Patch-ID# 109668-08
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security xntpd ntp system clock sigpoll slewalways overflow
Synopsis: SunOS 5.8_x86: /usr/lib/inet/xntpd and /usr/sbin/ntpdate patch
Date: Apr/30/2010
Install Requirements: Perform a reconfigure reboot after installing this patch to activate the changes delivered. An alternative may be specified in the Special Install Instructions.
Solaris Release: 8_x86
SunOS Release: 5.8_x86
Unbundled Product:
Unbundled Release:
Xref: This patch available for SPARC as patch 109667
Topic: SunOS 5.8_x86: /usr/lib/inet/xntpd and /usr/sbin/ntpdate patch
Relevant Architectures: i386
Bugs fixed with this patch:
Changes incorporated in this version: 6902029
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Patches required with this patch:
Obsoleted by:
Files included with this patch:
/usr/lib/inet/xntpd
/usr/sbin/ntpdate
Problem Description:
6902029 DoS vulnerability in ntpd NTP mode 7 (MODE_PRIVATE) handling [CVE-2009-3563]
(from 109668-07)
4892938 xntpd intermittently cores w/ external truetime clock on serial port
(from 109668-06)
4727171 ntpdate doesn't step automatically for large negative offsets
5021867 ntpdate doesn't step automatically for negative offset of 1/2 a second
(from 109668-05)
4312050 scary xntpd message (sometimes) on boot about ioctl(SIOCGxxx) failing with EINTR
(from 109668-04)
4379876 The SLEWALWAYS option to xntpd needs to be user configurable.
4434235 *xntpd* contains a buffer overflow that can lead to root compromise
(from 109668-03)
4320855 ntpdate does not display anything
(from 109668-02)
4330427 xntpd crashes after SIGPOLL
(from 109668-01)
4279094 Time daemon (xntpd) step the system clock in an abrupt adjustment
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' commands provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
Reboot the system after patch installation.
This patch adds a new configuration option to the /etc/inet/ntp.conf
file. The option is:
slewalways yes | no
If you turn this option on xntpd will try to always slew the time and
will never make large steps backwards or forwards.
It is advised that if you do turn on slewalways you also select:
disable pll
Without this option xntpd will not be able to correct time differences
greater than 128ms.
README -- Last modified date: Friday, November 9, 2012