Reinhard Max
6b06742518
* Fix some regressions of 4.2.8p16
- Update to 4.2.8p16:
* [Sec 3808] Assertion failure in ntpq on malformed RT-11 date
* [Sec 3807], bsc#1210390, CVE-2023-26555:
praecis_parse() in the Palisade refclock driver has a
hypothetical input buffer overflow.
* [Sec 3767] An OOB KoD RATE value triggers an assertion when
debug is enabled.
* Obsoletes: ntp-CVE-2023-26551.patch, ntp-sntp-dst.patch,
ntp-ENOBUFS.patch
* Multiple bug fixes and improvements. For details, see:
/usr/share/doc/packages/ntp/ChangeLog
http://www.ntp.org/support/securitynotice/4_2_8-series-changelog/
- Follow upstream's suggestion to build with debugging disabled:
https://www.ntp.org/support/securitynotice/ntpbug3767/
OBS-URL: https://build.opensuse.org/package/show/network:time/ntp?expand=0&rev=219
27 lines
807 B
Diff
27 lines
807 B
Diff
--- sntp/libopts/init.c.orig
|
|
+++ sntp/libopts/init.c
|
|
@@ -28,6 +28,8 @@
|
|
* 13aa749a5b0a454917a944ed8fffc530b784f5ead522b1aacaf4ec8aa55a6239 COPYING.mbsd
|
|
*/
|
|
|
|
+#define PROC_BINARY "/proc/self/exe"
|
|
+
|
|
/**
|
|
* Make sure the option descriptor is there and that we understand it.
|
|
* This should be called from any user entry point where one needs to
|
|
@@ -100,7 +102,13 @@ validate_struct(tOptions * opts, char co
|
|
else
|
|
*pp = pname;
|
|
|
|
- pz = pathfind(getenv("PATH"), (char *)pname, "rx");
|
|
+#if defined(HAVE_CANONICALIZE_FILE_NAME)
|
|
+ pz = canonicalize_file_name(PROC_BINARY);
|
|
+#elif defined(HAVE_REALPATH)
|
|
+ pz = realpath(PROC_BINARY, NULL);
|
|
+#else
|
|
+ pz = pathfind(getenv("PATH"), pp, "rx");
|
|
+#endif
|
|
if (pz != NULL)
|
|
pname = VOIDP(pz);
|
|
|