Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc/ntp/files
diff options
context:
space:
mode:
authorJeroen Roovers <jer@gentoo.org>2009-12-10 15:08:41 +0000
committerJeroen Roovers <jer@gentoo.org>2009-12-10 15:08:41 +0000
commitbbd3cdca88f86b2c5ca9e97038df5a4ab4805e3a (patch)
tree90c0069a9ea7bd501246340e0cf16afe541034a2 /net-misc/ntp/files
parentstable x86, bug 296265 (diff)
downloadhistorical-bbd3cdca88f86b2c5ca9e97038df5a4ab4805e3a.tar.gz
historical-bbd3cdca88f86b2c5ca9e97038df5a4ab4805e3a.tar.bz2
historical-bbd3cdca88f86b2c5ca9e97038df5a4ab4805e3a.zip
Revision bump (bug #290881).
Package-Manager: portage-2.2_rc57/cvs/Linux i686 RepoMan-Options: --force
Diffstat (limited to 'net-misc/ntp/files')
-rw-r--r--net-misc/ntp/files/ntp-4.2.4_p7-CVE-2009-3563.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/net-misc/ntp/files/ntp-4.2.4_p7-CVE-2009-3563.patch b/net-misc/ntp/files/ntp-4.2.4_p7-CVE-2009-3563.patch
new file mode 100644
index 000000000000..7fdcc336693f
--- /dev/null
+++ b/net-misc/ntp/files/ntp-4.2.4_p7-CVE-2009-3563.patch
@@ -0,0 +1,56 @@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2009/10/07 01:33:22+00:00 davehart@shiny.ad.hartbrothers.com
+# [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.
+#
+# ChangeLog
+# 2009/10/07 01:33:21+00:00 davehart@shiny.ad.hartbrothers.com +4 -0
+# [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.
+#
+# ntpd/ntp_request.c
+# 2009/10/07 01:33:21+00:00 davehart@shiny.ad.hartbrothers.com +9 -2
+# [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.
+#
+Index: ntp-4.2.4p7/ChangeLog
+===================================================================
+--- ntp-4.2.4p7.orig/ChangeLog
++++ ntp-4.2.4p7/ChangeLog
+@@ -1,4 +1,8 @@
+ ---
++
++* [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.
++
++---
+ (4.2.4p7) 2009/05/18 Released by Harlan Stenn <stenn@ntp.org>
+
+ * [Sec 1151] Remote exploit if autokey is enabled - CVE-2009-1252.
+Index: ntp-4.2.4p7/ntpd/ntp_request.c
+===================================================================
+--- ntp-4.2.4p7.orig/ntpd/ntp_request.c
++++ ntp-4.2.4p7/ntpd/ntp_request.c
+@@ -409,6 +409,7 @@ process_private(
+ int mod_okay
+ )
+ {
++ static u_long quiet_until;
+ struct req_pkt *inpkt;
+ struct req_pkt_tail *tailinpkt;
+ struct sockaddr_storage *srcadr;
+@@ -444,8 +445,14 @@ process_private(
+ || (++ec, INFO_MBZ(inpkt->mbz_itemsize) != 0)
+ || (++ec, rbufp->recv_length < REQ_LEN_HDR)
+ ) {
+- msyslog(LOG_ERR, "process_private: INFO_ERR_FMT: test %d failed, pkt from %s", ec, stoa(srcadr));
+- req_ack(srcadr, inter, inpkt, INFO_ERR_FMT);
++ NLOG(NLOG_SYSEVENT)
++ if (current_time >= quiet_until) {
++ msyslog(LOG_ERR,
++ "process_private: drop test %d"
++ " failed, pkt from %s",
++ ec, stoa(srcadr));
++ quiet_until = current_time + 60;
++ }
+ return;
+ }
+