Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

ntp-4.2.8p13-lp150.8.1 RPM for ppc64le

From OpenSuSE Ports Leap 15.0 updates for ppc64le

Name: ntp Distribution: openSUSE Leap 15.0
Version: 4.2.8p13 Vendor: openSUSE
Release: lp150.8.1 Build date: Wed Mar 27 14:17:06 2019
Group: Productivity/Networking/Other Build host: obs-power8-06
Size: 3310421 Source RPM: ntp-4.2.8p13-lp150.8.1.src.rpm
Summary: Network Time Protocol daemon (version 4)
The Network Time Protocol (NTP) is used to synchronize the time of a
computer client or server to another server or reference time source,
such as a radio, satellite receiver, or modem.

Ntpd is an operating system daemon that sets and maintains the system
time-of-day synchronized with Internet standard time servers.




(MIT and BSD-3-Clause and BSD-4-Clause) and GPL-2.0


* Mon Mar 11 2019 Reinhard Max <>
  - Update ro 4.2.8p13
    * CVE-2019-8936, bsc#1128525: Crafted null dereference attack in
      authenticated mode 6 packet.
    * Fix several bugs in the BANCOMM reclock driver.
    * Fix ntp_loopfilter.c snprintf compilation warnings.
    * Fix spurious initgroups() error message.
    * Fix STA_NANO struct timex units.
    * Fix GPS week rollover in libparse.
    * Fix incorrect poll interval in packet.
    * Add a missing check for ENABLE_CMAC.
* Tue Sep 11 2018
  - Update to 4.2.8p12 (bsc#1111853):
    * CVE-2018-12327, bsc#1098531: fixed stack buffer overflow in
      the openhost() command-line call of NTPQ/NTPDC.
    * Add further tweaks to improve the fix for CVE-2018-7170,
    * ntp-usrgrp-resolver.patch was integrated upstream.
  - Don't run autoreconf anymore and remove all related hacks and
* Tue Apr 24 2018
  - Refactor the key handling in %post so that it does not overwrite
    user settings (bsc#1036505) and is more robust against ignored
    SIGPIPE (bsc#1090564).
* Sun Mar 18 2018
  - change example statsdir in ntp.conf to /var/log/ntpstats/ to match
    the AppArmor profile (boo#1076247)
* Wed Feb 28 2018
  - Update to 4.2.8p11 (bsc#1082210):
    * CVE-2016-1549: Sybil vulnerability: ephemeral association
      attack. While fixed in ntp-4.2.8p7, there are significant
      additional protections for this issue in 4.2.8p11.
    * CVE-2018-7182, bsc#1083426: ctl_getitem(): buffer read overrun
      leads to undefined behavior and information leak.
    * CVE-2018-7170, bsc#1083424: Multiple authenticated ephemeral
    * CVE-2018-7184, bsc#1083422: Interleaved symmetric mode cannot
      recover from bad state.
    * CVE-2018-7185, bsc#1083420: Unauthenticated packet can reset
      authenticated interleaved association.
    * CVE-2018-7183, bsc#1083417: ntpq:decodearr() can write beyond
      its buffer limit.
    * Obsoletes these patches: ntp-sntp-a.patch, ntp-warnings.patch
  - Remove dead code from conf.start-ntpd (bsc#1082063).
  - Don't use libevent's cached time stamps in sntp.
    (bsc#1077445, ntp-sntp-libevent.patch)
* Thu Dec 21 2017
  - Add ntp-reproducible.patch to make build reproducible (boo#1047218)
* Tue Dec 19 2017
  - Restart nptd if failed or aborted (FATE#315133).
  - Do not try to set the HW clock when adding a server at runtime
    to avoid blocking systemd.
* Thu Nov 23 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Thu Apr 06 2017
  - Enable experimental leap smearing (fate#321003).
    See /usr/share/doc/packages/ntp/README.leapsmear for details.
