diff options
Diffstat (limited to 'meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb')
| -rw-r--r-- | meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index fe2bd0773c..7861a5e3e6 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb @@ -24,12 +24,39 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g file://sntp.service \ file://sntp \ file://ntpd.list \ + file://CVE-2023-2655x.patch;striplevel=0 \ " SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" # CVE-2016-9312 is only for windows. -CVE_CHECK_IGNORE += "CVE-2016-9312" +# CVE-2019-11331 is inherent to RFC 5905 and cannot be fixed without breaking compatibility +# The other CVEs are not correctly identified because cve-check +# is not able to check the version correctly (it only checks for 4.2.8 omitting p15 that makes the difference) +CVE_CHECK_IGNORE += "\ + CVE-2016-9312 \ + CVE-2015-5146 \ + CVE-2015-5300 \ + CVE-2015-7975 \ + CVE-2015-7976 \ + CVE-2015-7977 \ + CVE-2015-7978 \ + CVE-2015-7979 \ + CVE-2015-8138 \ + CVE-2015-8139 \ + CVE-2015-8140 \ + CVE-2015-8158 \ + CVE-2016-1547 \ + CVE-2016-2516 \ + CVE-2016-2517 \ + CVE-2016-2519 \ + CVE-2016-7429 \ + CVE-2016-7433 \ + CVE-2016-9310 \ + CVE-2016-9311 \ + CVE-2019-11331 \ +" + inherit autotools update-rc.d useradd systemd pkgconfig @@ -66,6 +93,14 @@ PACKAGECONFIG[debug] = "--enable-debugging,--disable-debugging" PACKAGECONFIG[mdns] = "ac_cv_header_dns_sd_h=yes,ac_cv_header_dns_sd_h=no,mdns" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," +do_configure:append() { + # tests are generated but also checked-in to source control + # when CVE-2023-2655x.patch changes timestamp of test source file, Makefile detects it and tries to regenerate it + # however it fails because of missing ruby interpretter; adding ruby-native as dependency fixes it + # since the regenerated file is identical to the one from source control, touch the generated file instead of adding heavy dependency + touch ${S}/tests/libntp/run-strtolfp.c +} + do_install:append() { install -d ${D}${sysconfdir}/init.d install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir} |