subject:"\[Bug 1479652\] Re\: \[patch\] ntpd rejects source UDP ports less than 123 as bogus"

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2017-04-03 Thread Bug Watch Updater

** Changed in: ntp (Debian)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-18 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.6.p3+dfsg-1ubuntu3.9

---
ntp (1:4.2.6.p3+dfsg-1ubuntu3.9) precise; urgency=medium

  * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412)
- d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652)

 -- Eric Desrochers   Mon, 25 Jan 2016 12:28:25 -0500

** Changed in: ntp (Ubuntu Precise)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-18 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.6.p3+dfsg-1ubuntu3.9

---
ntp (1:4.2.6.p3+dfsg-1ubuntu3.9) precise; urgency=medium

  * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412)
- d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652)

 -- Eric Desrochers   Mon, 25 Jan 2016 12:28:25 -0500

** Changed in: ntp (Ubuntu Precise)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-16 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu1

---
ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium

  * Merge from Debian testing. Remaining changes:
+ debian/rules: enable debugging. Ask debian to add this.
+ debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook.
+ Add enforcing AppArmor profile:
  - debian/control: Add Conflicts/Replaces on apparmor-profiles.
  - debian/control: Add Suggests on apparmor.
  - debian/control: Build-Depends on dh-apparmor.
  - add debian/apparmor-profile*.
  - debian/ntp.dirs: Add apparmor directories.
  - debian/rules: Install apparmor-profile and apparmor-profile.tunable.
  - debian/source_ntp.py: Add filter on AppArmor profile names to prevent
false positives from denials originating in other packages.
  - debian/README.Debian: Add note on AppArmor.
+ debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before
  running ntpdate when an interface comes up, then start again afterwards.
+ debian/ntp.init, debian/rules: Only stop when entering single user mode,
  don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can
  get stale. Patch by Simon Déziel.
+ debian/ntp.conf, debian/ntpdate.default: Change default server to
  ntp.ubuntu.com.
+ debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y).
  * Includes fix for requests with source ports < 123, fixed upstream in
4.2.8p1 (LP: #1479652).
  * Add PPS support (LP: #1512980):
+ debian/README.Debian: Add a PPS section to the README.Debian,
  removed all PPSkit one.
+ debian/ntp.conf: Add some configuration examples from the offical
  documentation.
+ debian/control: Add Build-Depends on pps-tools
  * Drop Changes:
+ debian/rules: Update config.{guess,sub} for AArch64, because upstream use
  dh_autoreconf now.
+ debian/{control,rules}: Add and enable hardened build for PIE.
  Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is
  never applied, (cf. dpkg-buildflags manual), checked with Marc
  Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC.
+ debian/rules: Remove update-rcd-params in dh_installinit command. When
  setting up ntp package, the following message is presented to the user
  due to deprecated use:
  "update-rc.d: warning: start and stop actions are no longer
  supported; falling back to defaults". The defaults are taken from the
  init.d script LSB comment header, which contain what we need anyway.
+ debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly
  regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y
  patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed.
+ debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock
  now.
+ Remove natty timeframe old deltas (transitional code not needed since
  Trusty): Those patches were for an incorrect behaviour of
  system-tools-backend, around natty time
  (https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23)
  - debian/ntpdate-debian: Disregard empty ntp.conf files.
  - debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation.
+ debian/ntp.dhcp: Rewrite sed rules. This was done incorrectly as pointed
  out in LP 575458. This decision is explained in detail there.
  * All previous ubuntu security patches/fixes have been upstreamed:
+ CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196,
  CVE-2015-7703, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691,
  CVE-2015-7692, CVE-2015-7702, CVE-2015-7701, CVE-2015-7704,
  CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853,
  CVE-2015-7855, CVE-2015-7871, CVE-2015-1798, CVE-2015-1799,
  CVE-2014-9297, CVE-2014-9298, CVE-2014-9293, CVE-2014-9294,
  CVE-2014-9295, CVE-2014-9296
+ Fix to ignore ENOBUFS on routing netlink socket
+ Fix use-after-free in routing socket code
+ ntp-keygen infinite loop or lack of randonmess on big endian platforms

