 12:34:21.356195246 +0100 +@@ -4480,10 +4480,15 @@ process_routing_msgs(struct asyncio_read + cnt = read(reader->fd, buffer, sizeof(buffer)); + + if (cnt < 0) { +- msyslog(LOG_ERR, +- "i/o error on routing socket %m - disabling"); +- remove_asyncio_reader(reader); +- delete_asyncio_reader(reader); ++ if (errno == ENOBUFS) { ++ msyslog(LOG_ERR, ++ "routing socket reports: %m"); ++ } else { ++ msyslog(LOG_ERR, ++ "routing socket reports: %m - disabling"); ++ remove_asyncio_reader(reader); ++ delete_asyncio_reader(reader); ++ } + return; + } + diff --git a/SOURCES/ntpstat-0.2-clksrc.patch b/SOURCES/ntpstat-0.2-clksrc.patch deleted file mode 100644 index c427f1f..0000000 --- a/SOURCES/ntpstat-0.2-clksrc.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up ntp-4.2.4p7/ntpstat-0.2/ntpstat.c.ntpstat ntp-4.2.4p7/ntpstat-0.2/ntpstat.c ---- ntp-4.2.4p7/ntpstat-0.2/ntpstat.c.ntpstat 2002-06-10 08:02:12.000000000 +0200 -+++ ntp-4.2.4p7/ntpstat-0.2/ntpstat.c 2009-07-20 12:22:35.000000000 +0200 -@@ -187,7 +187,7 @@ int main (void) { - else - printf("unknown source"); - -- if (!strncmp(clksrcname[clksrc],clksrcname[6],sizeof(clksrcname[6]))) { -+ if (clksrc == 6) { - // source of sync is another NTP server so check the IP address - strncpy(buff, ntpmsg.payload, sizeof(buff)); - if ((newstr = strstr (buff, REFID))) { diff --git a/SOURCES/ntpstat-0.2-errorbit.patch b/SOURCES/ntpstat-0.2-errorbit.patch deleted file mode 100644 index 06e9342..0000000 --- a/SOURCES/ntpstat-0.2-errorbit.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff -up ntp-4.2.6p4/ntpstat-0.2/ntpstat.c.errorbit ntp-4.2.6p4/ntpstat-0.2/ntpstat.c ---- ntp-4.2.6p4/ntpstat-0.2/ntpstat.c.errorbit 2011-10-06 13:41:38.591669772 +0200 -+++ ntp-4.2.6p4/ntpstat-0.2/ntpstat.c 2011-10-06 16:50:01.708315811 +0200 -@@ -104,6 +104,7 @@ int main (void) { - FD_ZERO(&fds); - - inet_aton("127.0.0.1", &address); -+ memset(&sock, 0, sizeof (sock));; - sock.sin_family = AF_INET; - sock.sin_addr = address; - sock.sin_port = htons(NTP_PORT); -@@ -159,15 +160,18 @@ int main (void) { - die ("return data appears to be invalid based on status word"); - } - -- if (!(ntpmsg.byte2 | EMASK)) { -+ if (ntpmsg.byte2 & EMASK) { - fprintf (stderr,"status byte2 is %02x\n", ntpmsg.byte2 ); - die ("error bit is set in reply"); - } - -- if (!(ntpmsg.byte2 | MMASK)) { -+ /* ignore the more bit */ -+#if 0 -+ if (ntpmsg.byte2 & MMASK) { - fprintf (stderr,"status byte2 is %02x\n", ntpmsg.byte2 ); - fprintf (stderr,"More bit unexpected in reply"); - } -+#endif - - /* if the leap indicator (LI), which is the two most significant bits - in status byte1, are both one, then the clock is not synchronised. */ diff --git a/SOURCES/ntpstat-0.2-manual.patch b/SOURCES/ntpstat-0.2-manual.patch deleted file mode 100644 index 99dbb6a..0000000 --- a/SOURCES/ntpstat-0.2-manual.