* Thu Apr 06 2017
  - Fix spelling and default values in conf.sysconfig.ntp
* Wed Mar 22 2017
  - Update to 4.2.8p10 (bsc#1030050):
    * Sec 3389 / CVE-2017-6464 / VU#325339: NTP-01-016 NTP:
      Denial of Service via Malformed Config
    * Sec 3388 / CVE-2017-6462 / VU#325339: NTP-01-014 NTP:
      Buffer Overflow in DPTS Clock
    * Sec 3387 / CVE-2017-6463 / VU#325339: NTP-01-012 NTP:
      Authenticated DoS via Malicious Config Option
    * Sec 3386: NTP-01-011 NTP:
      ntpq_stripquotes() returns incorrect Value
    * Sec 3385: NTP-01-010 NTP:
      ereallocarray()/eallocarray() underused
    * Sec 3381: NTP-01-006 NTP: Copious amounts of Unused Code
    * Sec 3380: NTP-01-005 NTP: Off-by-one in Oncore GPS Receiver
    * Sec 3379 / CVE-2017-6458 / VU#325339: NTP-01-004 NTP:
      Potential Overflows in ctl_put() functions
    * Sec 3378 / CVE-2017-6451 / VU#325339: NTP-01-003
      Improper use of snprintf() in mx4200_send()
    * Sec 3377 / CVE-2017-6460 / VU#325339: NTP-01-002
      Buffer Overflow in ntpq when fetching reslist
    * Sec 3376: NTP-01-001 Makefile does not enforce Security Flags
    * Sec 3361 / CVE-2016-9042 / VU#325339: 0rigin (zero origin) DoS.
    * [Bug 3393] clang scan-build findings
    * [Bug 3363] Support for openssl-1.1.0 without compatibility modes
    * [Bug 3356] Bugfix 3072 breaks multicastclient
    * [Bug 3173] forking async worker: interrupted pipe I/O
    * [Bug 3139] (...) time_pps_create: Exec format error
    * [Bug 3107] Incorrect Logic for Peer Event Limiting
    * [Bug 3062] Change the process name of forked DNS worker
    * [Bug 2923] Trap Configuration Fail
    * [Bug 2896] Nothing happens if minsane < maxclock < minclock
    * [Bug 2851] allow -4/-6 on restrict line with mask
    * [Bug 2645] out-of-bound pointers in ctl_putsys and decode_bitflags
  - Removed patches:
    * ntp-openssl-version.patch: fixed upstream
    * ntp-processname.patch: accepted upstream
    * ntp-trap.patch: accepted upstream
    * ntp-unbreak-multicast.patch: fixed upstream
  - Remove spurious log messages (bsc#1014172, ntp-warnings.patch).
* Fri Mar 10 2017
  - Fix a problem with multicast clients.
    (bsc#1018940, ntp-unbreak-multicast.patch)
* Tue Feb 21 2017
  - Move ntp-kod to /var/lib/ntp, because /var/db is not a
    standard directory and causes problems for transactional updates
* Tue Jan 17 2017
  - Remove 50-ntp.list (bsc#1011919).
  - Use system-wide libevent instead of local copy.
* Mon Nov 28 2016
  - Simplify ntpd's search for its own executable to prevent AppArmor
    warnings (bsc#956365, ntp-pathfind.patch).
* Mon Nov 21 2016
  - Update to 4.2.8p9:
    * CVE-2016-9311: Trap crash.
    * CVE-2016-9310: Mode 6 unauthenticated trap information
      disclosure and DDoS vector.
    * CVE-2016-7427: Broadcast Mode Replay Prevention DoS.
    * CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS.
    * CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp
    * CVE-2016-7434: Null pointer dereference in
    * CVE-2016-7429: Interface selection attack.
    * CVE-2016-7426: Client rate limiting and server responses.
    * CVE-2016-7433: Reboot sync calculation problem.
    * Fix a spurious error message (obsoletes ntp-sigchld.patch).
    * Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.
  - Fix a regression in "trap" (bsc#981252, ntp-trap.patch).
  - Reduce the number of netlink groups to listen on for changes to
    the local network setup (bsc#992606, ntp-netlink.patch).
  - Fix segfault in "sntp -a" (bnc#1009434, ntp-sntp-a.patch).
  - Silence an OpenSSL version warning (bsc#992038,
* Wed Oct 05 2016
  - Depend on pps-tools-devel only for openSUSE > 13.2
* Thu Aug 25 2016
  - Make the resolver task change user and group IDs to the same
    values as the main task. (bnc#988028, ntp-usrgrp-resolver.patch)
* Tue Jun 07 2016
  - Keep the parent process alive until the daemon has finished
    initialisation, to make sure that the PID file exists when the
    parent returns (ntp-daemonize.patch).