 -- Pierre-André MOREY   Fri, 5 Feb
2016 18:28:52 +0100

** Changed in: ntp (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9293

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9294

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9295

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9296

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9297

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9298

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1798

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1799

** CVE added: http://www.cve.mitre.org/cgi-

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-16 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu1

---
ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium

  * Merge from Debian testing. Remaining changes:
+ debian/rules: enable debugging. Ask debian to add this.
+ debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook.
+ Add enforcing AppArmor profile:
  - debian/control: Add Conflicts/Replaces on apparmor-profiles.
  - debian/control: Add Suggests on apparmor.
  - debian/control: Build-Depends on dh-apparmor.
  - add debian/apparmor-profile*.
  - debian/ntp.dirs: Add apparmor directories.
  - debian/rules: Install apparmor-profile and apparmor-profile.tunable.
  - debian/source_ntp.py: Add filter on AppArmor profile names to prevent
false positives from denials originating in other packages.
  - debian/README.Debian: Add note on AppArmor.
+ debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before
  running ntpdate when an interface comes up, then start again afterwards.
+ debian/ntp.init, debian/rules: Only stop when entering single user mode,
  don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can
  get stale. Patch by Simon Déziel.
+ debian/ntp.conf, debian/ntpdate.default: Change default server to
  ntp.ubuntu.com.
+ debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y).
  * Includes fix for requests with source ports < 123, fixed upstream in
4.2.8p1 (LP: #1479652).
  * Add PPS support (LP: #1512980):
+ debian/README.Debian: Add a PPS section to the README.Debian,
  removed all PPSkit one.
+ debian/ntp.conf: Add some configuration examples from the offical
  documentation.
+ debian/control: Add Build-Depends on pps-tools
  * Drop Changes:
+ debian/rules: Update config.{guess,sub} for AArch64, because upstream use
  dh_autoreconf now.
+ debian/{control,rules}: Add and enable hardened build for PIE.
  Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is
  never applied, (cf. dpkg-buildflags manual), checked with Marc
  Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC.
+ debian/rules: Remove update-rcd-params in dh_installinit command. When
  setting up ntp package, the following message is presented to the user
  due to deprecated use:
  "update-rc.d: warning: start and stop actions are no longer
  supported; falling back to defaults". The defaults are taken from the
  init.d script LSB comment header, which contain what we need anyway.
+ debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly
  regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y
  patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed.
+ debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock
  now.
+ Remove natty timeframe old deltas (transitional code not needed since
  Trusty): Those patches were for an incorrect behaviour of
  system-tools-backend, around natty time
  (https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23)
  - debian/ntpdate-debian: Disregard empty ntp.conf files.
  - debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation.
+ debian/ntp.dhcp: Rewrite sed rules. This was done incorrectly as pointed
  out in LP 575458. This decision is explained in detail there.
  * All previous ubuntu security patches/fixes have been upstreamed:
+ CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196,
  CVE-2015-7703, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691,
  CVE-2015-7692, CVE-2015-7702, CVE-2015-7701, CVE-2015-7704,
  CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853,
  CVE-2015-7855, CVE-2015-7871, CVE-2015-1798, CVE-2015-1799,
  CVE-2014-9297, CVE-2014-9298, CVE-2014-9293, CVE-2014-9294,
  CVE-2014-9295, CVE-2014-9296
+ Fix to ignore ENOBUFS on routing netlink socket
+ Fix use-after-free in routing socket code
+ ntp-keygen infinite loop or lack of randonmess on big endian platforms

 -- Pierre-André MOREY   Fri, 5 Feb
2016 18:28:52 +0100

** Changed in: ntp (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9293

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9294

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9295

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9296

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9297

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9298

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1798

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1799

** CVE added: http://www.cve.mitre.org/cgi-

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-15 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu8.2

---
ntp (1:4.2.6.p5+dfsg-3ubuntu8.2) wily; urgency=medium

  * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412)
- d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652)

