#
f5f40dd6 |
|
26-May-2024 |
Cy Schubert <cy@FreeBSD.org> |
ntp: Vendor import of ntp-4.2.8p18 MFC: 3 days Merge commit '1f833b3fc9968c3dd7ed79ccf0525ebf16c891ad' into main
|
#
a466cc55 |
|
01-Jun-2023 |
Cy Schubert <cy@FreeBSD.org> |
ntp: import ntp-4.2.8p16 Security: NtpBUg3767, NtpBug3808, NtpBug3807 (CVE-2023-26555) MFC after: immediately
|
#
767173ce |
|
23-Jun-2020 |
Cy Schubert <cy@FreeBSD.org> |
MFV r362565: Update 4.2.8p14 --> 4.2.8p15 Summary: Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC keyid, eventually causing ntpd to run out of memory and fail. The CMAC cleanup from https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby the CMAC data structure was no longer completely removed. MFC after: 3 days Security: NTP Bug 3661
|
#
2d4e511c |
|
04-Mar-2020 |
Cy Schubert <cy@FreeBSD.org> |
MFV r358616: Update ntp-4.2.8p13 --> 4.2.8p14. The advisory can be found at: http://support.ntp.org/bin/view/Main/SecurityNotice#\ March_2020_ntp_4_2_8p14_NTP_Rele No CVEs have been documented yet. MFC after: now Security: http://support.ntp.org/bin/view/Main/NtpBug3610 http://support.ntp.org/bin/view/Main/NtpBug3596 http://support.ntp.org/bin/view/Main/NtpBug3592
|
#
4e1ef62a |
|
20-Aug-2018 |
Xin LI <delphij@FreeBSD.org> |
MFV r338092: ntp 4.2.8p12. Relnotes: yes
|
#
09100258 |
|
28-Feb-2018 |
Xin LI <delphij@FreeBSD.org> |
MFV r330102: ntp 4.2.8p11
|
#
f0574f5c |
|
23-Mar-2017 |
Xin LI <delphij@FreeBSD.org> |
MFV r315791: ntp 4.2.8p10.
|
#
e27abb66 |
|
03-Jun-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r301238: ntp 4.2.8p8. Security: CVE-2016-4957, CVE-2016-4953, CVE-2016-4954 Security: CVE-2016-4955, CVE-2016-4956 Security: FreeBSD-SA-16:24.ntp With hat: so
|
#
4990d495 |
|
27-Apr-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r298691: ntp 4.2.8p7. Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550 Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518 Security: CVE-2016-2519 Security: FreeBSD-SA-16:16.ntp With hat: so
|
#
68ba7e87 |
|
22-Jan-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r294491: ntp 4.2.8p6. Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975 Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978 Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139 Security: CVE-2015-8140, CVE-2015-8158 With hat: so
|
#
3311ff84 |
|
08-Jan-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r293415: ntp 4.2.8p5 Reviewed by: cy, roberto Relnotes: yes Differential Revision: https://reviews.freebsd.org/D4828
|
#
9034852c |
|
22-Oct-2015 |
Gleb Smirnoff <glebius@FreeBSD.org> |
MFV ntp-4.2.8p4 (r289715) Security: VuXML: c4a18a12-77fc-11e5-a687-206a8a720317 Security: CVE-2015-7871 Security: CVE-2015-7855 Security: CVE-2015-7854 Security: CVE-2015-7853 Security: CVE-2015-7852 Security: CVE-2015-7851 Security: CVE-2015-7850 Security: CVE-2015-7849 Security: CVE-2015-7848 Security: CVE-2015-7701 Security: CVE-2015-7703 Security: CVE-2015-7704, CVE-2015-7705 Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner Sponsored by: Nginx, Inc.