  - Update to 4.2.8p8 (bsc#982056):
    * CVE-2016-4953, bsc#982065: Bad authentication demobilizes
      ephemeral associations.
    * CVE-2016-4954, bsc#982066: Processing spoofed server packets.
    * CVE-2016-4955, bsc#982067: Autokey association reset.
    * CVE-2016-4956, bsc#982068: Broadcast interleave.
    * CVE-2016-4957, bsc#982064: CRYPTO_NAK crash.
  - Change the process name of the forking DNS worker process to
    avoid the impression that ntpd is started twice.
    (bsc#979302, ntp-processname.patch).
  - Don't ignore SIGCHILD because it breaks wait()
    (boo#981422, ntp-sigchld.patch).
  - ntp-wait does not accept fractional seconds, so use 1 instead of
    0.2 in ntp-wait.service (boo#979981).
  - Separate the creation of ntp.keys and key #1 in it to avoid
    problems when upgrading installations that have the file, but
    no key #1, which is needed e.g. by "rcntp addserver".
  - Fix the TZ offset output of sntp during DST.
    (bsc#951559, ntp-sntp-dst.patch)
  - Add /var/db/ntp-kod (bsc#916617).
  - Add ntp-ENOBUFS.patch to limit a warning that might happen
    quite a lot on loaded systems (bsc#956773).
  - Don't wait for 11 minutes to restart ntpd when it has died
* Wed May 04 2016
  - Update to 4.2.8p7 (bsc#977446):
    * CVE-2016-1547, bsc#977459:
      Validate crypto-NAKs, AKA: CRYPTO-NAK DoS.
    * CVE-2016-1548, bsc#977461: Interleave-pivot
    * CVE-2016-1549, bsc#977451:
      Sybil vulnerability: ephemeral association attack.
    * CVE-2016-1550, bsc#977464: Improve NTP security against buffer
      comparison timing attacks.
    * CVE-2016-1551, bsc#977450:
      Refclock impersonation vulnerability
    * CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig
      directives will cause an assertion botch in ntpd.
    * CVE-2016-2517, bsc#977455: remote configuration trustedkey/
      requestkey/controlkey values are not properly validated.
    * CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7
      causes array wraparound with MATCH_ASSOC.
    * CVE-2016-2519, bsc#977458: ctl_getitem() return value not
      always checked.
    * integrate ntp-fork.patch
    * Improve the fixes for:
      CVE-2015-7704, CVE-2015-7705, CVE-2015-7974
  - Restrict the parser in the startup script to the first
    occurrance of "keys" and "controlkey" in ntp.conf (boo#957226).
  - Depend on pps-tools-devel to provide timepps.h header to enable
    Linux PPSAPI support to make GPS devices usefull. (boo#977563)
* Fri Mar 11 2016
  - CVE-2015-8158, bsc#962966: potential infinite loop in ntpq
  - CVE-2015-8138, bsc#963002: Zero Origin Timestamp Bypass
  - CVE-2015-7978, bsc#963000: Stack exhaustion in recursive
    traversal of restriction list.
  - CVE-2015-7979, bsc#962784: off-path denial of service on
    authenticated broadcast mode
  - CVE-2015-7977, bsc#962970: restriction list NULL pointer
  - CVE-2015-7976, bsc#962802: 'ntpq saveconfig' command allows
    dangerous characters in filenames
  - CVE-2015-7975, bsc#962988: nextvar() missing length check in ntpq
  - CVE-2015-7974, bsc#962960: Missing key check allows impersonation
    between authenticated peers
  - CVE-2015-7973, bsc#962995: replay attack on authenticated
    broadcast mode
  - CVE-2015-5300, bsc#951629: MITM attacker can force ntpd to make
    a step larger than the panic threshold
* Mon Mar 07 2016
  - update to 4.2.8p6
    * fixes low- and medium-severity vulnerabilities
      4.2.8p6: CVE-2015-8158 CVE-2015-8138 CVE-2015-7978
      CVE-2015-7979 CVE-2015-7977 CVE-2015-7976 CVE-2015-7975
      CVE-2015-7974 CVE-2015-7973
      4.2.8p5: CVE-2015-5300
    * bug fixes
* Mon Jan 18 2016
  - Explicitely run /usr/sbin/sntp to synchronize in start-ntpd. When
    run as cron job, /usr/sbin/ is not in the path, which caused the
    synchronization to fail. (boo#962318)
* Fri Nov 06 2015
  - Fix ntp-4.2.6p2-ntpq-speedup-782060.patch to not pick arbitraty
    port numbers (bsc#782060).