 -- Eric Desrochers   Mon, 25 Jan 2016 12:05:25 -0500

** Changed in: ntp (Ubuntu Wily)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-15 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8

---
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.8) trusty; urgency=medium

  * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412)
- d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652)

 -- Eric Desrochers   Mon, 25 Jan 2016 11:39:44 -0500

** Changed in: ntp (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-15 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu8.2

---
ntp (1:4.2.6.p5+dfsg-3ubuntu8.2) wily; urgency=medium

  * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412)
- d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652)

 -- Eric Desrochers   Mon, 25 Jan 2016 12:05:25 -0500

** Changed in: ntp (Ubuntu Wily)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-15 Thread Launchpad Bug Tracker

This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8

---
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.8) trusty; urgency=medium

  * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412)
- d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652)

 -- Eric Desrochers   Mon, 25 Jan 2016 11:39:44 -0500

** Changed in: ntp (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

It has been brought to my attention ...

--
I confirm that the proposed testfix package resolved the issue on Trusty.

The test were made on test machines where the client had an iptable postrouting 
nat forcing the source port to be under 123.
- ntpdate command performed on the client machine was successful
- tcpdump on the server side confirmed that the source port was under 123.
--


** Tags removed: verification-needed
** Tags added: verification-done

** Tags removed: verification-done
** Tags added: verification-done-trusty

** Tags removed: verification-done-trusty
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

It has been brought to my attention ...

--
I confirm that the proposed testfix package resolved the issue on Trusty.

The test were made on test machines where the client had an iptable postrouting 
nat forcing the source port to be under 123.
- ntpdate command performed on the client machine was successful
- tcpdump on the server side confirmed that the source port was under 123.
--


** Tags removed: verification-needed
** Tags added: verification-done

** Tags removed: verification-done
** Tags added: verification-done-trusty

** Tags removed: verification-done-trusty
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

** Tags removed: verification-done
** Tags added: verification-done-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

I confirmed the package"4.2.6.p3+dfsg-1ubuntu3.9" solved the problem in
Ubuntu Precise

NTP Version : 1:4.2.6.p3+dfsg-1ubuntu3.1

With no IPTABLES rule ==> Working
$ ntpdate x.x.x.x
11 Feb 16:15:19 ntpdate[1243]: adjust time server x.x.x.x offset 0.190571 sec

With IPTABLES rule ==> Not working
$ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source 
y.y.y.y:100-122

$ntpdate x.x.x.x
11 Feb 16:15:36 ntpdate[1253]: no server suitable for synchronization found

With ntp (precise-proposed) + IPTABLE rules ==> Now working

NTP version: 1:4.2.6.p3+dfsg-1ubuntu3.9

$ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source
y.y.y.y:100-122

$ ntpdate x.x.x.x
11 Feb 16:21:26 ntpdate[1986]: adjust time server x.x.x.x offset 0.005394 sec

Eric


** Tags added: verification-done-precise

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

** Tags removed: verification-done
** Tags added: verification-done-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

I confirmed the package"4.2.6.p3+dfsg-1ubuntu3.9" solved the problem in
Ubuntu Precise

NTP Version : 1:4.2.6.p3+dfsg-1ubuntu3.1

With no IPTABLES rule ==> Working
$ ntpdate x.x.x.x
11 Feb 16:15:19 ntpdate[1243]: adjust time server x.x.x.x offset 0.190571 sec

With IPTABLES rule ==> Not working
$ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source 
y.y.y.y:100-122

$ntpdate x.x.x.x
11 Feb 16:15:36 ntpdate[1253]: no server suitable for synchronization found

With ntp (precise-proposed) + IPTABLE rules ==> Now working

NTP version: 1:4.2.6.p3+dfsg-1ubuntu3.9

$ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source
y.y.y.y:100-122

$ ntpdate x.x.x.x
11 Feb 16:21:26 ntpdate[1986]: adjust time server x.x.x.x offset 0.005394 sec

