[ntp:hackers] NTP Development Snapshot 4.3.98 Released

NTP Public Services Project webmaster at ntp.org
Fri Jun 7 08:30:03 UTC 2019


NTP Development Snapshot 4.3.98 is now available for download.

Security Updates:

* [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability
  - fixed stack buffer overflow in the openhost() command-line call
    of NTPQ/NTPDC <perlinger at ntp.org>
   http://bugs.ntp.org/3505
* [Sec 3012] noepeer tweaks.  <stenn at ntp.org>
   http://bugs.ntp.org/3012

Bug Fixes:

* [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger at ntp.org>
  - rework of ntpq 'nextvar()' key/value parsing
   http://bugs.ntp.org/3484
* [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3485
* [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3486
* [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer
  - According to Brooks Davis, there was only one location <perlinger at ntp.org>
   http://bugs.ntp.org/3456
* [Bug 2821] minor build issues <perlinger at ntp.org>
  - applied patches by Christos Zoulas, including real bug fixes
   http://bugs.ntp.org/2821
* [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger at ntp.org>
   http://bugs.ntp.org/3470
* [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger at ntp.org>
  - changed interaction with SCM to signal pending startup
   http://bugs.ntp.org/3506
* [Bug 3426] ntpdate.html -t default is 2 seconds.  Leonid Evdokimov.
   http://bugs.ntp.org/3426
* [Bug 3471] Check for openssl/[ch]mac.h.  HStenn.
  - add #define ENABLE_CMAC support in configure.  HStenn.
   http://bugs.ntp.org/3471
* [Bug 3509] Add support for running as non-root on FreeBSD, Darwin,
             other TrustedBSD platforms
  - applied patch by Ian Lepore <perlinger at ntp.org>
   http://bugs.ntp.org/3509
* [Bug 3474] Missing pmode in mode7 peer info response <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3474
* [Bug 3475] modify prettydate() to suppress output of zero time <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3475
* [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger at ntp.org>
  - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though
   http://bugs.ntp.org/3476
* [Bug 3521] Fix a logic bug in the INVALIDNAK checks.  <stenn at ntp.org>
   http://bugs.ntp.org/3521
* [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey,
  with modifications
  New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c.
   http://bugs.ntp.org/3442
* [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger at ntp.org>
  - applied patch by Gerry Garvey (with mods)
   http://bugs.ntp.org/3479
* [Bug 3445] Symmetric peer won't sync on startup <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3445
* [Bug 3121] Drop root privileges for the forked DNS worker <perlinger at ntp.org>
  - integrated patch by  Reinhard Max
   http://bugs.ntp.org/3121
* [Bug 3449] ntpq - display "loop" instead of refid [...] <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3449
* [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph.  <stenn at ntp.org>
   http://bugs.ntp.org/3460
* [Bug 3461] refclock_shm.c: clear error status on clock recovery <perlinger at ntp.org>
  - initial patch by Hal Murray; also fixed refclock_report() trouble
   http://bugs.ntp.org/3461
* [Bug 3465] Default TTL values cannot be used <perlinger at ntp.org>
   http://bugs.ntp.org/3465
* [Bug 3467] Potential memory fault in ntpq [...] <perlinger at ntp.org>
  - fixed IO redirection and CTRL-C handling in ntq and ntpdc
   http://bugs.ntp.org/3467
* [Bug 3469] Incomplete string compare [...] in is_refclk_addr <perlinger at ntp.org>
  - patch by Stephen Friedl
   http://bugs.ntp.org/3469
* [Bug 3434] ntpd clears STA_UNSYNC on start <perlinger at ntp.org>
  - applied patch by Miroslav Lichvar
   http://bugs.ntp.org/3434
* [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger at ntp.org>
  - applied patch by Gerry Garvey
   http://bugs.ntp.org/3480
* [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger at ntp.org>
  - applied patch by Gerry Garvey (with mods)
   http://bugs.ntp.org/3482

Other Changes:

* ntpd/ntpd.c: DROPROOT cleanup.  <stenn at ntp.org>
* Symmetric key range is 1-65535.  Update docs.  <stenn at ntp.org>
* html/authentic.html: cleanup, from <stenn at ntp.org>
* html/authopt.html: cleanup, from <stenn at ntp.org>

Tarball:

http://archive.ntp.org/ntp4/ntp-dev/ntp-dev-4.3.98.tar.gz 

MD5 sum:

http://archive.ntp.org/ntp4/ntp-dev/ntp-dev-4.3.98.tar.gz.md5

Complete ChangeLog:

http://archive.ntp.org/ntp4/ChangeLog-dev

Please report any bugs, issues, or desired enhancements at
http://bugs.ntp.org/.



More information about the hackers mailing list