Leap second check on redhat linux 3
How can we check leap second vulnerability for rhel3, Please suggest me here what step i need to follow to check the leap second vulnerability and remediation steps.
Responses
Hi Mavendra,
Regrettably, I must preface this with the statement that Red Hat Enterprise Linux 3 is no longer within support. If you have an exception to this process, then you should address it through your account manager. Please review https://access.redhat.com/support/policy/updates/errata/ for reference.
That said, there are a few options for you. https://access.redhat.com/solutions/1462333 discusses common leap second scenarios https://access.redhat.com/articles/15145 discusses how the leap second mechanism works and gives some examples of the files used to configure the process.
If you are not using NTP, then you will need to manually insert a new timezone file that includes the leap second. I cannot recommend strongly enough the need to test this on a development server.
You also mention a vulnerability, but I have assumed you are referring to the 2016 leap second in December. If you are asking about a specific vulnerability, please reply back with more detail and I will see if we have any data for RHEL 3.
I also very strongly recommend that you investigate moving to a later version RHEL (at least RHEL 6) at the earliest possibility, as security issues will not be patched in RHEL 3.
vbr, Mark
Hiya,
As RHEL 3 is unsupported, I regret we do not have specific documentation around the leap second process for that release.
That said, https://access.redhat.com/solutions/1333383 discusses how to configure NTP on RHEL 6 to deliver the leap second. The process should be adaptable for the release you are running.
The vulnerability with some versions of NTP is discussed in https://access.redhat.com/labs/leapsecond/ as Radek has already pointed out.
However, I still strongly recommend that you investigate updating your servers at the earliest opportunity.
Red Hat Enterprise Linux 3 is no longer a supported release. Please upgrade.
However, to answer your first question, you can use the script from https://access.redhat.com/labs/leapsecond/.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
