Bug 1577620

Summary: Breaks synchronization with autokey servers
Product: [Fedora] Fedora Reporter: Enrico Scholz <rh-bugzilla>
Component: ntpAssignee: Miroslav Lichvar <mlichvar>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 28CC: linville, mlichvar
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-07-27 13:29:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Enrico Scholz 2018-05-13 14:24:50 UTC 
Description of problem:

4.2.8p11 seems to break synchronization with (TC) autokey servers; especially when running as broadcast client.  4.2.8p10 (from https://koji.fedoraproject.org/koji/buildinfo?buildID=1044801) appears to be ok.

Affects p11 in Fedora 27 too.


Upstream report and details: http://bugs.ntp.org/show_bug.cgi?id=3494


Version-Release number of selected component (if applicable):

ntp-4.2.8p11-2.fc28.x86_64
Comment 1 Miroslav Lichvar 2018-05-14 07:32:14 UTC 
Thanks for the upstream report. This bug is most likely due to one of the CVEs fixed in 4.2.8p11. FWIW, upstream doesn't care much about autokey since it was found to be insecure. You might want to consider switching to a symmetric key if possible.
Comment 2 Miroslav Lichvar 2018-07-27 13:29:40 UTC 
I'm closing this bug. If/when the issue is fixed upstream, we'll get the fix in Fedora too.