Eric


** Tags added: verification-done-precise

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

I confirmed the package "4.2.6.p5+dfsg-3ubuntu8.2" solve the bug in
Ubuntu Wily

# With port <123 using ntpdate (without patch)
11 Feb 20:30:09 ntpdate[2348]: no server suitable for synchronization found

# With port <123 using ntpdate (including patch)
11 Feb 20:32:18 ntpdate[3243]: adjust time server 10.10.10.107 offset 0.002017 
sec

Eric

** Tags added: verification-done-wily

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Eric Desrochers

I confirmed the package "4.2.6.p5+dfsg-3ubuntu8.2" solve the bug in
Ubuntu Wily

# With port <123 using ntpdate (without patch)
11 Feb 20:30:09 ntpdate[2348]: no server suitable for synchronization found

# With port <123 using ntpdate (including patch)
11 Feb 20:32:18 ntpdate[3243]: adjust time server 10.10.10.107 offset 0.002017 
sec

Eric

** Tags added: verification-done-wily

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Robie Basak

Thanks Eric, the debdiffs look good to me. I added Origin and Bug-Ubuntu
dep3 headers as discussed on IRC. Apart from that I've uploaded all
three unmodified. Now awaiting SRU team review.

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
+ 
+ [Development Fix]
+ 
+ Fixed by merge of NTP of newer upstream release that includes the fix.
+ Stuck in dep-wait in xenial-proposed due to an unrelated issue (pps-
+ tools MIR or other resolution).
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
   ==> NTP server = y.y.y.y
   ntp.conf configured to be a server.
  
   ==> NTP client = x.x.x.x
   "ntpdate" used to submmit requests
  
   #iptable setup to force src port to be lower than 123
   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
  
  ## On the client, set to force src port < 123 (without patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: no server suitable for synchronization found
  
  ## On the client, set to force src port < 123 (with patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Changed in: ntp (Ubuntu Xenial)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Robie Basak

Thanks Eric, the debdiffs look good to me. I added Origin and Bug-Ubuntu
dep3 headers as discussed on IRC. Apart from that I've uploaded all
three unmodified. Now awaiting SRU team review.

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
+ 
+ [Development Fix]
+ 
+ Fixed by merge of NTP of newer upstream release that includes the fix.
+ Stuck in dep-wait in xenial-proposed due to an unrelated issue (pps-
+ tools MIR or other resolution).
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
   ==> NTP server = y.y.y.y
   ntp.conf configured to be a server.
  
   ==> NTP client = x.x.x.x
   "ntpdate" used to submmit requests
  
   #iptable setup to force src port to be lower than 123
   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
  
  ## On the client, set to force src port < 123 (without patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: no server suitable for synchronization found
  
  ## On the client, set to force src port < 123 (with patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Changed in: ntp (Ubuntu Xenial)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Brian Murray

Hello Richard, or anyone else affected,

Accepted ntp into wily-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-
3ubuntu8.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: ntp (Ubuntu Wily)
   Status: In Progress => Fix Committed

** Tags added: verification-needed

** Changed in: ntp (Ubuntu Trusty)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-02-11 Thread Brian Murray

Hello Richard, or anyone else affected,

Accepted ntp into wily-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-
3ubuntu8.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: ntp (Ubuntu Wily)
   Status: In Progress => Fix Committed

** Tags added: verification-needed

** Changed in: ntp (Ubuntu Trusty)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
+ 
+ Setup:
+   ==> NTP server = y.y.y.y
+   ntp.conf configured to be a server.
+   
+   ==> NTP client = x.x.x.x
+   "ntpdate" used to submmit requests
+ 
+ #iptable setup to force src port to be lower than 123
+   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
10.55.15.154:100-122
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
-   ==> NTP server = y.y.y.y
-   ntp.conf configured to be a server.
-   
-   ==> NTP client = x.x.x.x
-   "ntpdate" used to submmit requests
+  ==> NTP server = y.y.y.y
+  ntp.conf configured to be a server.
  
