From 82055305b3efbba970b4f125fada084f4ccb8308 Mon Sep 17 00:00:00 2001
From: Peter Wagner <tripolar@gmx.at>
Date: Wed, 4 May 2016 18:49:28 +0200
Subject: [PATCH] ntpd: update to 4.2.8p7

Fixes the following CVEs:

    Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering
        Reported by Matt Street and others of Cisco ASIG
    Bug 3012 / CVE-2016-1549: Sybil vulnerability: ephemeral association attack, AKA: ntp-sybil - MITIGATION ONLY
        Reported by Matthew Van Gundy of Cisco ASIG
    Bug 3011 / CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion botch
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3010 / CVE-2016-2517: Remote configuration trustedkey/requestkey values are not properly validated
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3009 / CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3008 / CVE-2016-2519: ctl_getitem() return value not always checked
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3007 / CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos
        Reported by Stephen Gray and Matthew Van Gundy of Cisco ASIG
    Bug 2978 / CVE-2016-1548: Interleave-pivot - MITIGATION ONLY
        Reported by Miroslav Lichvar of RedHat and separately by Jonathan Gardner of Cisco ASIG
    Bug 2952 / CVE-2015-7704: KoD fix: peer associations were broken by the fix for NtpBug2901, AKA: Symmetric active/passive mode is broken
        Reported by Michael Tatarinov, NTP Project Developer Volunteer
    Bug 2945 / Bug 2901 / CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks
        Reported by Jonathan Gardner of Cisco ASIG
    Bug 2879 / CVE-2016-1550: Improve NTP security against buffer comparison timing attacks, authdecrypt-timing, AKA: authdecrypt-timing
        Reported independently by Loganaden Velvindron, and Matthew Van Gundy and Stephen Gray of Cisco ASIG.

Signed-off-by: Peter Wagner <tripolar@gmx.at>
---
 net/ntpd/Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ntpd/Makefile b/net/ntpd/Makefile
index 3b1b6c0fd4..82eb178ea1 100644
--- a/net/ntpd/Makefile
+++ b/net/ntpd/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ntp
-PKG_VERSION:=4.2.8p6
+PKG_VERSION:=4.2.8p7
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
-PKG_MD5SUM:=60049f51e9c8305afe30eb22b711c5c6
+PKG_MD5SUM:=46dfba933c3e4bc924d8e55068797578
 
 PKG_LICENSE:=Unique
 PKG_LICENSE_FILES:=COPYRIGHT html/copyright.html
-- 
2.30.2