* Thu Oct 29 2015
  - Update to 4.2.8p4 to fix several security issues (bsc#951608):
    * CVE-2015-7871: NAK to the Future: Symmetric association
      authentication bypass via crypto-NAK
    * CVE-2015-7855: decodenetnum() will ASSERT botch instead of
      returning FAIL on some bogus values
    * CVE-2015-7854: Password Length Memory Corruption Vulnerability
    * CVE-2015-7853: Invalid length data provided by a custom
      refclock driver could cause a buffer overflow
    * CVE-2015-7852 ntpq atoascii() Memory Corruption Vulnerability
    * CVE-2015-7851 saveconfig Directory Traversal Vulnerability
    * CVE-2015-7850 remote config logfile-keyfile
    * CVE-2015-7849 trusted key use-after-free
    * CVE-2015-7848 mode 7 loop counter underrun
    * CVE-2015-7701 Slow memory leak in CRYPTO_ASSOC
    * CVE-2015-7703 configuration directives "pidfile" and
      "driftfile" should only be allowed locally
    * CVE-2015-7704, CVE-2015-7705 Clients that receive a KoD should
      validate the origin timestamp field
    * CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Incomplete autokey
      data packet length checks
    * obsoletes ntp-memlock.patch.
  - Add a controlkey line to /etc/ntp.conf if one does not already
    exist, to allow runtime configuration via ntpq.
  - Use SHA1 instead of MD5 for symmetric keys (bsc#905885).
  - Improve runtime configuration:
    * Read keytype from ntp.conf
    * Don't write ntp keys to syslog.
  - Fix legacy action scripts to pass on command line arguments.
  - Remove ntp.1.gz, it wasn't installed anymore.
  - Remove ntp-4.2.7-rh-manpages.tar.gz and only keep ntptime.8.gz.
    The rest is partially irrelevant, partially redundant and
    potentially outdated (bsc#942587).
  - Remove "kod" from the restrict line in ntp.conf (bsc#944300).
* Fri Sep 04 2015
  - Add "addserver" as a new legacy action.
  - Fix the comment regarding addserver in ntp.conf (bnc#910063).
* Thu Aug 13 2015
  - Use ntpq instead of deprecated ntpdc in start-ntpd (bnc#936327).
  - Add a controlkey to ntp.conf to make the above work.
  - Don't let "keysdir" lines in ntp.conf trigger the "keys" parser.
  - Disable mode 7 (ntpdc) again, now that we don't use it anymore.
* Thu Jul 16 2015
  - Update to version 4.2.8p3 which incorporates all security fixes
    and most other patches we have so far (fate#319040).
    More information on:
  - Disable chroot by default (bnc#926510).
  - Enable ntpdc for backwards compatibility (bnc#920238).
* Tue Apr 07 2015
  - update to 4.2.8p2
    * fixes CVE-2015-1798, CVE-2015-1799 (medium-severity
      vulnerabilities involving private key authentication)
    * bug fixes and enhancements
    * New script: update-leap
* Fri Mar 27 2015
  - /bin/logger is needed for runtime configuration (bnc#924451).
