Page MenuHomeFreeBSD

Fix various ntpd vulnerabilities.
ClosedPublic

Authored by delphij on Dec 20 2014, 12:50 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Dec 4, 10:02 PM
Unknown Object (File)
Nov 24 2024, 3:31 AM
Unknown Object (File)
Nov 20 2024, 10:05 PM
Unknown Object (File)
Nov 7 2024, 2:29 PM
Unknown Object (File)
Nov 7 2024, 2:29 PM
Unknown Object (File)
Nov 7 2024, 2:29 PM
Unknown Object (File)
Nov 7 2024, 2:29 PM
Unknown Object (File)
Oct 19 2024, 2:05 PM
Subscribers

Details

Summary

Fix various ntpd vulnerabilities.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

delphij retitled this revision from to Fix various ntpd vulnerabilities..
delphij updated this object.
delphij edited the test plan for this revision. (Show Details)
delphij added a reviewer: roberto.
roberto edited edge metadata.

This is all security-relevant diffs from upstream then? Go for commit.

This revision is now accepted and ready to land.Dec 20 2014, 9:44 AM
delphij edited edge metadata.

Fix a missed codepath.

This revision now requires review to proceed.Dec 21 2014, 8:27 AM
delphij edited edge metadata.

Oops, updated the changeset at wrong time (updating tree).

This looks complete and correct to me.

contrib/ntp/ntpd/ntp_crypto.c
867 ↗(On Diff #2803)

Since nothing else in this file appears to be declared in a block other than a function, maybe *cookiebuf should be declared with the other variables at the beginning of the function. But if this is upstream, there's no point in diverging gratuitously.

contrib/ntp/util/ntp-keygen.c
678 ↗(On Diff #2803)

Maybe this should be a #define?

delphij updated this revision to Diff 2820.

Closed by commit rS276071 (authored by @delphij).