- #iptable setup to force src port to be lower than 123
-   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
10.55.15.154:100-122
+  ==> NTP client = x.x.x.x
+  "ntpdate" used to submmit requests
+ 
+ #iptable setup to force src port to be lower than 123
+  iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
   ==> NTP server = y.y.y.y
   ntp.conf configured to be a server.
  
   ==> NTP client = x.x.x.x
   "ntpdate" used to submmit requests
  
  #iptable setup to force src port to be lower than 123
   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
+ 
+ ## On the client, set to force src port < 123 (without patch)
+ 
+ $ ntpdate y.y.y.y
+ ntpdate[]: no server suitable for synchronization found
+ 
+ ## On the client, set to force src port < 123 (with patch)
+ 
+ $ ntpdate y.y.y.y
+ ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
   ==> NTP server = y.y.y.y
   ntp.conf configured to be a server.
  
   ==> NTP client = x.x.x.x
   "ntpdate" used to submmit requests
  
- #iptable setup to force src port to be lower than 123
+  #iptable setup to force src port to be lower than 123
   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
  
  ## On the client, set to force src port < 123 (without patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: no server suitable for synchronization found
  
  ## On the client, set to force src port < 123 (with patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
   ==> NTP server = y.y.y.y
   ntp.conf configured to be a server.
  
   ==> NTP client = x.x.x.x
   "ntpdate" used to submmit requests
  
  #iptable setup to force src port to be lower than 123
   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
+ 
+ ## On the client, set to force src port < 123 (without patch)
+ 
+ $ ntpdate y.y.y.y
+ ntpdate[]: no server suitable for synchronization found
+ 
+ ## On the client, set to force src port < 123 (with patch)
+ 
+ $ ntpdate y.y.y.y
+ ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
   ==> NTP server = y.y.y.y
   ntp.conf configured to be a server.
  
   ==> NTP client = x.x.x.x
   "ntpdate" used to submmit requests
  
- #iptable setup to force src port to be lower than 123
+  #iptable setup to force src port to be lower than 123
   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
  
  ## On the client, set to force src port < 123 (without patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: no server suitable for synchronization found
  
  ## On the client, set to force src port < 123 (with patch)
  
  $ ntpdate y.y.y.y
  ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
+ 
+ Setup:
+   ==> NTP server = y.y.y.y
+   ntp.conf configured to be a server.
+   
+   ==> NTP client = x.x.x.x
+   "ntpdate" used to submmit requests
+ 
+ #iptable setup to force src port to be lower than 123
+   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
10.55.15.154:100-122
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  Setup:
-   ==> NTP server = y.y.y.y
-   ntp.conf configured to be a server.
-   
-   ==> NTP client = x.x.x.x
-   "ntpdate" used to submmit requests
+  ==> NTP server = y.y.y.y
+  ntp.conf configured to be a server.
  
- #iptable setup to force src port to be lower than 123
-   iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
10.55.15.154:100-122
+  ==> NTP client = x.x.x.x
+  "ntpdate" used to submmit requests
+ 
+ #iptable setup to force src port to be lower than 123
+  iptables -t nat -A POSTROUTING -p UDP --dport 123  -j SNAT --to-source 
x.x.x.x:100-122
  
  [Regression Potential]
  
  The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

I have build a test package for the community to validate it solve the bug 
before starting the SRU process [1].
The goal of this testfix is only to confirm that this solve the bug and it is 
not a final solution.

Here's what has been brought to my attention about the test package I
have provided.

---
I confirm that the proposed testfix package resolved the issue.

The test were made on test machines where the client had an iptable postrouting 
nat forcing the source port to be under 123.
- ntpdate command performed on the client machine was successful
- tcpdump on the server side confirmed that the source port was under 123.

Please advise for the next steps

Thank-you
---

[1] - https://launchpad.net/~slashd/+archive/ubuntu/bug1479652

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

I have build a test package for the community to validate it solve the bug 
before starting the SRU process [1].
The goal of this testfix is only to confirm that this solve the bug and it is 
not a final solution.

Here's what has been brought to my attention about the test package I
have provided.

---
I confirm that the proposed testfix package resolved the issue.

