Leap second check on redhat linux 3

Latest response

How can we check leap second vulnerability for rhel3, Please suggest me here what step i need to follow to check the leap second vulnerability and remediation steps.

Responses

Hi Mavendra,

Regrettably, I must preface this with the statement that Red Hat Enterprise Linux 3 is no longer within support. If you have an exception to this process, then you should address it through your account manager. Please review https://access.redhat.com/support/policy/updates/errata/ for reference.

That said, there are a few options for you. https://access.redhat.com/solutions/1462333 discusses common leap second scenarios https://access.redhat.com/articles/15145 discusses how the leap second mechanism works and gives some examples of the files used to configure the process.

If you are not using NTP, then you will need to manually insert a new timezone file that includes the leap second. I cannot recommend strongly enough the need to test this on a development server.

You also mention a vulnerability, but I have assumed you are referring to the 2016 leap second in December. If you are asking about a specific vulnerability, please reply back with more detail and I will see if we have any data for RHEL 3.

I also very strongly recommend that you investigate moving to a later version RHEL (at least RHEL 6) at the earliest possibility, as security issues will not be patched in RHEL 3.

vbr, Mark

Hi Mark,

I am using ntpd service in my server, how can i resolve this leap second issue.

//bharat

Hiya,

As RHEL 3 is unsupported, I regret we do not have specific documentation around the leap second process for that release.

That said, https://access.redhat.com/solutions/1333383 discusses how to configure NTP on RHEL 6 to deliver the leap second. The process should be adaptable for the release you are running.

The vulnerability with some versions of NTP is discussed in https://access.redhat.com/labs/leapsecond/ as Radek has already pointed out.

However, I still strongly recommend that you investigate updating your servers at the earliest opportunity.

Hi Mark, I m try to run the script which is provided by redhat, which is saying tzdata package need to updated before the leap second insertion of june 2015, but here i want to fix for 2016.

Hi Mark, My servers are sync with a ntp server, and my server will be affected if my ntp server have issue. Can you please confirm whether 2.4.21-4.ELsmp kernal version is affected with this bug or not?

Thanks Bharat

To quote Mark: "As RHEL 3 is unsupported, I regret we do not have specific documentation around the leap second process for that release." So, your question regarding your system cannot be answered.

You'll have to adapt the process that was linked on your own.

Red Hat Enterprise Linux 3 is no longer a supported release. Please upgrade.

However, to answer your first question, you can use the script from https://access.redhat.com/labs/leapsecond/.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.