Bug 1577620 - Breaks synchronization with autokey servers
Summary: Breaks synchronization with autokey servers
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: ntp
Version: 28
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Miroslav Lichvar
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-05-13 14:24 UTC by Enrico Scholz
Modified: 2018-07-27 13:29 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-07-27 13:29:40 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Network Time Protocol 3494 0 None None None 2018-05-13 14:24:49 UTC

Description Enrico Scholz 2018-05-13 14:24:50 UTC 
Description of problem:

4.2.8p11 seems to break synchronization with (TC) autokey servers; especially when running as broadcast client.  4.2.8p10 (from https://koji.fedoraproject.org/koji/buildinfo?buildID=1044801) appears to be ok.

Affects p11 in Fedora 27 too.


Upstream report and details: http://bugs.ntp.org/show_bug.cgi?id=3494


Version-Release number of selected component (if applicable):

ntp-4.2.8p11-2.fc28.x86_64
Comment 1 Miroslav Lichvar 2018-05-14 07:32:14 UTC 
Thanks for the upstream report. This bug is most likely due to one of the CVEs fixed in 4.2.8p11. FWIW, upstream doesn't care much about autokey since it was found to be insecure. You might want to consider switching to a symmetric key if possible.
Comment 2 Miroslav Lichvar 2018-07-27 13:29:40 UTC 
I'm closing this bug. If/when the issue is fixed upstream, we'll get the fix in Fedora too.
Note You need to log in before you can comment on or make changes to this bug.