|
#
276da39a |
|
05-Jul-2015 |
Cy Schubert <cy@FreeBSD.org> |
MFV ntp-4.2.8p3 (r284990). Approved by: roberto, delphij Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0 Security: http://bugs.ntp.org/show_bug.cgi?id=2853 Security: https://www.kb.cert.org/vuls/id/668167 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
|
#
2b15cb3d |
|
30-Mar-2015 |
Cy Schubert <cy@FreeBSD.org> |
MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284) Thanks to roberto for providing pointers to wedge this into HEAD. Approved by: roberto
|
#
a2b8f1cb |
|
14-Jan-2015 |
Hiren Panchasara <hiren@FreeBSD.org> |
ntpd tries to bind to IPv6 interfaces in 'tentative' state and fails as IPv6 is actually disabled. Fix it by making ntpd ignore such interfaces. Submitted by: ume Reviewed by: bz, gnn MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D1527 |
#
359f2b46 |
|
08-Jan-2015 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Correct comparison of IPv6 wildcard address. MFC after: 3 days |
#
a9b39478 |
|
28-Jun-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Compare port numbers correctly. They are stored by SRCPORT() in host byte order, so we need to compare them as such. Properly compare IPv6 addresses as well. This allows the, by default, 8 badaddrs slots per address family to work correctly and only print sendto() errors once. The change is no longer applicable to any latest upstream versions. Approved by: roberto Sponsored by: Sandvine Incorporated MFC after: 1 week |
#
541ab6a6 |
|
29-May-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
The argument to setsockopt for IP_MULTICAST_LOOP depends on operating system and is decided upon by configure and could be an u_int or a u_char. For FreeBSD it is a u_char. For IPv6 however RFC 3493, 5.2 defines the argument to IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always use that using a second variable for the IPV6 case. This is to get rid of these error messages every 5 minutes on some systems: ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument on socket 22, addr fe80::... for multicast address ff02::101 While here also fix the copy&paste error in the log message for IPV6_MULTICAST_LOOP. Reviewed by: roberto Sponsored by: The FreeBSD Foundation Sponsored by: iXsystems MFC after: 10 days Filed as: Bug 1936 on ntp.org |
#
eb6d21b4 |
|
15-Dec-2009 |
Ollivier Robert <roberto@FreeBSD.org> |
Merge 4.2.4p8 into contrib (r200452 & r200454). Subversion is being difficult here so take a hammer and get it in. MFC after: 2 weeks Security: CVE-2009-3563
|
#
0fa2c497 |
|
01-Dec-2009 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Don't try to bind to an anycast addeess. The KAME IPv6 stack doesn't allow bind to an anycast addeess. It does away with an annoying message. Reviewed by: bz, roberto MFC after: 2 weeks |
#
ea906c41 |
|
22-Aug-2008 |
Ollivier Robert <roberto@FreeBSD.org> |
Merge ntpd & friends 4.2.4p5 from vendor/ntp/dist into head. Next commit will update usr.sbin/ntp to match this. MFC after: 2 weeks
|
#
cce65f43 |
|
17-Aug-2008 |
Ollivier Robert <roberto@FreeBSD.org> |
Flatten the dist and various 4.n.n trees in preparation of future ntp imports. |
#
9c2daa00 |
|
20-Jul-2004 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.2.0 |
#
ce265a54 |
|
29-Oct-2002 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.1.1a |
#
224ba2bd |
|
29-Aug-2001 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.1.0 |
#
1c809460 |
|
03-Mar-2000 |
Ollivier Robert <roberto@FreeBSD.org> |
Fix potential alignement problems on Alpha + IPv6. This is done on the vendor branch to avoid spamming the tree. It has been sent to the NTP maintainers already. Submitted by: shin |
#
a151a66c |
|
28-Jan-2000 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.0.99b |
#
c0b746e5 |
|
09-Dec-1999 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.0.98f |
#
a466cc55 |
|
01-Jun-2023 |
Cy Schubert <cy@FreeBSD.org> |
ntp: import ntp-4.2.8p16 Security: NtpBUg3767, NtpBug3808, NtpBug3807 (CVE-2023-26555) MFC after: immediately
|
#
767173ce |
|
23-Jun-2020 |
Cy Schubert <cy@FreeBSD.org> |
MFV r362565: Update 4.2.8p14 --> 4.2.8p15 Summary: Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC keyid, eventually causing ntpd to run out of memory and fail. The CMAC cleanup from https://bugs.ntp.org/3447, part of ntp-4.2.8p11, introduced a bug whereby the CMAC data structure was no longer completely removed. MFC after: 3 days Security: NTP Bug 3661
|
#
2d4e511c |
|
04-Mar-2020 |
Cy Schubert <cy@FreeBSD.org> |
MFV r358616: Update ntp-4.2.8p13 --> 4.2.8p14. The advisory can be found at: http://support.ntp.org/bin/view/Main/SecurityNotice#\ March_2020_ntp_4_2_8p14_NTP_Rele No CVEs have been documented yet. MFC after: now Security: http://support.ntp.org/bin/view/Main/NtpBug3610 http://support.ntp.org/bin/view/Main/NtpBug3596 http://support.ntp.org/bin/view/Main/NtpBug3592
|
#
4e1ef62a |
|
20-Aug-2018 |
Xin LI <delphij@FreeBSD.org> |
MFV r338092: ntp 4.2.8p12. Relnotes: yes
|
#
09100258 |
|
28-Feb-2018 |
Xin LI <delphij@FreeBSD.org> |
MFV r330102: ntp 4.2.8p11
|
#
f0574f5c |
|
23-Mar-2017 |
Xin LI <delphij@FreeBSD.org> |
MFV r315791: ntp 4.2.8p10.