* Mon Mar 16 2015
  - update to 4.2.8p1
    * fixes CVE-2014-9297, CVE-2014-9298
    * over 30 bugfixes and improvements
  - update to 4.2.8
    * fixes CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
    * changed Internal NTP Era counters
    * ntpdc responses disabled by default
    * over 1100 issues resolved between the 4.2.6 branch and 4.2.8
  - adjusted patches to fit 4.2.8p1:
    ntp-segfault_on_invalid_device.patch bnc#506908.diff MOD_NANO.diff
  - removed obsolete / now-in-upstream patches:
    ntpd-maxmonmen.patch ntp-code-cleanup.patch ntp-sntp-recverr.patch
    bnc#817893.patch ntp-CVE-2014-9295.patch ntp-CVE-2014-9296.patch
  - changes to spec file:
    * added --datadir (for private perl module needed by ntp scripts)
      and --html-dir (html docs now get installed by "make install")
      to configure options
    * script ntp-wait has moved in source tree
* Mon Mar 16 2015
  - *.service: Do not start ntpd when running on containers
    or when CAP_SYS_TIME was dropped from the default capability
    set ( see SYSTEMD-SYSTEM.CONF(5) for details)
* Sun Mar 08 2015
  - Explicitely run /usr/sbin/sntp to synchronize in start-ntpd. When
    run as cron job, /usr/sbin/ is not in the path, which caused the
    synchronization to fail. (boo#901751)
* Wed Jan 21 2015
  - Add ntp.NetworkManager: install NetworkManager dipatcher hook:
    if the DHCP Server delivers NTP Servers, accept those and
    configure NTP using the information (boo#900982).
* Sun Jan 04 2015
  - Enable avahi support
* Fri Dec 19 2014
  - bnc#910764: VU#852879 ntp security fixes
    * A potential remote code execution problem was found inside
      ntpd. The functions crypto_recv() (when using autokey
      authentication), ctl_putdata(), and configure() where updated
      to avoid buffer overflows that could be
      exploited. (CVE-2014-9295)
    * Furthermore a problem inside the ntpd error handling was found
      that is missing a return statement. This could also lead to a
      potentially attack vector. (CVE-2014-9296)
  - ntp-CVE-2014-9295.patch and ntp-CVE-2014-9296.patch will be
    obsoleted by the upcoming update to version 4.2.8.
* Tue Dec 02 2014
  - fix typo in version check regarding
    /usr/lib/initscripts/legacy-actions to fix build for <= 13.1
* Fri Sep 26 2014
  - Re-enable the ntptimeset legacy init script action (bnc#893406).
* Tue Sep 09 2014
  - conf.ntpd.service: Must run with PrivateTmp set to true
* Tue Jul 15 2014
  - Ensure systemd services conflict with systemd-timesyncd.service
    present in upcoming systemd releases.
* Wed Jun 18 2014
  - Try to fix broken migration from openSUSE-13.1
* Thu Jun 12 2014
  - Forward-port some bugs that got fixed for SLE11 (bnc#831311):
    * bnc#817893
    * bnc#482349
    * bnc#817893.patch
* Thu Jun 05 2014
  - Cleanup with spec cleaner for better readability
  - Remove conditionals for < 12.2 distros as it does not work on
    them anyway.
* Mon May 05 2014
  - fix start-ntpd again: service is now called ntpd, not ntp
* Tue Apr 29 2014
  - Remove /var/run/ntp from the package:
  - Fix Provides/Obsoletes of package aliases.
  - Add /usr/sbin/rc* links.
  - Stay enabled across sysv to systemd migrations (bnc#875490).
* Sat Apr 19 2014
  - fix "start-ntp addserver": start-ntp has no "status" method
* Thu Apr 03 2014
  - Remove empty insserv call whic hhad only caused an error message
  - Correct 50-ntp.list to include ntpd.service
* Mon Mar 31 2014
  - Restart nptd if failed or aborted (FATE#315133)
* Thu Mar 27 2014
  - Service unit files are no executables
* Thu Mar 27 2014
  - Use correct ntp-wait script from source tar ball (bnc#864193)
  - Implement new ntp-wait.service to provide
  - A few cleanups on the new start script of ntpd
* Thu Mar 27 2014
  - Add missing systemd %pre macro
* Tue Mar 04 2014
  - Add systemd configuration and start script
* Fri Feb 14 2014
  - bnc#863815, ntp-sntp-recverr.patch: Get sntp to recognize socket
    errors, so that it skips unreachable destinations immediately
    instead of trying to reach them for more than five minutes
    before finally timing out.
    This patch will probably be obsoleted by the next major upgrade,
    because the current development release takes a different
    approach to get a quick answer from one of the specified servers.
* Mon Jan 20 2014
  - CVE-2013-5211, bnc#857195: restrict query, configuration,
    modification access from world by default. Avoids that ntp can
    be used as a DDoS amplifier.
