[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Debian) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.6.p3+dfsg-1ubuntu3.9 --- ntp (1:4.2.6.p3+dfsg-1ubuntu3.9) precise; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric DesrochersMon, 25 Jan 2016 12:28:25 -0500 ** Changed in: ntp (Ubuntu Precise) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.6.p3+dfsg-1ubuntu3.9 --- ntp (1:4.2.6.p3+dfsg-1ubuntu3.9) precise; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric DesrochersMon, 25 Jan 2016 12:28:25 -0500 ** Changed in: ntp (Ubuntu Precise) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu1 --- ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium * Merge from Debian testing. Remaining changes: + debian/rules: enable debugging. Ask debian to add this. + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. + Add enforcing AppArmor profile: - debian/control: Add Conflicts/Replaces on apparmor-profiles. - debian/control: Add Suggests on apparmor. - debian/control: Build-Depends on dh-apparmor. - add debian/apparmor-profile*. - debian/ntp.dirs: Add apparmor directories. - debian/rules: Install apparmor-profile and apparmor-profile.tunable. - debian/source_ntp.py: Add filter on AppArmor profile names to prevent false positives from denials originating in other packages. - debian/README.Debian: Add note on AppArmor. + debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before running ntpdate when an interface comes up, then start again afterwards. + debian/ntp.init, debian/rules: Only stop when entering single user mode, don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can get stale. Patch by Simon Déziel. + debian/ntp.conf, debian/ntpdate.default: Change default server to ntp.ubuntu.com. + debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y). * Includes fix for requests with source ports < 123, fixed upstream in 4.2.8p1 (LP: #1479652). * Add PPS support (LP: #1512980): + debian/README.Debian: Add a PPS section to the README.Debian, removed all PPSkit one. + debian/ntp.conf: Add some configuration examples from the offical documentation. + debian/control: Add Build-Depends on pps-tools * Drop Changes: + debian/rules: Update config.{guess,sub} for AArch64, because upstream use dh_autoreconf now. + debian/{control,rules}: Add and enable hardened build for PIE. Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is never applied, (cf. dpkg-buildflags manual), checked with Marc Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC. + debian/rules: Remove update-rcd-params in dh_installinit command. When setting up ntp package, the following message is presented to the user due to deprecated use: "update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults". The defaults are taken from the init.d script LSB comment header, which contain what we need anyway. + debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed. + debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock now. + Remove natty timeframe old deltas (transitional code not needed since Trusty): Those patches were for an incorrect behaviour of system-tools-backend, around natty time (https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23) - debian/ntpdate-debian: Disregard empty ntp.conf files. - debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation. + debian/ntp.dhcp: Rewrite sed rules. This was done incorrectly as pointed out in LP 575458. This decision is explained in detail there. * All previous ubuntu security patches/fixes have been upstreamed: + CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-7703, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7702, CVE-2015-7701, CVE-2015-7704, CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853, CVE-2015-7855, CVE-2015-7871, CVE-2015-1798, CVE-2015-1799, CVE-2014-9297, CVE-2014-9298, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296 + Fix to ignore ENOBUFS on routing netlink socket + Fix use-after-free in routing socket code + ntp-keygen infinite loop or lack of randonmess on big endian platforms -- Pierre-André MOREYFri, 5 Feb 2016 18:28:52 +0100 ** Changed in: ntp (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9293 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9294 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9295 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9296 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9297 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9298 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1798 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1799 ** CVE added: http://www.cve.mitre.org/cgi-
