svn commit: r370263 - in head/net/ntp: . files
Cy Schubert
cy at FreeBSD.org
Tue Oct 7 00:21:54 UTC 2014
Author: cy
Date: Tue Oct 7 00:21:52 2014
New Revision: 370263
URL: https://svnweb.freebsd.org/changeset/ports/370263
QAT: https://qat.redports.org/buildarchive/r370263/
Log:
Apply upstream recommended patch for CVE-2013-5211 and unforbid.
Submitted by: Harlan Stenn <stenn at nwtime.org> - ntp.org upline
Also Obtained from: ntp in base (r265465)
Added:
head/net/ntp/files/patch-ntpd-ntp_request.c (contents, props changed)
head/net/ntp/files/patch-ntpd-ntpd.c (contents, props changed)
Modified:
head/net/ntp/Makefile
Modified: head/net/ntp/Makefile
==============================================================================
--- head/net/ntp/Makefile Mon Oct 6 23:40:52 2014 (r370262)
+++ head/net/ntp/Makefile Tue Oct 7 00:21:52 2014 (r370263)
@@ -3,7 +3,7 @@
PORTNAME= ntp
PORTVERSION?= 4.2.6p5
-PORTREVISION= 3
+PORTREVISION= 4
CATEGORIES= net ipv6
MASTER_SITES= ftp://ftp.udel.edu/pub/ntp/ntp4/ \
http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ \
@@ -14,7 +14,6 @@ DISTNAME= ${PORTNAME}-${PORTVERSION:S/P/
MAINTAINER= cy at FreeBSD.org
COMMENT= The Network Time Protocol Distribution
-FORBIDDEN= CVE-2013-5211 / VU\#348126 - Please use net/ntp-devel, pending upstream stable branch update.
LATEST_LINK= ${PORTNAME}
USES= libtool shebangfix
Added: head/net/ntp/files/patch-ntpd-ntp_request.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/ntp/files/patch-ntpd-ntp_request.c Tue Oct 7 00:21:52 2014 (r370263)
@@ -0,0 +1,18 @@
+--- ntpd/ntp_request.c.orig 2011-11-30 18:55:17.000000000 -0800
++++ ntpd/ntp_request.c 2014-10-06 17:07:02.570303970 -0700
+@@ -1956,7 +1956,6 @@
+ printf("wants monitor 0 list\n");
+ #endif
+ if (!mon_enabled) {
+- req_ack(srcadr, inter, inpkt, INFO_ERR_NODATA);
+ return;
+ }
+ im = (struct info_monitor *)prepare_pkt(srcadr, inter, inpkt,
+@@ -2002,7 +2001,6 @@
+ extern int mon_enabled;
+
+ if (!mon_enabled) {
+- req_ack(srcadr, inter, inpkt, INFO_ERR_NODATA);
+ return;
+ }
+ im = (struct info_monitor_1 *)prepare_pkt(srcadr, inter, inpkt,
Added: head/net/ntp/files/patch-ntpd-ntpd.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/ntp/files/patch-ntpd-ntpd.c Tue Oct 7 00:21:52 2014 (r370263)
@@ -0,0 +1,13 @@
+--- ntpd/ntpd.c.orig 2011-12-24 15:27:15.000000000 -0800
++++ ntpd/ntpd.c 2014-10-06 17:04:57.760219124 -0700
+@@ -853,8 +853,8 @@
+ init_proto(); /* Call at high priority */
+ init_io();
+ init_loopfilter();
+- mon_start(MON_ON); /* monitor on by default now */
+- /* turn off in config if unwanted */
++ mon_start(MON_OFF); /* monitor off by default now */
++ /* turn on in config if wanted */
+
+ /*
+ * Get the configuration. This is done in a separate module
More information about the svn-ports-all
mailing list