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff -up ntp-4.2.6p5/ntpstat-0.2/ntpstat.1.manual ntp-4.2.6p5/ntpstat-0.2/ntpstat.1 ---- ntp-4.2.6p5/ntpstat-0.2/ntpstat.1.manual 2002-06-10 08:02:12.000000000 +0200 -+++ ntp-4.2.6p5/ntpstat-0.2/ntpstat.1 2015-12-04 17:28:23.379793604 +0100 -@@ -1,4 +1,4 @@ --.TH ntpstat 1 "$Date: 2001/06/22 03:27:10 $" -+.TH ntpstat 1 - .UC 4 - .SH NAME - ntpstat \- show network time synchronisation status -@@ -6,12 +6,18 @@ ntpstat \- show network time synchronisa - .B ntpstat - .SH DESCRIPTION - .I ntpstat --will report the synchronisation state of the NTP daemon -+will report the synchronisation state of the NTP daemon (ntpd) - running on the local machine. If the local system is found to be - synchronised to a reference time source, - .I ntpstat - will report the approximate time accuracy. - -+When the synchronised state is reported, it means the system clock was updated -+at some point. There is no timeout for this state. It will stay there even -+when the source becomes unreachable and there are no other sources available. -+However, the reported accuracy will be slowly increasing, in the default ntpd -+configuration by 15 microseconds per second. -+ - .SH RETURNS - .I ntpstat - returns 0 if clock is synchronised. -@@ -22,7 +28,10 @@ returns 2 if clock state is indeterminan - if ntpd is not contactable. - - .SH SEE ALSO --ntpdc, ntpdq -+.BR ntp_misc (5), -+.BR ntpd (8), -+.BR ntpq (8), -+.BR ntpdc (8) - - .SH AUTHOR - G. Richard Keech (rkeech@redhat.com) diff --git a/SOURCES/ntpstat-0.2-maxerror.patch b/SOURCES/ntpstat-0.2-maxerror.patch deleted file mode 100644 index f8ab750..0000000 --- a/SOURCES/ntpstat-0.2-maxerror.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up ntp-4.2.6p1/ntpstat-0.2/ntpstat.c.maxerror ntp-4.2.6p1/ntpstat-0.2/ntpstat.c ---- ntp-4.2.6p1/ntpstat-0.2/ntpstat.c.maxerror 2010-05-03 11:37:49.000000000 +0200 -+++ ntp-4.2.6p1/ntpstat-0.2/ntpstat.c 2010-05-03 12:20:08.000000000 +0200 -@@ -89,7 +89,9 @@ int main (void) { - "modem"}; /* 9 */ - char *newstr; - char *dispstr; -+ char *delaystr; - const char DISP[] = "rootdisp="; -+ const char DELAY[] = "rootdelay="; - const char STRATUM[] = "stratum="; - const char POLL[] = "tc="; - const char REFID[] = "refid="; -@@ -235,16 +237,19 @@ int main (void) { - /* Set the position of the start of the string to - "rootdispersion=" part of the string. */ - strncpy(buff, ntpmsg.payload, sizeof(buff)); -- if ((newstr = strstr (buff, DISP))) { -- newstr += sizeof(DISP) - 1; -- dispstr = strtok(newstr,"."); -+ if ((dispstr = strstr (buff, DISP)) && (delaystr = strstr (buff, DELAY))) { -+ dispstr += sizeof(DISP) - 1; -+ dispstr = strtok(dispstr,","); -+ delaystr += sizeof(DELAY) - 1; -+ delaystr = strtok(delaystr,","); - - /* Check the resultant string is of a reasonable length */ -- if ((strlen (dispstr) == 0) || (strlen (dispstr) > 4)) { -+ if ((strlen (dispstr) == 0) || (strlen (dispstr) > 10) || -+ (strlen (delaystr) == 0) || (strlen (delaystr) > 10)) { - printf ("accuracy unreadable\n"); - } - else { -- printf(" time correct to within %s ms\n",dispstr); -+ printf(" time correct to within %.0f ms\n", atof(dispstr) + atof(delaystr) / 2.0); - } - } else { - rc=1; diff --git a/SOURCES/ntpstat-0.2-multipacket.patch b/SOURCES/ntpstat-0.2-multipacket.patch deleted file mode 100644 index ca21257..0000000 --- a/SOURCES/ntpstat-0.2-multipacket.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up ntp-4.2.4p7/ntpstat-0.2/ntpstat.c.ntpstat ntp-4.2.4p7/ntpstat-0.2/ntpstat.c ---- ntp-4.2.4p7/ntpstat-0.2/ntpstat.c.ntpstat 2002-06-10 08:02:12.000000000 +0200 -+++ ntp-4.2.4p7/ntpstat-0.2/ntpstat.c 2009-07-20 12:22:35.000000000 +0200 -@@ -151,7 +151,7 @@ int main (void) { - /* For the reply message to be valid, the first byte should be as sent, - and the second byte should be the same, with the response bit set */ - byte1ok = ((ntpmsg.byte1&0x3F) == B1VAL); -- byte2ok = (ntpmsg.byte2 == (B2VAL|RMASK)); -+ byte2ok = ((ntpmsg.byte2 & ~MMASK) == (B2VAL|RMASK)); - if (!(byte1ok && byte2ok)) { - fprintf (stderr,"status word is 0x%02x%02x\n", ntpmsg.byte1,ntpmsg.byte2 ); - die ("return data appears to be invalid based on status word"); diff --git a/SOURCES/ntpstat-0.2-sysvars.patch b/SOURCES/ntpstat-0.2-sysvars.patch deleted file mode 100644 index 3f641a9..0000000 --- a/SOURCES/ntpstat-0.2-sysvars.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -up ntp-4.2.6p1/ntpstat-0.2/ntpstat.c.sysvars ntp-4.2.6p1/ntpstat-0.2/ntpstat.c ---- ntp-4.2.6p1/ntpstat-0.2/ntpstat.c.sysvars 2010-05-03 11:27:47.000000000 +0200 -+++ ntp-4.2.6p1/ntpstat-0.2/ntpstat.c 2010-05-03 11:32:56.000000000 +0200 -@@ -89,9 +89,9 @@ int main (void) { - "modem"}; /* 9 */ - char *newstr; - char *dispstr; -- const char DISP[] = "rootdispersion="; -+ const char DISP[] = "rootdisp="; - const char STRATUM[] = "stratum="; -- const char POLL[] = "poll="; -+ const char POLL[] = "tc="; - const char REFID[] = "refid="; - - /* initialise timeout value */ diff --git a/SOURCES/ntpstat-compat.patch b/SOURCES/ntpstat-compat.patch new file mode 100644 index 0000000..5d81706 --- /dev/null +++ b/SOURCES/ntpstat-compat.patch @@ -0,0 +1,41 @@ +diff -up ntp-4.2.6p5/ntpstat-0.5/ntpstat.compat ntp-4.2.6p5/ntpstat-0.5/ntpstat +--- ntp-4.2.6p5/ntpstat-0.5/ntpstat.compat 2018-03-20 16:02:33.000000000 +0100 ++++ ntp-4.2.6p5/ntpstat-0.5/ntpstat 2019-01-11 16:52:04.003167878 +0100 +@@ -116,6 +116,7 @@ get_ntpd_state() { + disp=$(parse_rv_field "$output" "rootdisp") + distance=$(echo "$delay $disp" | awk '{ printf "%.3f", $1 / 2.0 + $2 }') + ++ : <<'EOF' + syspeer_id=$("${NTPQ[@]}" -c associations 2> /dev/null |\ + grep 'sys\.peer' | awk '{ print $2 }') || return 4 + output=$("${NTPQ[@]}" -c "rv $syspeer_id" 2> /dev/null) || return 5 +@@ -124,6 +125,19 @@ get_ntpd_state() { + address=$(parse_rv_field "$output" "srcadr") + fi + poll=$(parse_rv_field "$output" "hpoll") ++EOF ++ ++ # bug compatibility with original EL7 ntpstat ++ # - refid interpretted as IP address ++ # - tc interpretted as poll ++ # - code 1 (no drift file in NTPv4) printed as server restart in NTPv3 ++ address=$(parse_rv_field "$output" "refid") ++ poll=$(parse_rv_field "$output" "tc") ++ local code=$(parse_rv_field "$output" "status" | \ ++ awk '{ print and(strtonum($1), 0xf) }') ++ if [ "$leap" -eq 3 ] && [ "$code" -eq 1 ]; then ++ leap=4 ++ fi + + echo "$leap,$source,$address,$stratum,$distance,$poll" + } +@@ -176,6 +190,9 @@ if [ "$leap" -ge 0 -a "$leap" -le 2 ]; t + fi + else + printf "unsynchronised\n" ++ if [ "$leap" -eq 4 ]; then ++ printf " time server re-starting\n" ++ fi + status=1 + fi + diff --git a/SPECS/ntp.spec b/SPECS/ntp.spec index 52ad9aa..6527a43 100644 --- a/SPECS/ntp.spec +++ b/SPECS/ntp.spec @@ -1,7 +1,7 @@ Summary: The NTP daemon and utilities Name: ntp Version: 4.2.6p5 -Release: 28%{?dist} +Release: 29%{?dist} # primary license (COPYRIGHT) : MIT # ElectricFence/ (not used) : GPLv2 # kernel/sys/ppsclock.h (not used) : BSD with advertising @@ -34,8 +34,7 @@ Source0: http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-%{version}.ta Source1: ntp.conf Source2: ntp.keys Source4: ntpd.sysconfig -# http://people.redhat.com/rkeech/#ntpstat -Source5: ntpstat-0.2.tgz +Source5: https://github.com/mlichvar/ntpstat/archive/0.5/ntpstat-0.5.tar.gz Source6: ntp.step-tickers Source7: ntpdate.wrapper Source8: ntp.cryptopw @@ -193,19 +192,17 @@ Patch72: ntp-4.2.6p5-tsyncdriver.patch Patch73: ntp-4.2.6p5-staunsync.patch # use SHA1 request key by default (#1442083) Patch74: ntp-4.2.6p5-defreqkey.patch - -# handle unknown clock types -Patch100: ntpstat-0.2-clksrc.patch -# process first packet in multipacket response -Patch101: ntpstat-0.2-multipacket.patch -# use current system variable names -Patch102: ntpstat-0.2-sysvars.patch -# print synchronization distance instead of dispersion -Patch103: ntpstat-0.2-maxerror.patch -# fix error bit checking -Patch104: ntpstat-0.2-errorbit.patch -# improve man page -Patch105: ntpstat-0.2-manual.patch +# ntpbz #3505 +Patch75: ntp-4.2.6p5-cve-2018-12327.patch +# ntpbz #2922 +Patch76: ntp-4.2.6p5-decodenetnum.patch +# ntpbz #2224 +Patch77: ntp-4.2.6p5-netlinkdrop.patch +# ntpbz #2890 +Patch78: ntp-4.2.6p5-netlinknobuf.patch + +# add bugs for compatibility with original EL7 ntpstat +Patch100: ntpstat-compat.patch URL: http://www.ntp.org Requires(post): systemd-units @@ -276,7 +273,7 @@ This package contains NTP documentation in HTML format. # pool.ntp.org vendor zone which will be used in ntp.conf %if 0%{!?vendorzone:1} %{?fedora: %global vendorzone fedora.} -%{?rhel: %global vendorzone centos.} +%{?rhel: %global vendorzone rhel.