Patch-ID# 109409-04 Keywords: security xntpd syscall ntp_adjtime PLL ntpdate -w packet xntpd Synopsis: SunOS 5.7: xntpd and ntpdate Patch Date: Oct/15/2001 Solaris Release: 7 SunOS Release: 5.7 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 109410 Topic: SunOS 5.7: xntpd and ntpdate Patch Relevant Architectures: sparc BugId's fixed with this patch: 4169744 4201436 4247629 4279094 4361821 4379876 4434235 Changes incorporated in this version: 4379876 4434235 Patches accumulated and obsoleted by this patch: 107330-02 108338-01 Patches which conflict with this patch: Patches required with this patch: 106541-09 or greater Obsoleted by: Files included with this patch: /usr/lib/inet/xntpd /usr/sbin/ntpdate Problem Description: 4379876 The SLEWALWAYS option to xntpd needs to be user configurable. 4434235 *xntpd* contains a buffer overflow that can lead to root compromise (from 109409-03) 4361821 Patch 109409-01 requires 106541-09 or above to work. (from 109409-02) 4279094 time daemon (xntpd) step the system clock in an abrupt adjustment (from 109409-01) 4247629 xntpd does not make use of in-kernel PLL (from 108338-01) 4169744 NTP not updating - NTP user interface routines not configured (from 107330-02) 4279094 time daemon (xntpd) step the system clock in an abrupt adjustment (from 107330-01) 4201436 ntpdate -w does not work correctly in that the -w option does not actually resend any packets. Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-8 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: This patch adds a new configuration option to the /etc/inet/ntp.conf file. The option is: slewalways yes | no If you turn this option on xntpd will try to always slew the time and will never make large steps backwards or forwards. It is advised that if you do turn on slewalways you also select: disable pll Without this option xntpd will not be able to correct time differences greater than 128ms. README -- Last modified date: Monday, October 15, 2001