ntp: security bump to version 4.2.8

Fixes:

CVE-2014-9293 - ntpd generated a weak key for its internal use, with
full administrative privileges.  Attackers could use this key to
reconfigure ntpd (or to exploit other vulnerabilities).

CVE-2014-9294 - The ntp-keygen utility generated weak MD5 keys with
insufficient entropy.

CVE-2014-9295 - ntpd had several buffer overflows (both on the stack and
in the data section), allowing remote authenticated attackers to crash
ntpd or potentially execute arbitrary code.

CVE-2014-9296 - The general packet processing function in ntpd did not
handle an error case correctly.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

1 files changed, 23 insertions, 0 deletions

diff --git a/package/ntp/0002-nano.patch b/package/ntp/0002-nano.patch
new file mode 100644
index 0000000000..d16046cb03
--- /dev/null
+++ b/package/ntp/0002-nano.patch
@@ -0,0 +1,23 @@
+Fixes issues with glibc header files, see
+http://bugs.gentoo.org/show_bug.cgi?id=270483
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+
+diff -Nura ntp-4.2.6p2.orig/include/ntp_syscall.h ntp-4.2.6p2/include/ntp_syscall.h
+--- ntp-4.2.6p2.orig/include/ntp_syscall.h	2009-12-09 04:36:37.000000000 -0300
++++ ntp-4.2.6p2/include/ntp_syscall.h	2011-01-27 13:09:05.072336628 -0300
+@@ -14,6 +14,14 @@
+ # include <sys/timex.h>
+ #endif
+ 
++#if defined(ADJ_NANO) && !defined(MOD_NANO)
++#define MOD_NANO ADJ_NANO
++#endif
++
++#if defined(ADJ_TAI) && !defined(MOD_TAI)
++#define MOD_TAI ADJ_TAI
++#endif
++
+ #ifndef NTP_SYSCALLS_LIBC
+ #ifdef NTP_SYSCALLS_STD
+ # define ntp_adjtime(t)		syscall(SYS_ntp_adjtime, (t))