The test were made on test machines where the client had an iptable postrouting 
nat forcing the source port to be under 123.
- ntpdate command performed on the client machine was successful
- tcpdump on the server side confirmed that the source port was under 123.

Please advise for the next steps

Thank-you
---

[1] - https://launchpad.net/~slashd/+archive/ubuntu/bug1479652

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Tags added: sts

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Tags added: sts

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Description changed:

+ [Impact]
+ 
+ If an NTP client sends a request with a source port less than 123, the packet 
is silently ignored by ntpd. 
+ This is occurring in our environment due to NAT.
+ 
+ [Test Case]
+ 
+ The problem can easily be reproduced by having an iptable postrouting
+ nat forcing the source port to be under 123 set on the client.
+ 
+ [Regression Potential]
+ 
+ The patch comes from upstream 
+ [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174]
+ 
+ A testfix[1] package has been provided to the community before the SRU
+ process to bring more confidence for the patch. Positive feedbacks has
+ been given by the community to confirm the patch addressed the bug
+ [comment #7]
+ 
+ [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
+ 
+ [Original description]
+ 
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
- If an NTP client sends a request with a source port less than 123, the packet 
is silently ignored by ntpd. 
- This is occurring in our environment due to NAT.
+ If an NTP client sends a request with a source port less than 123, the
+ packet is silently ignored by ntpd. This is occurring in our environment
+ due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  [Regression Potential]
  
- The patch comes from upstream 
+ The patch comes from upstream
  [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174]
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  [Regression Potential]
  
- The patch comes from upstream
- [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174]
+ The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174]
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  [Regression Potential]
  
- The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174]
+ The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

** Description changed:

+ [Impact]
+ 
+ If an NTP client sends a request with a source port less than 123, the packet 
is silently ignored by ntpd. 
+ This is occurring in our environment due to NAT.
+ 
+ [Test Case]
+ 
+ The problem can easily be reproduced by having an iptable postrouting
+ nat forcing the source port to be under 123 set on the client.
+ 
+ [Regression Potential]
+ 
+ The patch comes from upstream 
+ [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174]
+ 
+ A testfix[1] package has been provided to the community before the SRU
+ process to bring more confidence for the patch. Positive feedbacks has
+ been given by the community to confirm the patch addressed the bug
+ [comment #7]
+ 
+ [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
+ 
+ [Original description]
+ 
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
- If an NTP client sends a request with a source port less than 123, the packet 
is silently ignored by ntpd. 
- This is occurring in our environment due to NAT.
+ If an NTP client sends a request with a source port less than 123, the
+ packet is silently ignored by ntpd. This is occurring in our environment
+ due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  [Regression Potential]
  
- The patch comes from upstream 
+ The patch comes from upstream
  [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174]
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  [Regression Potential]
  
- The patch comes from upstream
- [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174]
+ The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174]
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not filed by me. Description
  below is mine.]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  Attached is the patch already accepted upstream which fixes the issue.
  I've verified it fixes the problem. Debian has been ignoring this patch
  for almost 3 years. Can we get this in Ubuntu please?

** Description changed:

  [Impact]
  
  If an NTP client sends a request with a source port less than 123, the
  packet is silently ignored by ntpd. This is occurring in our environment
  due to NAT.
  
  [Test Case]
  
  The problem can easily be reproduced by having an iptable postrouting
  nat forcing the source port to be under 123 set on the client.
  
  [Regression Potential]
  
- The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174]
+ The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174
  
  A testfix[1] package has been provided to the community before the SRU
  process to bring more confidence for the patch. Positive feedbacks has
  been given by the community to confirm the patch addressed the bug
  [comment #7]
  
  [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652
  
  [Original description]
  
  [Title copied from Debian bug, which was not

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

Patch
-- 
Distribution : Trusty (14.04)
Package version : ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8
--

Note: kick-d is currently working on a merge for Xenial, including this patch.
I'm including the .debdiffs for the other distributions (W/T/P) for once the 
merge for Xenial will be completed.

