ntp-4.2.6p5-5.0.1.AXS4

エラータID: AXSA:2015-327:04

Release date: 
Tuesday, August 11, 2015 - 13:44
Subject: 
ntp-4.2.6p5-5.0.1.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
Moderate
Description: 

The Network Time Protocol (NTP) is used to synchronize a computer's
time with another reference time source. This package includes ntpd
(a daemon which continuously adjusts system time) and utilities used
to query and configure the ntpd daemon.

Perl scripts ntp-wait and ntptrace are in the ntp-perl package and
the ntpdate program is in the ntpdate package. The documentation is
in the ntp-doc package.

Security issues fixed with this release:

CVE-2014-9297
CVE-2014-9298
CVE-2015-1798
CVE-2015-1799
CVE-2015-3405

Fixed bugs:

* The ntpd daemon truncated symmetric keys specified in the key file to 20
bytes. As a consequence, it was impossible to configure NTP authentication to
work with peers that use longer keys. To fix this bug, the maximum length of keys
has now been changed to 32 bytes.
* The ntp-keygen utility used the exponent of 3 when generating RSA keys, and
generating RSA keys failed when FIPS mode was enabled. ntp-keygen has been
modified to use the exponent of 65537, and generating keys in FIPS mode now
works as expected.
* The ntpd daemon included a root delay when calculating its root dispersion.
Consequently, the NTP server reported larger root dispersion than it should have
and clients could reject the source when its distance reached the maximum
synchronization distance (1.5 seconds by default). Calculation of root
dispersion has been fixed, the root dispersion is now reported correctly, and
clients no longer reject the server due to a large synchronization distance.
* The ntpd daemon dropped incoming NTP packets if their source port was lower
than 123 (the NTP port). Clients behind Network Address Translation (NAT) were
unable to synchronize with the server if their source port was translated to
ports below 123. With this update, the bug was fixed.

Enhancements:

* This update introduces configurable access of memory segments used for Shared
Memory Driver (SHM) reference clocks. Previously, only the first two memory
segments were created with owner-only access, allowing just two SHM reference
clocks to be used securely on a system. Now, the owner-only access to SHM is
configurable with the "mode" option, and it is therefore possible to use more
SHM reference clocks securely.
* Support for nanosecond resolution has been added to the SHM reference clock.
Prior to this update, when a Precision Time Protocol (PTP) hardware clock was
used as a time source to synchronize the system clock (for example, with the
timemaster service from the linuxptp package), the accuracy of the
synchronization was limited due to the microsecond resolution of the SHM
protocol. The nanosecond extension in the SHM protocol now enables
sub-microsecond synchronization of the system clock.

Solution: 

Update packages.

CVEs: 
CVE-2014-9297
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2014-9298
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2015-1798
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.
CVE-2015-1799
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
CVE-2015-3405
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
Additional Info: 

N/A

Download: 

SRPMS
  1. ntp-4.2.6p5-5.0.1.AXS4.src.rpm
    MD5: f1a094a42e81c660c0c9dc2b91cb7ac6
    SHA-256: 83b30fc848a6964e6a8bbc18e2af8f261b04866cb224c0b67809037badf2d224
    Size: 4.10 MB

Asianux Server 4 for x86
  1. ntp-4.2.6p5-5.0.1.AXS4.i686.rpm
    MD5: 53bf21e288980049256ec6da0bd4e6d6
    SHA-256: 38d6a9dfd816160d06ff463650f9f66ef7822d2e7eb9193658d7865bda6c02cf
    Size: 588.89 kB
  2. ntpdate-4.2.6p5-5.0.1.AXS4.i686.rpm
    MD5: d49f5c3ab96ec63a93cf5db1698487a4
    SHA-256: 32a0134af7442174fcb566d669aef95ff9d415f43e43baf501eb4a459c8911c8
    Size: 75.54 kB

Asianux Server 4 for x86_64
  1. ntp-4.2.6p5-5.0.1.AXS4.x86_64.rpm
    MD5: 48866cb6e3306a06c0e6f3c4904a120e
    SHA-256: de69f835ccdc2988eb5ad78335297a4384ea46a3b7ccbd1180c21d70ea519a01
    Size: 594.29 kB
  2. ntpdate-4.2.6p5-5.0.1.AXS4.x86_64.rpm
    MD5: 1c87feeab95b83735fa8e97150faf00d
    SHA-256: fb8477e30430d895df1f44831956f8d3541783920845a7a8c19fefb2e4800cdb
    Size: 75.63 kB