[Buildroot] [PATCH 5/5] ntp: bump to version 4.2.8p9

Baruch Siach baruch at tkos.co.il
Mon Feb 6 14:04:33 UTC 2017


Hi Adam,

On Mon, Feb 06, 2017 at 09:00:12AM -0500, Adam Duskett wrote:
> This version of ntp fixes several vulnerabilities.

Subject should mention that this is a security bump.

> CVE-2016-9311
> CVE-2016-9310
> CVE-2016-7427
> CVE-2016-7428
> CVE-2016-9312
> CVE-2016-7431
> CVE-2016-7434
> CVE-2016-7429
> CVE-2016-7426
> CVE-2016-7433
> 
> http://www.kb.cert.org/vuls/id/633847
> 
> In addition, libssl_compat.h is now included in many files, which
> references openssl/evp.h, openssl/dsa.h, and openssl/rsa.h.
> Even if a you pass --disable-ssl as a configuration option, these
> files are now required.
> 
> As such, I have also added openssl as a dependency, and it is now
> automatically selected when you select ntp.
> 
> Signed-off-by: Adam Duskett <aduskett at codeblue.com>

[snip]

> @@ -23,7 +23,6 @@ NTP_AUTORECONF = YES
>  
>  ifeq ($(BR2_PACKAGE_OPENSSL),y)

BR2_PACKAGE_OPENSSL is now always enabled, so there is no need to check if 
it's enabled.

>  NTP_CONF_OPTS += --with-crypto
> -NTP_DEPENDENCIES += openssl
>  else
>  NTP_CONF_OPTS += --without-crypto --disable-openssl-random
>  endif

baruch

-- 
     http://baruch.siach.name/blog/                  ~. .~   Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
   - baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -


More information about the buildroot mailing list