} %endif %prep @@ -357,14 +354,12 @@ This package contains NTP documentation in HTML format. %patch72 -p1 -b .tsyncdriver %patch73 -p1 -b .staunsync %patch74 -p1 -b .defreqkey +%patch75 -p1 -b .cve-2018-12327 +%patch76 -p1 -b .decodenetnum +%patch77 -p1 -b .netlinkdrop +%patch78 -p1 -b .netlinknobuf -# ntpstat patches -%patch100 -p1 -b .clksrc -%patch101 -p1 -b .multipacket -%patch102 -p1 -b .sysvars -%patch103 -p1 -b .maxerror -%patch104 -p1 -b .errorbit -%patch105 -p1 -b .manual +%patch100 -p1 -b .compat # set default path to sntp KoD database sed -i 's|/var/db/ntp-kod|%{_localstatedir}/lib/sntp/kod|' sntp/{sntp.1,main.c} @@ -386,6 +381,10 @@ touch ntpd/ntpd.1 util/ntp-keygen.1 rm ntpd/ntp_parser.{c,h} echo > ntpd/ntp_keyword.h +# hardcode paths in ntpstat +sed -i '/^CHRONYC=/s|chronyc|%{_bindir}/chronyc|' ntpstat-*/ntpstat +sed -i '/^NTPQ=/s|ntpq|%{_sbindir}/ntpq|' ntpstat-*/ntpstat + %build sed -i 's|$CFLAGS -Wstrict-overflow|$CFLAGS|' configure sntp/configure export CFLAGS="$RPM_OPT_FLAGS -fPIE -fno-strict-aliasing -fno-strict-overflow" @@ -412,8 +411,6 @@ pushd html sed -i 's/^[\t\ ]*$//;/./,/^$/!d' man/man*/*.[58] popd -make -C ntpstat-0.2 CFLAGS="$CFLAGS" - %install make DESTDIR=$RPM_BUILD_ROOT bindir=%{_sbindir} install @@ -422,11 +419,7 @@ sed -i 's/sntp\.1/sntp\.8/' $RPM_BUILD_ROOT%{_mandir}/man1/sntp.1 mv $RPM_BUILD_ROOT%{_mandir}/man{1/sntp.1,8/sntp.8} rm -rf $RPM_BUILD_ROOT%{_mandir}/man1 -pushd ntpstat-0.2 -mkdir -p $RPM_BUILD_ROOT%{_bindir} -install -m 755 ntpstat $RPM_BUILD_ROOT%{_bindir} -install -m 644 ntpstat.1 $RPM_BUILD_ROOT%{_mandir}/man8/ntpstat.8 -popd +%makeinstall -C ntpstat-* # fix section numbers sed -i 's/\(\.TH[a-zA-Z ]*\)[1-9]\(.*\)/\18\2/' $RPM_BUILD_ROOT%{_mandir}/man8/*.8 @@ -533,12 +526,12 @@ popd %ghost %attr(644,ntp,ntp) %{_localstatedir}/lib/ntp/drift %dir %attr(-,ntp,ntp) %{_localstatedir}/log/ntpstats %{_bindir}/ntpstat +%{_mandir}/man1/ntpstat.1* %{_mandir}/man5/*.5* %{_mandir}/man8/ntp-keygen.8* %{_mandir}/man8/ntpd.8* %{_mandir}/man8/ntpdc.8* %{_mandir}/man8/ntpq.8* -%{_mandir}/man8/ntpstat.8* %{_mandir}/man8/ntptime.8* %{_mandir}/man8/tickadj.8* %{_prefix}/lib/systemd/ntp-units.d/*.list @@ -575,8 +568,13 @@ popd %{ntpdocdir}/html %changelog -* Tue Apr 10 2018 CentOS Sources - 4.2.6p5-28.el7.centos -- rebrand vendorzone +* Fri Jan 11 2019 Miroslav Lichvar 4.2.6p5-29 +- fix CVE-2016-7429 patch to restore default ttl configuration (#1550637) +- fix buffer overflow in parsing of address in ntpq and ntpdc (CVE-2018-12327) +- fix crash in parsing of received address in ntpq (#1616250) +- avoid reading freed memory after disabling netlink socket (#1555401) +- don't disable netlink socket on ENOBUFS error (#1555413) +- replace ntpstat with shell script using ntpq and supporting chrony (#1592871) * Mon Oct 09 2017 Miroslav Lichvar 4.2.6p5-28 - fix buffer overflow in datum refclock driver (CVE-2017-6462)