** Patch added: "trusty_ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8"
   
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556319/+files/lp1479652_trusty_14.04.8.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

Patch
-- 
Distribution : Trusty (14.04)
Package version : ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8
--

Note: kick-d is currently working on a merge for Xenial, including this patch.
I'm including the .debdiffs for the other distributions (W/T/P) for once the 
merge for Xenial will be completed.

** Patch added: "trusty_ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8"
   
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556319/+files/lp1479652_trusty_14.04.8.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

Patch
--
Distribution : Precise (12.04)
Package version : 4.2.6.p3+dfsg-1ubuntu3.9
--


** Patch added: "precise_ntp_4.2.6.p3+dfsg-1ubuntu3.9"
   
https://bugs.launchpad.net/ubuntu/precise/+source/ntp/+bug/1479652/+attachment/4556380/+files/lp1479652_precise_3.9.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

Patch
--
Distribution : Precise (12.04)
Package version : 4.2.6.p3+dfsg-1ubuntu3.9
--


** Patch added: "precise_ntp_4.2.6.p3+dfsg-1ubuntu3.9"
   
https://bugs.launchpad.net/ubuntu/precise/+source/ntp/+bug/1479652/+attachment/4556380/+files/lp1479652_precise_3.9.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

Patch
--
Distribution : Wily (15.10)
Package version : 4.2.6.p5+dfsg-3ubuntu8.2
--

** Patch added: "wily_4.2.6.p5+dfsg-3ubuntu8.2"
   
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556354/+files/lp1479652_wily_8.2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-25 Thread Eric Desrochers

Patch
--
Distribution : Wily (15.10)
Package version : 4.2.6.p5+dfsg-3ubuntu8.2
--

** Patch added: "wily_4.2.6.p5+dfsg-3ubuntu8.2"
   
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556354/+files/lp1479652_wily_8.2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-23 Thread Eric Desrochers

** Changed in: ntp (Ubuntu Xenial)
   Status: New => In Progress

** Changed in: ntp (Ubuntu Wily)
   Status: New => In Progress

** Changed in: ntp (Ubuntu Precise)
   Status: New => In Progress

** Changed in: ntp (Ubuntu Trusty)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-23 Thread Eric Desrochers

** Changed in: ntp (Ubuntu Xenial)
   Status: New => In Progress

** Changed in: ntp (Ubuntu Wily)
   Status: New => In Progress

** Changed in: ntp (Ubuntu Precise)
   Status: New => In Progress

** Changed in: ntp (Ubuntu Trusty)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-22 Thread Timo Aaltonen

** Also affects: ntp (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Also affects: ntp (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Also affects: ntp (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: ntp (Ubuntu Trusty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-22 Thread Timo Aaltonen

** Also affects: ntp (Ubuntu Wily)
   Importance: Undecided
   Status: New

** Also affects: ntp (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Also affects: ntp (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: ntp (Ubuntu Trusty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-22 Thread Eric Desrochers

** Changed in: ntp (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Wily)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Xenial)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Precise)
 Assignee: (unassigned) => Eric Desrochers (slashd)

** Changed in: ntp (Ubuntu Trusty)
 Assignee: (unassigned) => Eric Desrochers (slashd)

** Changed in: ntp (Ubuntu Wily)
 Assignee: (unassigned) => Eric Desrochers (slashd)

** Changed in: ntp (Ubuntu Xenial)
 Assignee: (unassigned) => Kick In (kick-d)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2016-01-22 Thread Eric Desrochers

** Changed in: ntp (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Wily)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Xenial)
   Importance: Undecided => Medium

** Changed in: ntp (Ubuntu Precise)
 Assignee: (unassigned) => Eric Desrochers (slashd)

** Changed in: ntp (Ubuntu Trusty)
 Assignee: (unassigned) => Eric Desrochers (slashd)

** Changed in: ntp (Ubuntu Wily)
 Assignee: (unassigned) => Eric Desrochers (slashd)

** Changed in: ntp (Ubuntu Xenial)
 Assignee: (unassigned) => Kick In (kick-d)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-11-06 Thread Robie Basak