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu1 --- ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium * Merge from Debian testing. Remaining changes: + debian/rules: enable debugging. Ask debian to add this. + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook. + Add enforcing AppArmor profile: - debian/control: Add Conflicts/Replaces on apparmor-profiles. - debian/control: Add Suggests on apparmor. - debian/control: Build-Depends on dh-apparmor. - add debian/apparmor-profile*. - debian/ntp.dirs: Add apparmor directories. - debian/rules: Install apparmor-profile and apparmor-profile.tunable. - debian/source_ntp.py: Add filter on AppArmor profile names to prevent false positives from denials originating in other packages. - debian/README.Debian: Add note on AppArmor. + debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before running ntpdate when an interface comes up, then start again afterwards. + debian/ntp.init, debian/rules: Only stop when entering single user mode, don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can get stale. Patch by Simon Déziel. + debian/ntp.conf, debian/ntpdate.default: Change default server to ntp.ubuntu.com. + debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y). * Includes fix for requests with source ports < 123, fixed upstream in 4.2.8p1 (LP: #1479652). * Add PPS support (LP: #1512980): + debian/README.Debian: Add a PPS section to the README.Debian, removed all PPSkit one. + debian/ntp.conf: Add some configuration examples from the offical documentation. + debian/control: Add Build-Depends on pps-tools * Drop Changes: + debian/rules: Update config.{guess,sub} for AArch64, because upstream use dh_autoreconf now. + debian/{control,rules}: Add and enable hardened build for PIE. Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is never applied, (cf. dpkg-buildflags manual), checked with Marc Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC. + debian/rules: Remove update-rcd-params in dh_installinit command. When setting up ntp package, the following message is presented to the user due to deprecated use: "update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults". The defaults are taken from the init.d script LSB comment header, which contain what we need anyway. + debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed. + debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock now. + Remove natty timeframe old deltas (transitional code not needed since Trusty): Those patches were for an incorrect behaviour of system-tools-backend, around natty time (https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23) - debian/ntpdate-debian: Disregard empty ntp.conf files. - debian/ntp.preinst: Remove empty /etc/ntp.conf on fresh intallation. + debian/ntp.dhcp: Rewrite sed rules. This was done incorrectly as pointed out in LP 575458. This decision is explained in detail there. * All previous ubuntu security patches/fixes have been upstreamed: + CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-7703, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7702, CVE-2015-7701, CVE-2015-7704, CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853, CVE-2015-7855, CVE-2015-7871, CVE-2015-1798, CVE-2015-1799, CVE-2014-9297, CVE-2014-9298, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296 + Fix to ignore ENOBUFS on routing netlink socket + Fix use-after-free in routing socket code + ntp-keygen infinite loop or lack of randonmess on big endian platforms -- Pierre-André MOREYFri, 5 Feb 2016 18:28:52 +0100 ** Changed in: ntp (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9293 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9294 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9295 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9296 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9297 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9298 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1798 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1799 ** CVE added: http://www.cve.mitre.org/cgi-
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu8.2 --- ntp (1:4.2.6.p5+dfsg-3ubuntu8.2) wily; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric DesrochersMon, 25 Jan 2016 12:05:25 -0500 ** Changed in: ntp (Ubuntu Wily) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8 --- ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.8) trusty; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric DesrochersMon, 25 Jan 2016 11:39:44 -0500 ** Changed in: ntp (Ubuntu Trusty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu8.2 --- ntp (1:4.2.6.p5+dfsg-3ubuntu8.2) wily; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric DesrochersMon, 25 Jan 2016 12:05:25 -0500 ** Changed in: ntp (Ubuntu Wily) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-3ubuntu2.14.04.8 --- ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.8) trusty; urgency=medium * ntpd rejects source UDP ports less than 123 as bogus (closes: #691412) - d/p/reject-UDP-ports-less-than-123-as-bogus.patch (LP: #1479652) -- Eric DesrochersMon, 25 Jan 2016 11:39:44 -0500 ** Changed in: ntp (Ubuntu Trusty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