* Tue Oct 22 2013
  - bnc#838458 ntp start script does not update /var/lib/ntp/etc/localtime file if /etc/localtime is symlink
* Mon Aug 19 2013
  - Build with -DOPENSSL_LOAD_CONF , ntp must respect and use
    the system's openssl configuration.
* Sat Mar 09 2013
  - fix build with automake-1.13
* Thu Feb 28 2013
  - bnc#797351 - ntpd "listen-on" directive support is missing/broken;
    unable to restrict/secure listening IPs
* Tue Feb 26 2013
  - bnc#793012 - NTP default to 'sync time on startup' conflicts with NetworkManager
* Fri Feb 22 2013
  - disable Undisciplined Local Clock in default conf file (bnc#784760)
* Fri Jan 18 2013
  - Speedup ntpq (bnc#782060)
* Thu Jan 17 2013
  - bnc#450196 - ext3 - recovering journal on / on first boot on new kernel/fresh system updates
  - bnc#774553 - ntp initscript: hwclock: With --noadjfile, you must specify either --utc or --localtime
* Fri Dec 14 2012
  - logrotate is not strictly required for operation of ntp so change
    it to Suggested. That way the minimal installation doesn't draw in
    cron and postfix.
* Thu Aug 02 2012
  - Created the correct link to /run/ntp
* Thu Jul 19 2012
  -  Openssl wanted but not properly detected, fixed.
* Wed Jul 04 2012
  - license update: (MIT and BSD-3-Clause and BSD-4-Clause) and GPL-2.0
    Properly categorise licenses and sync with Fedora declaration
* Mon Apr 23 2012
  - bnc#758253 - L3: ntp fails if host has more than 1024 IP-addresses
    ntp#1180 - ntpd won't start with more than 1000 interfaces
* Mon Jan 09 2012
  - Remove superfluous remove of acconfig.h while build.
  - BuildRequire autoconf to avoid implicit dependency for post-11.4 systems.
  - Remove call to suse_update_config macro for post-11.4 systems.
* Mon Jan 09 2012
  - BuildRequire fdupes for post-10.1 systems.
  - Do not call autoreconf for pre-10.2 systems.
* Mon Jan 09 2012
  - Update to version 4.2.6p5.
    - ntpd
    * Updated "nic" and "interface" IPv6 address handling to prevent
      mismatches with localhost [::1] and wildcard [::] which resulted from
      using the address/prefix format (e.g. fe80::/64)
    * Fix orphan mode stratum incorrectly counting to infinity
    * Orphan parent selection metric updated to includes missing ntohl()
    * Non-printable stratum 16 refid no longer sent to ntp
    * Duplicate ephemeral associations suppressed for broadcastclient and
      multicastclient without broadcastdelay
    * Exclude undetermined sys_refid from use in loopback TEST12
    * Exclude MODE_SERVER responses from KoD rate limiting
    * Include root delay in clock_update() sys_rootdisp calculations
    * get_systime() updated to exclude sys_residual offset (which only
      affected bits "below" sys_tick, the precision threshold)
    * sys.peer jitter weighting corrected in sys_jitter calculation
    - ntpq
    * -n option extended to include the billboard "server" column
    * IPv6 addresses in the local column truncated to prevent overruns
  - Update to version 4.2.6p4.
    - Build system
    * Fix checking for struct rtattr
    * Upgrade required version of autogen and libopts for building
      from our source code repository
    - ntpd
    * Back-ported several fixes for Coverity warnings from ntp-dev
    * Fix a rare boundary condition in UNLINK_EXPR_SLIST()
    * Allow "logconfig =allall" configuration directive
    * Bind tentative IPv6 addresses on Linux
    * Correct WWVB/Spectracom driver to timestamp CR instead of LF
    * Improved tally bit handling to prevent incorrect ntpq peer status reports
    * Exclude the Undisciplined Local Clock and ACTS drivers from the initial
      candidate list unless they are designated a "prefer peer"
    * Prevent the consideration of Undisciplined Local Clock or ACTS drivers for
      selection during the 'tos orphanwait' period·
    * Prefer an Orphan Mode Parent over the Undisciplined Local Clock or ACTS
    * Improved support of the Parse Refclock trusttime flag in Meinberg mode
    * Back-port utility routines from ntp-dev: mprintf(), emalloc_zero()
    * Code cleanup in libntpq
    - ntpdc
    * Fix timerstats reporting
    - ntpdate
    * Reduce time required to set clock
    * Allow a timeout greater than 2 seconds
    - sntp
    * Backward incompatible command-line option change:
    - l/--filelog changed -l/--logfile (to be consistent with ntpd)
    - Documentation
    * Update html2man. Fix some tags in the .html files
    * Distribute ntp-wait.html
* Mon Jan 09 2012
  - Remove superfluously used NTPD_PID_NOPREFIX from init script.
