Skip to navigation

Bug Fix Advisory ntp bug fix and enhancement update

Advisory: RHBA-2011:0980-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2011-07-21
Last updated on: 2011-07-21
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

An updated ntp package that fixes various bugs and provides an enhancement is
now available for Red Hat Enterprise Linux 5.

The Network Time Protocol (NTP) is used to synchronize a computer's time with a
referenced time source.

This updated ntp package includes fixes for the following bugs:

* The ntpd man pages suggested that the "-L" command option could be issued
without an argument. However, the user needs to define the virtual interfaces as
arguments of the option. This update corrects the ntp help page. (BZ#460434)

* Prior to this update, if the /usr directory was mounted on an NFS file system,
the ntpd service could not be started before the netfs service. This update
moves the NTP applications to the /sbin directory so the user may change the
ntpd startup priority to start prior to the netfs service. Note that if you wish
to mount NFS version 4 with Kerberos authentication, you should consider
changing the ntpd startup priority to start prior to the netfs service.
Otherwise authentication may fail due to the non-synchronized date. (BZ#470945)

* Prior to this update, verifying the ntp package with the "rpm -V" command
failed on the package configuration file if the configuration file had changed.
However, changes to the configuration file should not impact the verification
test. This update adapts the spec file and the package verify test passes
successfully. (BZ#481151)

* The ntpd daemon could terminate unexpectedly due to a low memory lock limit.
With this update, the memory lock limit has been doubled. (BZ#575874)

* The "-q" command line option causes the ntpd service to exit immediately after
the clock is set. Prior to this update, the man page ntpd(8) did not document
that this only occurs if there are servers configured for ntpd to set the clock
against. The user could conclude that ntpd was misbehaving when it did not quit
if run with the "-q" switch but with no configured servers. With this update,
the ntpd(8) man page notes that "ntpd -q" only exits if used to set the clock
with configured servers. (BZ#591838)

* Prior to this update, the ntpd daemon could terminate unexpectedly with a
segmentation fault on a machine with more than 512 local IP addresses. This
happened because of a limit set for scanning. With this update, the limit scan
has been changed to scan to the maximum number of interfaces and the ntpd daemon
no longer crashes in such circumstances. (BZ#661934)

* Prior to this update, the ntp-keygen(8) patch man page contained multiple
typos. This update fixes the typos. (BZ#664524, BZ#664525)

* The "ntpstat" command printed an incorrect maximum error estimate. This
occurred because the "time correct to within" value did not include the root
delay. With this update, the value includes the root delay and the displayed
"time correct to within" value is correct. (BZ#679034)

In addition, this updated ntp package provides the following enhancement:

* Prior to this update, the ntpd daemon did not allow the specification of
multiple interfaces which it should be listening on. With this update, the user
can define multiple interfaces the daemon should be listening on. (BZ#528799)

All ntp users are advised to upgrade to this updated package, which resolves
these issues and provides this enhancement.


Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
ntp-4.2.2p1-15.el5.src.rpm
File outdated by:  RHBA-2013:1800
    MD5: daf0b2ef6e23fabdfd27e47bdf40b0a2
SHA-256: 145541024b2009d39f9c01b5ce02317bcc04edda6d184aefc43b5b0d56e8a509
 
IA-32:
ntp-4.2.2p1-15.el5.i386.rpm
File outdated by:  RHBA-2013:1800
    MD5: 4b8aa75d643999613a76979318b0e8fa
SHA-256: 17ffd81a7738a8ccc2996b1da922029ee3b4e1773bc10949b0ba2c0bf196161c
 
IA-64:
ntp-4.2.2p1-15.el5.ia64.rpm
File outdated by:  RHBA-2013:1800
    MD5: 41f15645a8098824849da66fdac0aecd
SHA-256: 77613bf56ce1c2dec0097edd2ccdb841eb10167701dedb2773c60ef02545047c
 
PPC:
ntp-4.2.2p1-15.el5.ppc.rpm
File outdated by:  RHBA-2013:1800
    MD5: b6aef983f5d1039f6ddd52bcc94e9b47
SHA-256: fe2100e2e2bb15f6e2236f19e7c690d43bc05a29a05d3eaf994f8cb1b940ebc8
 
s390x:
ntp-4.2.2p1-15.el5.s390x.rpm
File outdated by:  RHBA-2013:1800
    MD5: d2850616c44882dbbc05f391d9144b98
SHA-256: 15b9c5fd580e638e5fca8af0d1e6c8bc067edea35f5c9dbf6e45fbab495adfab
 
x86_64:
ntp-4.2.2p1-15.el5.x86_64.rpm
File outdated by:  RHBA-2013:1800
    MD5: c15b52d68828dc45b9ca26c798db2519
SHA-256: 4e3319ef23cec2a74ab5d3794e564b16ff566580fed85c81ac3ccde59dc2dbbc
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
ntp-4.2.2p1-15.el5.src.rpm
File outdated by:  RHBA-2013:1800
    MD5: daf0b2ef6e23fabdfd27e47bdf40b0a2
SHA-256: 145541024b2009d39f9c01b5ce02317bcc04edda6d184aefc43b5b0d56e8a509
 
IA-32:
ntp-4.2.2p1-15.el5.i386.rpm
File outdated by:  RHBA-2013:1800
    MD5: 4b8aa75d643999613a76979318b0e8fa
SHA-256: 17ffd81a7738a8ccc2996b1da922029ee3b4e1773bc10949b0ba2c0bf196161c
 
x86_64:
ntp-4.2.2p1-15.el5.x86_64.rpm
File outdated by:  RHBA-2013:1800
    MD5: c15b52d68828dc45b9ca26c798db2519
SHA-256: 4e3319ef23cec2a74ab5d3794e564b16ff566580fed85c81ac3ccde59dc2dbbc
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

460434 - ntpd -L does not work as advertised
470945 - NFS4 with kerberos authetication fails because date has yet to be synced
481151 - ntp rpm verification fails on /etc/ntp.conf
575874 - ntpd can die due to ulimit on 64bit arch
591838 - ntpd -q does not exit when no servers are defined in /etc/ntpd.conf
661934 - ntpd crashes if a machine has more than 512 IPs
664524 - ntp-keygen 8 manpage fixes
664525 - ntpq(8) manpage fixes
679034 - ntpstat doesn't include root delay in maximum error estimate


Keywords

ntp


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/