Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-29 10:25:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/patches/source/ntp/fix_ipv6_locallink_regression.diff
Patrick J Volkerding 0e307de269 Wed Jul 17 19:29:24 UTC 2024 
patches/packages/openssl-1.1.1za-x86_64-1_slack15.0.txz:  Upgraded.
  Apply patches to fix CVEs that were fixed by the 1.1.1{x,y,za} releases that
  were only available to subscribers to OpenSSL's premium extended support.
  These patches were prepared by backporting commits from the OpenSSL-3.0 repo.
  The reported version number has been updated so that vulnerability scanners
  calm down. All of these issues were considered to be of low severity.
  Thanks to Ken Zalewski for the patches!
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-5678
    https://www.cve.org/CVERecord?id=CVE-2024-0727
    https://www.cve.org/CVERecord?id=CVE-2024-2511
    https://www.cve.org/CVERecord?id=CVE-2024-4741
    https://www.cve.org/CVERecord?id=CVE-2024-5535
  (* Security fix *)
patches/packages/openssl-solibs-1.1.1za-x86_64-1_slack15.0.txz:  Upgraded.
2024-07-18 13:31:00 +02:00

37 lines
1.4 KiB
Diff
Raw Blame History

This patch fixes a regression introduced in ntpd revision 1.4040.1.4[1].
The first ntpd release to be affected was 4.2.8p18.
If the IPv6 link-local interface was not ready for binding on the first
attempt, ntpd would segfault in update_interfaces(). The cause was the
inadvertent referencing of the endpoint returned by create_interface() (ep,
which is NULL on error) rather than the endpoint which contained the address
information (ep2).
In the patch author's experience, the segfault would only occur when ntpd
was started as part of the boot sequence. Most - but not all - boots were
affected. Evidently it could happen that the timing of ntpd's start up was
delayed enough that the IPv6 link-local interface was ready for the bind()
call when it was first issued by open_socket() via create_interface().
No segfaults were observed by the patch's author when starting ntpd manually
after logging in.
[1] [Bug 3913] Avoid duplicate IPv6 link-local manycast associations.
Complete the switch from struct interface to endpt.
--- a/ntp-4.2.8p18/ntpd/ntp_io.c 2024-05-07 20:51:17.000000000 +0930
+++ b/ntp-4.2.8p18/ntpd/ntp_io.c 2024-07-16 22:06:48.873953452 +0930
@@ -1921,11 +1921,11 @@
}
else {
DPRINT_INTERFACE(3,
- (ep, "updating ", " new - FAILED"));
+ (ep2, "updating ", " new - FAILED"));
msyslog(LOG_ERR,
"cannot bind address %s",
- stoa(&ep->sin));
+ stoa(&ep2->sin));
}
free(ep2);
}
Reference in a new issue View git blame Copy permalink