It has been brought to my attention ... -- I confirm that the proposed testfix package resolved the issue on Trusty. The test were made on test machines where the client had an iptable postrouting nat forcing the source port to be under 123. - ntpdate command performed on the client machine was successful - tcpdump on the server side confirmed that the source port was under 123. -- ** Tags removed: verification-needed ** Tags added: verification-done ** Tags removed: verification-done ** Tags added: verification-done-trusty ** Tags removed: verification-done-trusty ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
It has been brought to my attention ... -- I confirm that the proposed testfix package resolved the issue on Trusty. The test were made on test machines where the client had an iptable postrouting nat forcing the source port to be under 123. - ntpdate command performed on the client machine was successful - tcpdump on the server side confirmed that the source port was under 123. -- ** Tags removed: verification-needed ** Tags added: verification-done ** Tags removed: verification-done ** Tags added: verification-done-trusty ** Tags removed: verification-done-trusty ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Tags removed: verification-done ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
I confirmed the package"4.2.6.p3+dfsg-1ubuntu3.9" solved the problem in Ubuntu Precise NTP Version : 1:4.2.6.p3+dfsg-1ubuntu3.1 With no IPTABLES rule ==> Working $ ntpdate x.x.x.x 11 Feb 16:15:19 ntpdate[1243]: adjust time server x.x.x.x offset 0.190571 sec With IPTABLES rule ==> Not working $ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source y.y.y.y:100-122 $ntpdate x.x.x.x 11 Feb 16:15:36 ntpdate[1253]: no server suitable for synchronization found With ntp (precise-proposed) + IPTABLE rules ==> Now working NTP version: 1:4.2.6.p3+dfsg-1ubuntu3.9 $ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source y.y.y.y:100-122 $ ntpdate x.x.x.x 11 Feb 16:21:26 ntpdate[1986]: adjust time server x.x.x.x offset 0.005394 sec Eric ** Tags added: verification-done-precise -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Tags removed: verification-done ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
I confirmed the package"4.2.6.p3+dfsg-1ubuntu3.9" solved the problem in Ubuntu Precise NTP Version : 1:4.2.6.p3+dfsg-1ubuntu3.1 With no IPTABLES rule ==> Working $ ntpdate x.x.x.x 11 Feb 16:15:19 ntpdate[1243]: adjust time server x.x.x.x offset 0.190571 sec With IPTABLES rule ==> Not working $ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source y.y.y.y:100-122 $ntpdate x.x.x.x 11 Feb 16:15:36 ntpdate[1253]: no server suitable for synchronization found With ntp (precise-proposed) + IPTABLE rules ==> Now working NTP version: 1:4.2.6.p3+dfsg-1ubuntu3.9 $ iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source y.y.y.y:100-122 $ ntpdate x.x.x.x 11 Feb 16:21:26 ntpdate[1986]: adjust time server x.x.x.x offset 0.005394 sec Eric ** Tags added: verification-done-precise -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
I confirmed the package "4.2.6.p5+dfsg-3ubuntu8.2" solve the bug in Ubuntu Wily # With port <123 using ntpdate (without patch) 11 Feb 20:30:09 ntpdate[2348]: no server suitable for synchronization found # With port <123 using ntpdate (including patch) 11 Feb 20:32:18 ntpdate[3243]: adjust time server 10.10.10.107 offset 0.002017 sec Eric ** Tags added: verification-done-wily -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
I confirmed the package "4.2.6.p5+dfsg-3ubuntu8.2" solve the bug in Ubuntu Wily # With port <123 using ntpdate (without patch) 11 Feb 20:30:09 ntpdate[2348]: no server suitable for synchronization found # With port <123 using ntpdate (including patch) 11 Feb 20:32:18 ntpdate[3243]: adjust time server 10.10.10.107 offset 0.002017 sec Eric ** Tags added: verification-done-wily -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Thanks Eric, the debdiffs look good to me. I added Origin and Bug-Ubuntu dep3 headers as discussed on IRC. Apart from that I've uploaded all three unmodified. Now awaiting SRU team review. ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. + + [Development Fix] + + Fixed by merge of NTP of newer upstream release that includes the fix. + Stuck in dep-wait in xenial-proposed due to an unrelated issue (pps- + tools MIR or other resolution). [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: ==> NTP server = y.y.y.y ntp.conf configured to be a server. ==> NTP client = x.x.x.x "ntpdate" used to submmit requests #iptable setup to force src port to be lower than 123 iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 ## On the client, set to force src port < 123 (without patch) $ ntpdate y.y.y.y ntpdate[]: no server suitable for synchronization found ## On the client, set to force src port < 123 (with patch) $ ntpdate y.y.y.y ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Changed in: ntp (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Thanks Eric, the debdiffs look good to me. I added Origin and Bug-Ubuntu dep3 headers as discussed on IRC. Apart from that I've uploaded all three unmodified. Now awaiting SRU team review. ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. + + [Development Fix] + + Fixed by merge of NTP of newer upstream release that includes the fix. + Stuck in dep-wait in xenial-proposed due to an unrelated issue (pps- + tools MIR or other resolution). [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: ==> NTP server = y.y.y.y ntp.conf configured to be a server. ==> NTP client = x.x.x.x "ntpdate" used to submmit requests #iptable setup to force src port to be lower than 123 iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 ## On the client, set to force src port < 123 (without patch) $ ntpdate y.y.y.y ntpdate[]: no server suitable for synchronization found ## On the client, set to force src port < 123 (with patch) $ ntpdate y.y.y.y ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Changed in: ntp (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Hello Richard, or anyone else affected, Accepted ntp into wily-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg- 3ubuntu8.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: ntp (Ubuntu Wily) Status: In Progress => Fix Committed ** Tags added: verification-needed ** Changed in: ntp (Ubuntu Trusty) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Hello Richard, or anyone else affected, Accepted ntp into wily-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg- 3ubuntu8.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: ntp (Ubuntu Wily) Status: In Progress => Fix Committed ** Tags added: verification-needed ** Changed in: ntp (Ubuntu Trusty) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. + + Setup: + ==> NTP server = y.y.y.y + ntp.conf configured to be a server. + + ==> NTP client = x.x.x.x + "ntpdate" used to submmit requests + + #iptable setup to force src port to be lower than 123 + iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source 10.55.15.154:100-122 [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: - ==> NTP server = y.y.y.y - ntp.conf configured to be a server. - - ==> NTP client = x.x.x.x - "ntpdate" used to submmit requests + ==> NTP server = y.y.y.y + ntp.conf configured to be a server. - #iptable setup to force src port to be lower than 123 - iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source 10.55.15.154:100-122 + ==> NTP client = x.x.x.x + "ntpdate" used to submmit requests + + #iptable setup to force src port to be lower than 123 + iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: ==> NTP server = y.y.y.y ntp.conf configured to be a server. ==> NTP client = x.x.x.x "ntpdate" used to submmit requests #iptable setup to force src port to be lower than 123 iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 + + ## On the client, set to force src port < 123 (without patch) + + $ ntpdate y.y.y.y + ntpdate[]: no server suitable for synchronization found + + ## On the client, set to force src port < 123 (with patch) + + $ ntpdate y.y.y.y + ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: ==> NTP server = y.y.y.y ntp.conf configured to be a server. ==> NTP client = x.x.x.x "ntpdate" used to submmit requests - #iptable setup to force src port to be lower than 123 + #iptable setup to force src port to be lower than 123 iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 ## On the client, set to force src port < 123 (without patch) $ ntpdate y.y.y.y ntpdate[]: no server suitable for synchronization found ## On the client, set to force src port < 123 (with patch) $ ntpdate y.y.y.y ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: ==> NTP server = y.y.y.y ntp.conf configured to be a server. ==> NTP client = x.x.x.x "ntpdate" used to submmit requests #iptable setup to force src port to be lower than 123 iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 + + ## On the client, set to force src port < 123 (without patch) + + $ ntpdate y.y.y.y + ntpdate[]: no server suitable for synchronization found + + ## On the client, set to force src port < 123 (with patch) + + $ ntpdate y.y.y.y + ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: ==> NTP server = y.y.y.y ntp.conf configured to be a server. ==> NTP client = x.x.x.x "ntpdate" used to submmit requests - #iptable setup to force src port to be lower than 123 + #iptable setup to force src port to be lower than 123 iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 ## On the client, set to force src port < 123 (without patch) $ ntpdate y.y.y.y ntpdate[]: no server suitable for synchronization found ## On the client, set to force src port < 123 (with patch) $ ntpdate y.y.y.y ntpdate[]: adjust time server y.y.y.y offset -0.028483 sec [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. + + Setup: + ==> NTP server = y.y.y.y + ntp.conf configured to be a server. + + ==> NTP client = x.x.x.x + "ntpdate" used to submmit requests + + #iptable setup to force src port to be lower than 123 + iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source 10.55.15.154:100-122 [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. Setup: - ==> NTP server = y.y.y.y - ntp.conf configured to be a server. - - ==> NTP client = x.x.x.x - "ntpdate" used to submmit requests + ==> NTP server = y.y.y.y + ntp.conf configured to be a server. - #iptable setup to force src port to be lower than 123 - iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source 10.55.15.154:100-122 + ==> NTP client = x.x.x.x + "ntpdate" used to submmit requests + + #iptable setup to force src port to be lower than 123 + iptables -t nat -A POSTROUTING -p UDP --dport 123 -j SNAT --to-source x.x.x.x:100-122 [Regression Potential] The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
