Uprev ntp to version 4.2.6p5-29.el7

This solves:
ntp: Stack-based buffer overflow in ntpq and ntpdc allows
denial of service or code execution (CVE-2018-12327)

See the announcement link:

https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006016.html

for more details.

Here we refresh the meta patches and correct the crime of
"name of patch file differs from git format-patch".  We
also clean up the commit short logs.

Change-Id: I263465d85f06096296fdd478a302eb110ab1259c
Closes-Bug: 1849197
Depends-On: https://review.opendev.org/#/c/695983
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
This commit is contained in:
Jim Somerville 2019-11-25 16:07:17 -05:00
parent dcacc409f4
commit 5d854355d8
5 changed files with 50 additions and 44 deletions

View File

@ -0,0 +1,41 @@
From fbfbbc827d080370f71a76284dde4dc3dd1d16da Mon Sep 17 00:00:00 2001
Message-Id: <fbfbbc827d080370f71a76284dde4dc3dd1d16da.1574708120.git.Jim.Somerville@windriver.com>
In-Reply-To: <536afc9500d65768db35f6ca07c21c490b19bda7.1574708120.git.Jim.Somerville@windriver.com>
References: <536afc9500d65768db35f6ca07c21c490b19bda7.1574708120.git.Jim.Somerville@windriver.com>
From: Kristine Bujold <kristine.bujold@windriver.com>
Date: Tue, 3 Sep 2019 16:18:58 -0400
Subject: [PATCH 2/2] Fix ntpq truncates IPV6 addresses
Signed-off-by: Kristine Bujold <kristine.bujold@windriver.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/ntp.spec | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/SPECS/ntp.spec b/SPECS/ntp.spec
index 84aa1ac..4d32d8c 100644
--- a/SPECS/ntp.spec
+++ b/SPECS/ntp.spec
@@ -204,6 +204,9 @@ Patch78: ntp-4.2.6p5-netlinknobuf.patch
# add bugs for compatibility with original EL7 ntpstat
Patch100: ntpstat-compat.patch
+# STX IPV6 ntpq patch
+Patch500: Fix-ntpq-truncates-IPV6-addresses.patch
+
URL: http://www.ntp.org
Requires(post): systemd-units
Requires(preun): systemd-units
@@ -361,6 +364,9 @@ This package contains NTP documentation in HTML format.
%patch100 -p1 -b .compat
+%patch500 -p1 -b .ntpq-truncates-IPV6-addresses
+
+
# set default path to sntp KoD database
sed -i 's|/var/db/ntp-kod|%{_localstatedir}/lib/sntp/kod|' sntp/{sntp.1,main.c}
--
1.8.3.1

View File

@ -1,37 +0,0 @@
From 44c7f5aa4df30c2ac8eae5a956dc503d7e62e1fd Mon Sep 17 00:00:00 2001
From: Kristine Bujold <kristine.bujold@windriver.com>
Date: Tue, 3 Sep 2019 16:18:58 -0400
Subject: [PATCH] Include patch Fix-ntpq-truncates-IPV6-addresses.patch.
Signed-off-by: Kristine Bujold <kristine.bujold@windriver.com>
---
SPECS/ntp.spec | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/SPECS/ntp.spec b/SPECS/ntp.spec
index a9ebf30..330d5b0 100644
--- a/SPECS/ntp.spec
+++ b/SPECS/ntp.spec
@@ -207,6 +207,9 @@ Patch104: ntpstat-0.2-errorbit.patch
# improve man page
Patch105: ntpstat-0.2-manual.patch
+# STX IPV6 ntpq patch
+Patch500: Fix-ntpq-truncates-IPV6-addresses.patch
+
URL: http://www.ntp.org
Requires(post): systemd-units
Requires(preun): systemd-units
@@ -366,6 +369,9 @@ This package contains NTP documentation in HTML format.
%patch104 -p1 -b .errorbit
%patch105 -p1 -b .manual
+%patch500 -p1 -b .ntpq-truncates-IPV6-addresses
+
+
# set default path to sntp KoD database
sed -i 's|/var/db/ntp-kod|%{_localstatedir}/lib/sntp/kod|' sntp/{sntp.1,main.c}
--
1.8.3.1

View File

@ -1,2 +1,2 @@
Update-package-versioning-for-TIS-format.patch
Include-patch-Fix-ntpq-truncates-IPV6-addresses.patch
Fix-ntpq-truncates-IPV6-addresses.patch

View File

@ -1,23 +1,25 @@
From b7992d01d3ce4ccb51f73e7c1c4e3f4cb9e8e454 Mon Sep 17 00:00:00 2001
From 536afc9500d65768db35f6ca07c21c490b19bda7 Mon Sep 17 00:00:00 2001
Message-Id: <536afc9500d65768db35f6ca07c21c490b19bda7.1574708120.git.Jim.Somerville@windriver.com>
From: Kristine Bujold <kristine.bujold@windriver.com>
Date: Tue, 3 Sep 2019 16:08:25 -0400
Subject: [PATCH] Update-package-versioning-for-TIS-format
Subject: [PATCH 1/2] Update package versioning for TIS format
Signed-off-by: Kristine Bujold <kristine.bujold@windriver.com>
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
---
SPECS/ntp.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SPECS/ntp.spec b/SPECS/ntp.spec
index 52ad9aa..a9ebf30 100644
index 178a961..84aa1ac 100644
--- a/SPECS/ntp.spec
+++ b/SPECS/ntp.spec
@@ -1,7 +1,7 @@
Summary: The NTP daemon and utilities
Name: ntp
Version: 4.2.6p5
-Release: 28%{?dist}
+Release: 28.el7.centos%{?_tis_dist}.%{tis_patch_ver}
-Release: 29%{?dist}
+Release: 29.el7.centos%{?_tis_dist}.%{tis_patch_ver}
# primary license (COPYRIGHT) : MIT
# ElectricFence/ (not used) : GPLv2
# kernel/sys/ppsclock.h (not used) : BSD with advertising

View File

@ -1 +1 @@
mirror:Source/ntp-4.2.6p5-28.el7.centos.src.rpm
mirror:Source/ntp-4.2.6p5-29.el7.centos.src.rpm