According to the Debian bug, this was fixed upstream in 4.2.8p1 and
Debian sid is now on 1:4.2.8p4+dfsg-3 so I think that means this is
fixed in Debian. Ubuntu will pick it up on the next merge which I am
expecting to be done this cycle.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-11-06 Thread Robie Basak

According to the Debian bug, this was fixed upstream in 4.2.8p1 and
Debian sid is now on 1:4.2.8p4+dfsg-3 so I think that means this is
fixed in Debian. Ubuntu will pick it up on the next merge which I am
expecting to be done this cycle.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-07-30 Thread Bug Watch Updater

** Changed in: ntp (Debian)
   Status: Unknown = New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-07-30 Thread Bug Watch Updater

** Changed in: ntp (Debian)
   Status: Unknown = New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-07-30 Thread Ubuntu Foundations Team Bug Bot

The attachment Patch from upstream, made suitable for debian/patches
seems to be a patch.  If it isn't, please remove the patch flag from
the attachment, remove the patch tag, and if you are a member of the
~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-07-30 Thread Ubuntu Foundations Team Bug Bot

The attachment Patch from upstream, made suitable for debian/patches
seems to be a patch.  If it isn't, please remove the patch flag from
the attachment, remove the patch tag, and if you are a member of the
~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-07-30 Thread Bug Watch Updater

Launchpad has imported 3 comments from the remote bug at
http://bugs.ntp.org/show_bug.cgi?id=2174.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.


On 2012-04-21T18:34:44+00:00 Jason-bugzilla wrote:

Per Dave Hart, I'm filing this bug report to track an issue where NTP
client packets on the inside of a Cisco IOS NAT box are dropped by ntpd
on the outside of the Cisco IOS NAT box.  This is due to IOS NAT using a
low UDP source port ntp_proto.c tests against and blocks.

This was worked around per David's suggestion in the thread below, but
it would be great if this would make it into mainline code.

http://groups.google.com/group/comp.protocols.time.ntp/msg/3024d073b914b278

Reply at:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/0


On 2012-04-25T04:12:32+00:00 Dave Hart wrote:

Ready in ~hart/ntp-dev-2174

Reply at:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/1


On 2012-04-25T05:13:35+00:00 Stenn wrote:

Jason,

Thanks for the report.  Please check ntp-4.2.7p274 and mark this bug as
VERIFIED or REOPENED, as appropriate.

Dave, thanks for your work on this.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/2


** Changed in: ntp
   Status: Unknown = Fix Released

** Changed in: ntp
   Importance: Unknown = High

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus

2015-07-30 Thread Bug Watch Updater

Launchpad has imported 3 comments from the remote bug at
http://bugs.ntp.org/show_bug.cgi?id=2174.

If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
https://help.launchpad.net/InterBugTracking.


On 2012-04-21T18:34:44+00:00 Jason-bugzilla wrote:

Per Dave Hart, I'm filing this bug report to track an issue where NTP
client packets on the inside of a Cisco IOS NAT box are dropped by ntpd
on the outside of the Cisco IOS NAT box.  This is due to IOS NAT using a
low UDP source port ntp_proto.c tests against and blocks.

This was worked around per David's suggestion in the thread below, but
it would be great if this would make it into mainline code.

http://groups.google.com/group/comp.protocols.time.ntp/msg/3024d073b914b278

Reply at:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/0


On 2012-04-25T04:12:32+00:00 Dave Hart wrote:

Ready in ~hart/ntp-dev-2174

Reply at:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/1


On 2012-04-25T05:13:35+00:00 Stenn wrote:

Jason,

Thanks for the report.  Please check ntp-4.2.7p274 and mark this bug as
VERIFIED or REOPENED, as appropriate.

Dave, thanks for your work on this.

Reply at:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/2


** Changed in: ntp
   Status: Unknown = Fix Released

** Changed in: ntp
   Importance: Unknown = High

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1479652

Title:
  [patch] ntpd rejects source UDP ports less than 123 as bogus

To manage notifications about this bug go to:
https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

51 matches

Mail list logo