Ubuntu
ntp package

Incorrect rule for ntpdate in ignore.d.server

Bug #217699 reported by trojanfoe
2
Affects Status Importance Assigned to Milestone
ntp (Debian)
Fix Released
Unknown
ntp (Ubuntu)
Fix Released
Low
Steve Langasek

Bug Description

Ubuntu release: 7.10
logcheck-database version: 1.2.61ubuntu0.1

Problem:
The logcheck file /etc/logcheck/ignore.d.server/ntpdate contains the wrong rule to exclude benign ntpdate time updates.

The phrase 'step time server' should be changed to 'adjust time server' within the rule file.

Related branches

lp:ubuntu/karmic/ntp

CVE References

Revision history for this message
trojanfoe (trojanfoe) wrote :

Correction; the phrase should not be replaced as both terms are issued by ntpdate. There should be 2 rules, the difference between them being only the words 'step' and 'adjust'.

Revision history for this message
Daniel T Chen (crimsun) wrote :

Is this symptom still reproducible in 8.10 or 9.04?

Changed in ntp:
status: New → Incomplete
Revision history for this message
trojanfoe (trojanfoe) wrote :

8.10: No it's not reproducable as I see no 'step time server' or 'adjust time server' when grepping the logs.
9.04: No idea.

Steve Langasek (vorlon)
Changed in ntp (Ubuntu):
assignee: nobody → vorlon
importance: Undecided → Low
status: Incomplete → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ntp - 1:4.2.4p6+dfsg-1ubuntu1

---------------
ntp (1:4.2.4p6+dfsg-1ubuntu1) karmic; urgency=low

  * Merge from Debian unstable, remaining changes:
    - debian/ntp.conf, debian/ntpdate.default: Change default server to
      ntp.ubuntu.com.
    - debian/ntpdate.ifup: Stop ntp before running ntpdate when an interface
      comes up, then start again afterwards
    - debian/ntp.init, debian/rules: Only stop when entering single user mode.
    - debian/man/ntpdate.8 - fix debian shipped manpage; patch by
      Josh Holland <email address hidden>
  * Dropped changes, merged in Debian:
    - Build against libcap2 instead of libcap1, fixing a kernel warning
      about using an old interface.
  * Dropped changes, superseded upstream/in Debian:
    - debian/patches/CVE-2009-0021.patch: update ntpd/ntp_crypto.c to properly
      check the return code of EVP_VerifyFinal()
    - debian/patches/ipv6-gnu-source.patch: Define _GNU_SOURCE to make IPv6
      work.
  * Fixes LP: #217699

ntp (1:4.2.4p6+dfsg-1) unstable; urgency=low

  * New upstream release
    - Updated ntpdate-ipv6.patch, autotools.patch
    - Obsoletes no-ipv6-fix.patch, CVE-2009-0021.patch
  * Switched build dependency from libcap-dev to libcap2-dev (closes: #474639)
  * Added -D_GNU_SOURCE to CPPFLAGS, to support glibc 2.8 (closes: #507806)
  * Recognize "adjust" in ntpdate logcheck rules (closes: #493907)
  * Removed "dynamic" key word from default ntp.conf, because this is now
    obsolete and the default

ntp (1:4.2.4p4+dfsg-8) unstable; urgency=low

  * It did not properly check the return value of EVP_VerifyFinal
    which results in an malformed DSA signature being treated as
    a good signature rather than as an error. (CVE-2009-0021)

 -- Steve Langasek <email address hidden> Wed, 29 Apr 2009 06:08:19 +0000

Changed in ntp (Ubuntu):
status: Fix Committed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in ntp (Debian):
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.