NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ntp: security bump to verserion 4.2.8p9

Browse Source 
This version of ntp fixes several vulnerabilities.

CVE-2016-9311
CVE-2016-9310
CVE-2016-7427
CVE-2016-7428
CVE-2016-9312
CVE-2016-7431
CVE-2016-7434
CVE-2016-7429
CVE-2016-7426
CVE-2016-7433

http://www.kb.cert.org/vuls/id/633847

In addition, libssl_compat.h is now included in many files, which
references openssl/evp.h, openssl/dsa.h, and openssl/rsa.h.
Even if a you pass --disable-ssl as a configuration option, these
files are now required.

As such, I have also added openssl as a dependency, and it is now
automatically selected when you select ntp.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Adam Duskett 2017-02-06 09:12:25 -05:00 committed by Peter Korsgaard
parent 60a94a39d9
commit ebf6f64b76
3 changed files with 9 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package/ntp/Config.in
View File

@ -1,6 +1,7 @@
config BR2_PACKAGE_NTP
bool "ntp"
select BR2_PACKAGE_LIBEVENT
select BR2_PACKAGE_OPENSSL
help
Network Time Protocol suite/programs.
Provides things like ntpd, ntpdate, ntpq, etc...

6
package/ntp/ntp.hash
View File

@ -1,4 +1,4 @@
# From http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p8.tar.gz.md5
md5 4a8636260435b230636f053ffd070e34 ntp-4.2.8p8.tar.gz
# From http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p9.tar.gz.md5
md5 857452b05f5f2e033786f77ade1974ed ntp-4.2.8p9.tar.gz
# Calculated based on the hash above
sha256 2ab3d0b5f0456e6311dda1cc27ab75da108762773a19e46abd938bd9407b97ee ntp-4.2.8p8.tar.gz
sha256 b724287778e1bac625b447327c9851eedef020517a3545625e9f652a90f30b72 ntp-4.2.8p9.tar.gz

15
package/ntp/ntp.mk
View File

@ -5,9 +5,9 @@
################################################################################
NTP_VERSION_MAJOR = 4.2
NTP_VERSION = $(NTP_VERSION_MAJOR).8p8
NTP_VERSION = $(NTP_VERSION_MAJOR).8p9
NTP_SITE = http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-$(NTP_VERSION_MAJOR)
NTP_DEPENDENCIES = host-pkgconf libevent $(if $(BR2_PACKAGE_BUSYBOX),busybox)
NTP_DEPENDENCIES = host-pkgconf libevent openssl $(if $(BR2_PACKAGE_BUSYBOX),busybox)
NTP_LICENSE = ntp license
NTP_LICENSE_FILES = COPYRIGHT
NTP_CONF_ENV = ac_cv_lib_md5_MD5Init=no
@ -17,17 +17,12 @@ NTP_CONF_OPTS = \
--disable-tickadj \
--disable-debugging \
--with-yielding-select=yes \
--disable-local-libevent
--disable-local-libevent \
--with-crypto
# 0002-ntp-syscalls-fallback.patch
NTP_AUTORECONF = YES
ifeq ($(BR2_PACKAGE_OPENSSL),y)
NTP_CONF_OPTS += --with-crypto
NTP_DEPENDENCIES += openssl
else
NTP_CONF_OPTS += --without-crypto --disable-openssl-random
endif
ifeq ($(BR2_PACKAGE_LIBCAP),y)
NTP_CONF_OPTS += --enable-linuxcaps
NTP_DEPENDENCIES += libcap