1 files changed, 0 insertions, 41 deletions

diff --git a/main/busybox/0014-ntpd-respond-only-to-client-and-symmetric-active-pac.patch b/main/busybox/0014-ntpd-respond-only-to-client-and-symmetric-active-pac.patch
deleted file mode 100644
index 0dafec292a..0000000000
--- a/main/busybox/0014-ntpd-respond-only-to-client-and-symmetric-active-pac.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 431610ad7ea53d2f9f1bf926e1d353d533bdb27f Mon Sep 17 00:00:00 2001
-From: Miroslav Lichvar <mlichvar@redhat.com>
-Date: Mon, 1 Aug 2016 20:24:24 +0200
-Subject: [PATCH 14/15] ntpd: respond only to client and symmetric active
- packets
-
-The busybox NTP implementation doesn't check the NTP mode of packets
-received on the server port and responds to any packet with the right
-size. This includes responses from another NTP server. An attacker can
-send a packet with a spoofed source address in order to create an
-infinite loop of responses between two busybox NTP servers. Adding
-more packets to the loop increases the traffic between the servers
-until one of them has a fully loaded CPU and/or network.
-
-Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
----
- networking/ntpd.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/networking/ntpd.c b/networking/ntpd.c
-index 7f7d69e..182dd58 100644
---- a/networking/ntpd.c
-+++ b/networking/ntpd.c
-@@ -2042,6 +2042,13 @@ recv_and_process_client_pkt(void /*int fd*/)
- 		goto bail;
- 	}
- 
-+	/* Respond only to client and symmetric active packets */
-+	if ((msg.m_status & MODE_MASK) != MODE_CLIENT
-+	 && (msg.m_status & MODE_MASK) != MODE_SYM_ACT
-+	) {
-+		goto bail;
-+	}
-+
- 	query_status = msg.m_status;
- 	query_xmttime = msg.m_xmttime;
- 
--- 
-2.9.1
-