-1

What are Leap Seconds?

A leap second is a second which is added to Coordinated Universal Time (UTC) in order to synchronize atomic clocks with astronomical time.

The reason we have to add a second every now and then, is that Earth's rotation around its own axis, is gradually slowing down, although very slowly. Atomic clocks however, are programmed to tick away at pretty much the same speed over millions of years. Compared to the Earth's rotation – which determines the length of a day – the atomic clocks are simply too accurate.

In 2015, a leap second will be added on June 30, 2015 23:59:60 UTC.

Red Hat patch

Red Hat releases patch that should help to care the Leap Second problem:

What are implications if I do not install it? Would that facilitate certain types of attacks on my system?

Steve Dodier-Lazaro
  • 6,798
  • 29
  • 45
Michael
  • 1,457
  • 1
  • 18
  • 36
  • 1
    If you have a specific infosec question regarding this patch, please edit the question to ask it. If not, I think https://superuser.com would be a better site for this question. – Neil Smithline Jun 10 '15 at 15:54
  • Could you please include a link to the CVE and patch, and provide a summary of what the patch does in your question? – Steve Dodier-Lazaro Jun 10 '15 at 17:35
  • I make it clear - please release. – Michael Jun 14 '15 at 14:49
  • @Michael you have provided information on the concept of the leap second, but not any details on the leap second patch. – schroeder Jun 14 '15 at 17:35
  • Added patch info. please release – Michael Jun 15 '15 at 05:37
  • if you look at the patch notes, you will see the issues: https://access.redhat.com/articles/15145#known – schroeder Jun 16 '15 at 15:18
  • I think better to put the article in the answer and to open the question. The question is pretty clear and the answer is: Previous versions of NTP incorrectly changed the system clock instantaneously when a leap second event occurred, despite configuring ntpd with -x. – Michael Jun 23 '15 at 02:41

1 Answers1

1

If you don't install it, and are not running NTP, your system will be one second ahead of the correct time. But in this case your system should already be with incorrect time anyway.

If you are running NTP, your logs can show 23:59:59 twice, something like this:

23:59:59:052549000 UTC
23:59:59:669629000 UTC
23:59:59:873936000 UTC
23:59:59:079184000 UTC
23:59:59:488648000 UTC
23:59:59:896577000 UTC
00:00:00:052378000 UTC

Notice that, even if the log is supposed to be sorted by time, is appears not to be. That's because NTP resyncs the clock and brings back 23:59:59:000000000.

If you install the patch, your logs can show 23:59:60:079184000 on them.

What is the problem? Unless you are running a very time-sensitive system, with strict syncronization requeriments, this is not acceptable.

If it's not the case, you can skip this patch and nothing serious will occur.

ThoriumBR
  • 50,648
  • 13
  • 127
  • 142