I have build a test package for the community to validate it solve the bug before starting the SRU process [1]. The goal of this testfix is only to confirm that this solve the bug and it is not a final solution. Here's what has been brought to my attention about the test package I have provided. --- I confirm that the proposed testfix package resolved the issue. The test were made on test machines where the client had an iptable postrouting nat forcing the source port to be under 123. - ntpdate command performed on the client machine was successful - tcpdump on the server side confirmed that the source port was under 123. Please advise for the next steps Thank-you --- [1] - https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
I have build a test package for the community to validate it solve the bug before starting the SRU process [1]. The goal of this testfix is only to confirm that this solve the bug and it is not a final solution. Here's what has been brought to my attention about the test package I have provided. --- I confirm that the proposed testfix package resolved the issue. The test were made on test machines where the client had an iptable postrouting nat forcing the source port to be under 123. - ntpdate command performed on the client machine was successful - tcpdump on the server side confirmed that the source port was under 123. Please advise for the next steps Thank-you --- [1] - https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Tags added: sts -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Tags added: sts -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Description changed: + [Impact] + + If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. + This is occurring in our environment due to NAT. + + [Test Case] + + The problem can easily be reproduced by having an iptable postrouting + nat forcing the source port to be under 123 set on the client. + + [Regression Potential] + + The patch comes from upstream + [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174] + + A testfix[1] package has been provided to the community before the SRU + process to bring more confidence for the patch. Positive feedbacks has + been given by the community to confirm the patch addressed the bug + [comment #7] + + [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 + + [Original description] + [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] - If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. - This is occurring in our environment due to NAT. + If an NTP client sends a request with a source port less than 123, the + packet is silently ignored by ntpd. This is occurring in our environment + due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. [Regression Potential] - The patch comes from upstream + The patch comes from upstream [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174] A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. [Regression Potential] - The patch comes from upstream - [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174] + The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174] A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. [Regression Potential] - The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174] + The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Description changed: + [Impact] + + If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. + This is occurring in our environment due to NAT. + + [Test Case] + + The problem can easily be reproduced by having an iptable postrouting + nat forcing the source port to be under 123 set on the client. + + [Regression Potential] + + The patch comes from upstream + [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174] + + A testfix[1] package has been provided to the community before the SRU + process to bring more confidence for the patch. Positive feedbacks has + been given by the community to confirm the patch addressed the bug + [comment #7] + + [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 + + [Original description] + [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] - If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. - This is occurring in our environment due to NAT. + If an NTP client sends a request with a source port less than 123, the + packet is silently ignored by ntpd. This is occurring in our environment + due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. [Regression Potential] - The patch comes from upstream + The patch comes from upstream [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174] A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. [Regression Potential] - The patch comes from upstream - [Bug 2174] http://bugs.ntp.org/show_bug.cgi?id=2174] + The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174] A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not filed by me. Description below is mine.] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. Attached is the patch already accepted upstream which fixes the issue. I've verified it fixes the problem. Debian has been ignoring this patch for almost 3 years. Can we get this in Ubuntu please? ** Description changed: [Impact] If an NTP client sends a request with a source port less than 123, the packet is silently ignored by ntpd. This is occurring in our environment due to NAT. [Test Case] The problem can easily be reproduced by having an iptable postrouting nat forcing the source port to be under 123 set on the client. [Regression Potential] - The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174] + The patch comes from upstream: http://bugs.ntp.org/show_bug.cgi?id=2174 A testfix[1] package has been provided to the community before the SRU process to bring more confidence for the patch. Positive feedbacks has been given by the community to confirm the patch addressed the bug [comment #7] [1]- https://launchpad.net/~slashd/+archive/ubuntu/bug1479652 [Original description] [Title copied from Debian bug, which was not
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Patch -- Distribution : Trusty (14.04) Package version : ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8 -- Note: kick-d is currently working on a merge for Xenial, including this patch. I'm including the .debdiffs for the other distributions (W/T/P) for once the merge for Xenial will be completed. ** Patch added: "trusty_ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8" https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556319/+files/lp1479652_trusty_14.04.8.debdiff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Patch -- Distribution : Trusty (14.04) Package version : ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8 -- Note: kick-d is currently working on a merge for Xenial, including this patch. I'm including the .debdiffs for the other distributions (W/T/P) for once the merge for Xenial will be completed. ** Patch added: "trusty_ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.8" https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556319/+files/lp1479652_trusty_14.04.8.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Patch -- Distribution : Precise (12.04) Package version : 4.2.6.p3+dfsg-1ubuntu3.9 -- ** Patch added: "precise_ntp_4.2.6.p3+dfsg-1ubuntu3.9" https://bugs.launchpad.net/ubuntu/precise/+source/ntp/+bug/1479652/+attachment/4556380/+files/lp1479652_precise_3.9.debdiff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Patch -- Distribution : Precise (12.04) Package version : 4.2.6.p3+dfsg-1ubuntu3.9 -- ** Patch added: "precise_ntp_4.2.6.p3+dfsg-1ubuntu3.9" https://bugs.launchpad.net/ubuntu/precise/+source/ntp/+bug/1479652/+attachment/4556380/+files/lp1479652_precise_3.9.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Patch -- Distribution : Wily (15.10) Package version : 4.2.6.p5+dfsg-3ubuntu8.2 -- ** Patch added: "wily_4.2.6.p5+dfsg-3ubuntu8.2" https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556354/+files/lp1479652_wily_8.2.debdiff -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Patch -- Distribution : Wily (15.10) Package version : 4.2.6.p5+dfsg-3ubuntu8.2 -- ** Patch added: "wily_4.2.6.p5+dfsg-3ubuntu8.2" https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/+attachment/4556354/+files/lp1479652_wily_8.2.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Ubuntu Xenial) Status: New => In Progress ** Changed in: ntp (Ubuntu Wily) Status: New => In Progress ** Changed in: ntp (Ubuntu Precise) Status: New => In Progress ** Changed in: ntp (Ubuntu Trusty) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Ubuntu Xenial) Status: New => In Progress ** Changed in: ntp (Ubuntu Wily) Status: New => In Progress ** Changed in: ntp (Ubuntu Precise) Status: New => In Progress ** Changed in: ntp (Ubuntu Trusty) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Also affects: ntp (Ubuntu Wily) Importance: Undecided Status: New ** Also affects: ntp (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: ntp (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: ntp (Ubuntu Trusty) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Also affects: ntp (Ubuntu Wily) Importance: Undecided Status: New ** Also affects: ntp (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: ntp (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: ntp (Ubuntu Trusty) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Ubuntu