MFC r362568:MFV r362565:Update 4.2.8p14 --> 4.2.8p15Summary: Systems that use a CMAC algorithm in ntp.keys will not releasea bit of memory on each packet that uses a CMAC keyid, eventually causingntpd to run out of memory and fail. The CMAC cleanup fromhttps://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug wherebythe CMAC data structure was no longer completely removed.Security: NTP Bug 3661
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.Prune svn:mergeinfo from the new branch, as nothing has been mergedhere.Additional commits post-branch will follow.Approved by: re (implicit)Sponsored by: The FreeBSD Foundation
MFV r293415:ntp 4.2.8p5Reviewed by: cy, robertoRelnotes: yesDifferential Revision: https://reviews.freebsd.org/D4828
MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284)Thanks to roberto for providing pointers to wedge this into HEAD.Approved by: roberto
Virgin import of ntpd 4.2.6p5.When the series of commits is complete, things likehttps://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacksshould be fixed.PR: bin/148836 (except that we import a newer version)Asked by: Too manyMFC after: 2 weeks