  - Refresh patches to apply with no offset.
* Thu Nov 24 2011
  - bnc#730374 - Hardware Clock does not get synchronized
* Wed Nov 23 2011
  - add libtool as buildrequire to avoid implicit dependency
* Thu Oct 27 2011
  - bnc#656509 - don't use --bind on /var/lib/ntp/proc
* Fri Aug 26 2011
  - bnc#699724 - ntpdate was replaced with a dud script
* Wed Jun 01 2011
  - The default timeout for sntp is to long. This can stop booting
  - bnc#689070 - ntp post install script always removes /etc/sysconfig/ntp
  - bnc#688529 - (ntp) ntpq and ntpdc command history broken
  - bnc#695598 - "Started sntp" in /var/log/messages
* Sun May 01 2011
  - fix "rcntp ntptimeset"
    * never try to syncronize with local clocks (127.127.*), which led to
      sntp blocking until timeout elapsed (and probably blocking boot
      sequence for ~5 min per device..)
  - fix DOS line breaks in some doc files
* Tue Apr 26 2011
  - fix/improve init script
    * related to bugzilla 688132
    * "rcntp ntptimeset" could not parse servers from ntp.conf when IP proto
      was specified (server [-4|-6] hostname)
    * "rcntp ntptimeset" is now using ip proto parameter (-4|-6) if it's set in
      NTPD_OPTIONS and skip servers where the opposite proto is defined
* Fri Apr 01 2011
  - replace remove-ntpdate.diff with sed script
  - don't effectively zap existing /etc/sysconfig/ntp
  - while at it, simplify /etc/sysconfig/ntp update
  - improve NTP_PARSE_DEVICE documentation for /etc/sysconfig/ntp
  - refresh all patches with offsets and fuzz
* Thu Feb 03 2011
  - updated the sntp syntax also in our ntpdate script (bnc#658255#c2)
* Tue Jan 04 2011
  - update to version 4.2.6p3
    * main feature, it really ! updates the time, old version was
      miscalculating the offset based on t21 and t34
* Tue Jan 04 2011
  - require $network startup before ntp. This is not enforced via
    $network_fs when no nfs and cifs is enabled
* Tue Dec 14 2010
  - bnc#657194 - compile with --enable-ntp-signd
* Mon Dec 13 2010
  - bnc#658799 - ntp init script makes /proc readonly, blocking login
* Wed Dec 08 2010
  - bnc#658255 - ntpd is not working and sntp complains about unknown options
* Tue Nov 30 2010
  - update to 4.2.6p2
    * Major code clean up.
      1. The protostats statistics files have been very useful in exposing
      little twitches and turns when something hiccups, like a broken PPS
      signal. Most of what used to be syslog messages are now repackaged as
      protostats messages with optional syslog as well.
      2. Close inspection of the clock discipline behavior at long poll
      intervals (36 h) showed it not doing as well as it should.
      3. Autokey. The enhanced error checking was becoming a major pain. A way was found
      to toss out gobs of ugly fat code and replace the function with a much simpler
      and more comprehensive scheme.
      4. The interface code for the kernel PPS signal was not in sync with the
      kernel code itself. Some error checks were duplicated and some ineffective.
      5. The flake restrict bit turned out to be really interesting, especially
      with symmtric modes and of those especially those using Autokey.