Precise) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Wily) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Precise) Assignee: (unassigned) => Eric Desrochers (slashd) ** Changed in: ntp (Ubuntu Trusty) Assignee: (unassigned) => Eric Desrochers (slashd) ** Changed in: ntp (Ubuntu Wily) Assignee: (unassigned) => Eric Desrochers (slashd) ** Changed in: ntp (Ubuntu Xenial) Assignee: (unassigned) => Kick In (kick-d) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Ubuntu Precise) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Wily) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: ntp (Ubuntu Precise) Assignee: (unassigned) => Eric Desrochers (slashd) ** Changed in: ntp (Ubuntu Trusty) Assignee: (unassigned) => Eric Desrochers (slashd) ** Changed in: ntp (Ubuntu Wily) Assignee: (unassigned) => Eric Desrochers (slashd) ** Changed in: ntp (Ubuntu Xenial) Assignee: (unassigned) => Kick In (kick-d) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
According to the Debian bug, this was fixed upstream in 4.2.8p1 and Debian sid is now on 1:4.2.8p4+dfsg-3 so I think that means this is fixed in Debian. Ubuntu will pick it up on the next merge which I am expecting to be done this cycle. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
According to the Debian bug, this was fixed upstream in 4.2.8p1 and Debian sid is now on 1:4.2.8p4+dfsg-3 so I think that means this is fixed in Debian. Ubuntu will pick it up on the next merge which I am expecting to be done this cycle. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Debian) Status: Unknown = New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
** Changed in: ntp (Debian) Status: Unknown = New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
The attachment Patch from upstream, made suitable for debian/patches seems to be a patch. If it isn't, please remove the patch flag from the attachment, remove the patch tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
The attachment Patch from upstream, made suitable for debian/patches seems to be a patch. If it isn't, please remove the patch flag from the attachment, remove the patch tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Launchpad has imported 3 comments from the remote bug at http://bugs.ntp.org/show_bug.cgi?id=2174. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. On 2012-04-21T18:34:44+00:00 Jason-bugzilla wrote: Per Dave Hart, I'm filing this bug report to track an issue where NTP client packets on the inside of a Cisco IOS NAT box are dropped by ntpd on the outside of the Cisco IOS NAT box. This is due to IOS NAT using a low UDP source port ntp_proto.c tests against and blocks. This was worked around per David's suggestion in the thread below, but it would be great if this would make it into mainline code. http://groups.google.com/group/comp.protocols.time.ntp/msg/3024d073b914b278 Reply at: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/0 On 2012-04-25T04:12:32+00:00 Dave Hart wrote: Ready in ~hart/ntp-dev-2174 Reply at: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/1 On 2012-04-25T05:13:35+00:00 Stenn wrote: Jason, Thanks for the report. Please check ntp-4.2.7p274 and mark this bug as VERIFIED or REOPENED, as appropriate. Dave, thanks for your work on this. Reply at: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/2 ** Changed in: ntp Status: Unknown = Fix Released ** Changed in: ntp Importance: Unknown = High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1479652] Re: [patch] ntpd rejects source UDP ports less than 123 as bogus
Launchpad has imported 3 comments from the remote bug at http://bugs.ntp.org/show_bug.cgi?id=2174. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. On 2012-04-21T18:34:44+00:00 Jason-bugzilla wrote: Per Dave Hart, I'm filing this bug report to track an issue where NTP client packets on the inside of a Cisco IOS NAT box are dropped by ntpd on the outside of the Cisco IOS NAT box. This is due to IOS NAT using a low UDP source port ntp_proto.c tests against and blocks. This was worked around per David's suggestion in the thread below, but it would be great if this would make it into mainline code. http://groups.google.com/group/comp.protocols.time.ntp/msg/3024d073b914b278 Reply at: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/0 On 2012-04-25T04:12:32+00:00 Dave Hart wrote: Ready in ~hart/ntp-dev-2174 Reply at: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/1 On 2012-04-25T05:13:35+00:00 Stenn wrote: Jason, Thanks for the report. Please check ntp-4.2.7p274 and mark this bug as VERIFIED or REOPENED, as appropriate. Dave, thanks for your work on this. Reply at: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1479652/comments/2 ** Changed in: ntp Status: Unknown = Fix Released ** Changed in: ntp Importance: Unknown = High -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1479652 Title: [patch] ntpd rejects source UDP ports less than 123 as bogus To manage notifications about this bug go to: https://bugs.launchpad.net/ntp/+bug/1479652/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs