packages/ntp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!30 [sync] PR-29: fix CVE-2020-15025

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @seuzw 
Signed-off-by: @seuzw
This commit is contained in:
openeuler-ci-bot 2022-03-11 02:26:40 +00:00 committed by Gitee
commit 010ee382a1
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
backport-CVE-2020-15025.patch Normal file
View File

@ -0,0 +1,39 @@
Subject: [PATCH] memory leak with AES128CMAC keys
Reference:https://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.8p15.tar.gz
---
libntp/a_md5encrypt.c | 2 +-
sntp/crypto.c | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/libntp/a_md5encrypt.c b/libntp/a_md5encrypt.c
index 8c046f4..57100de 100644
--- a/libntp/a_md5encrypt.c
+++ b/libntp/a_md5encrypt.c
@@ -93,7 +93,7 @@ make_mac(
}
cmac_fail:
if (ctx)
- CMAC_CTX_cleanup(ctx);
+ CMAC_CTX_free(ctx);
}
else
# endif /*ENABLE_CMAC*/
diff --git a/sntp/crypto.c b/sntp/crypto.c
index 8ffe006..8a47ede 100644
--- a/sntp/crypto.c
+++ b/sntp/crypto.c
@@ -70,7 +70,8 @@ compute_mac(
}
len = (u_int)slen;
- CMAC_CTX_cleanup(ctx);
+ if (ctx)
+ CMAC_CTX_free(ctx);
/* Test our AES-128-CMAC implementation */
} else /* MD5 MAC handling */
--
1.8.3.1

9
ntp.spec
View File

@ -2,7 +2,7 @@
Name: ntp
Version: 4.2.8p14
Release: 5
Release: 6
Summary: A protocol designed to synchronize the clocks of computers over a network
License: MIT and BSD and BSD with advertising
URL: https://www.ntp.org/
@ -25,6 +25,7 @@ Patch2: ntp-psl-def.patch
Patch3: bugfix-fix-bind-port-in-debug-mode.patch
Patch4: bugfix-fix-ifindex-length.patch
patch5: bugfix-MD5-manpage.patch
patch6: backport-CVE-2020-15025.patch
BuildRequires: libcap-devel openssl-devel libedit-devel libevent-devel pps-tools-devel
BuildRequires: autogen autogen-libopts-devel systemd gcc perl-generators perl-HTML-Parser
@ -208,6 +209,12 @@ make check
%{_mandir}/man8/*.8*
%changelog
* Thu Mar 10 2021 renmingshuai<renmingshuai@huawei.com> - 4.2.8p15-6
- Type:cves
- ID:NA
- SUG:NA
- DESC: fix CVE-2020-15025
* Sat Dec 4 2021 renmingshuai<renmingshuai@huawei.com> - 4.2.8p15-5
- Type:bugfix
- ID:NA