    * Documentation updates
  - New old feature: sync time on startup. If not needed NTPD_FORCE_SYNC_ON_STARTUP must
    be set to no in /etc/sysconfig/ntp
* Tue Sep 28 2010
  - Handle /var/run as tmpfs
* Fri Apr 23 2010
  - Set time by starting ntp via ntptimeset
* Fri Apr 09 2010
  - rcntp timeset now gets the time via sntp inmediately
* Sun Mar 21 2010
  - fix read-only mount of proc in chroot
* Thu Mar 18 2010
  - bnc#574885 - XEN is using many network interfaces and stopping and
    restarting XEN instances results in ntpd error "Cannot find existing
    interface for address ...".
* Wed Jan 06 2010
  - enable parallel build
* Wed Dec 09 2009
  - update to ntp-4.2.4p8 to fix bnc#550316 - VUL-0: ntp DoS
  - bnc#557716 - NTP PLL does not converge based on
* Sat Nov 28 2009
  - Also fix multiple mount on multiple "rcntp start" invocations
* Mon Aug 31 2009
  - Really fix the multiple mount bug in ntp init script (bnc#517222)
* Mon Jul 20 2009
  - bnc#517222 – Minor patch for ntp init-script
* Tue Jul 14 2009
  - Add ntp-4.2.4p7-autoconf.patch to fix build failure.
* Fri Jul 10 2009
  - bnc#515629 - NM_ONLINE_TIMEOUT does not work with parallel boot
  - bnc#521044 - ntp init script: /etc/init.d/ntp: line 70: return: can
    only `return' from a function or sourced script
* Fri Jun 19 2009
  - bnc#506908 - ntptrace doesn't work as non root user
  - update to 4.2.4p7:
    * [Sec 1151] Remote exploit if autokey is enabled - CVE-2009-1252.
    * [Bug 1187] Update the copyright date.
    * [Bug 1191] ntpd fails on Win2000 - "Address already in use" after fix for [Sec 1149].
    * -> cleanup.
    * [Bug 1178] Use prior FORCE_DNSRETRY behavior as needed at runtime,
    add configure --enable-ignore-dns-errors to be even more stubborn
    * [Bug 784] Make --enable-linuxcaps the default when available
    * [Bug 1179] error messages for -u/--user and -i lacking droproot
    * Updated JJY reference clock driver from Takao Abe
    * [Bug 1071] Log a message and exit before trying to use FD_SET with a
    descriptor larger than FD_SETSIZE, which will corrupt memory
    * On corruption of the iface list head in add_interface, log and exit
    * [Bug 1172] 4.2.4p7-RC{3,4} fail to build on linux.
    * flock-build script unportable 'set -m' use removed
    * [Bug 1167] use gcc -Winit-self only if it is understood
    * [Bug 787] Bug fixes for 64-bit time_t on Windows
    * [Bug 813] Conditional naming of Event
    * [Bug 1147] System errors should be logged to msyslog()
    * [Bug 1155] Fix compile problem on Windows with VS2005
    * [Bug 1156] lock_thread_to_processor() should be declared in header
    * [Bug 1157] quiet OpenSSL warnings, clean up
    * [Bug 1158] support for aix6.1
    * [Bug 1160] MacOS X is like BSD regarding F_SETOWN
    * [Sec 1144] limited buffer overflow in ntpq.  CVE-2009-0159
    * [Sec 1149] use SO_EXCLUSIVEADDRUSE on Windows
    * [Bug 1131] UDP sockets should not use SIGPOLL on Solaris.
    * build system email address cleanup
    * [Bug 774] parsesolaris.c does not compile under the new Solaris
    * [Bug 873] Windows serial refclock proper TTY line discipline emulation
    * [Bug 1014] Enable building with VC9 (in Visual Studio 2008,
    Visual C++ 2008, or SDK)
    * [Bug 1117] Deferred interface binding under Windows works only correctly
    if FORCE_DNSRETRY is defined
    * [BUG 1124] Lock QueryPerformanceCounter() client threads to same CPU
    * DPRINTF macro made safer, always evaluates to a statement and will not
    misassociate an else which follows the macro.
* Wed May 06 2009
  - bnc#468685 - ntpd causes 16 wakeups per second
* Wed Apr 29 2009
  - bnc#492304 - ntpd man page refers to package xntp-doc (which does not exist)
  - bnc#495496 – ntp misses prereq: /sbin/chkconfig



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Apr 9 12:11:57 2022