|
#
e27abb66 |
|
03-Jun-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r301238: ntp 4.2.8p8. Security: CVE-2016-4957, CVE-2016-4953, CVE-2016-4954 Security: CVE-2016-4955, CVE-2016-4956 Security: FreeBSD-SA-16:24.ntp With hat: so
|
#
4990d495 |
|
27-Apr-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r298691: ntp 4.2.8p7. Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550 Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518 Security: CVE-2016-2519 Security: FreeBSD-SA-16:16.ntp With hat: so
|
#
68ba7e87 |
|
22-Jan-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r294491: ntp 4.2.8p6. Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975 Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978 Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139 Security: CVE-2015-8140, CVE-2015-8158 With hat: so
|
#
3311ff84 |
|
08-Jan-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r293415: ntp 4.2.8p5 Reviewed by: cy, roberto Relnotes: yes Differential Revision: https://reviews.freebsd.org/D4828
|
#
9034852c |
|
22-Oct-2015 |
Gleb Smirnoff <glebius@FreeBSD.org> |
MFV ntp-4.2.8p4 (r289715) Security: VuXML: c4a18a12-77fc-11e5-a687-206a8a720317 Security: CVE-2015-7871 Security: CVE-2015-7855 Security: CVE-2015-7854 Security: CVE-2015-7853 Security: CVE-2015-7852 Security: CVE-2015-7851 Security: CVE-2015-7850 Security: CVE-2015-7849 Security: CVE-2015-7848 Security: CVE-2015-7701 Security: CVE-2015-7703 Security: CVE-2015-7704, CVE-2015-7705 Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner Sponsored by: Nginx, Inc.
|
#
276da39a |
|
05-Jul-2015 |
Cy Schubert <cy@FreeBSD.org> |
MFV ntp-4.2.8p3 (r284990). Approved by: roberto, delphij Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0 Security: http://bugs.ntp.org/show_bug.cgi?id=2853 Security: https://www.kb.cert.org/vuls/id/668167 Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
|
#
2b15cb3d |
|
30-Mar-2015 |
Cy Schubert <cy@FreeBSD.org> |
MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284) Thanks to roberto for providing pointers to wedge this into HEAD. Approved by: roberto
|
#
a2b8f1cb |
|
14-Jan-2015 |
Hiren Panchasara <hiren@FreeBSD.org> |
ntpd tries to bind to IPv6 interfaces in 'tentative' state and fails as IPv6 is actually disabled. Fix it by making ntpd ignore such interfaces. Submitted by: ume Reviewed by: bz, gnn MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D1527 |
#
359f2b46 |
|
08-Jan-2015 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Correct comparison of IPv6 wildcard address. MFC after: 3 days |
#
a9b39478 |
|
28-Jun-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Compare port numbers correctly. They are stored by SRCPORT() in host byte order, so we need to compare them as such. Properly compare IPv6 addresses as well. This allows the, by default, 8 badaddrs slots per address family to work correctly and only print sendto() errors once. The change is no longer applicable to any latest upstream versions. Approved by: roberto Sponsored by: Sandvine Incorporated MFC after: 1 week |
#
541ab6a6 |
|
29-May-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
The argument to setsockopt for IP_MULTICAST_LOOP depends on operating system and is decided upon by configure and could be an u_int or a u_char. For FreeBSD it is a u_char. For IPv6 however RFC 3493, 5.2 defines the argument to IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always use that using a second variable for the IPV6 case. This is to get rid of these error messages every 5 minutes on some systems: ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument on socket 22, addr fe80::... for multicast address ff02::101 While here also fix the copy&paste error in the log message for IPV6_MULTICAST_LOOP. Reviewed by: roberto Sponsored by: The FreeBSD Foundation Sponsored by: iXsystems MFC after: 10 days Filed as: Bug 1936 on ntp.org |
#
eb6d21b4 |
|
15-Dec-2009 |
Ollivier Robert <roberto@FreeBSD.org> |
Merge 4.2.4p8 into contrib (r200452 & r200454). Subversion is being difficult here so take a hammer and get it in. MFC after: 2 weeks Security: CVE-2009-3563
|
#
0fa2c497 |
|
01-Dec-2009 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Don't try to bind to an anycast addeess. The KAME IPv6 stack doesn't allow bind to an anycast addeess. It does away with an annoying message. Reviewed by: bz, roberto MFC after: 2 weeks |
#
ea906c41 |
|
22-Aug-2008 |
Ollivier Robert <roberto@FreeBSD.org> |
Merge ntpd & friends 4.2.4p5 from vendor/ntp/dist into head. Next commit will update usr.sbin/ntp to match this. MFC after: 2 weeks
|
#
cce65f43 |
|
17-Aug-2008 |
Ollivier Robert <roberto@FreeBSD.org> |
Flatten the dist and various 4.n.n trees in preparation of future ntp imports. |
#
9c2daa00 |
|
20-Jul-2004 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.2.0 |
#
ce265a54 |
|
29-Oct-2002 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.1.1a |
#
224ba2bd |
|
29-Aug-2001 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.1.0 |
#
1c809460 |
|
03-Mar-2000 |
Ollivier Robert <roberto@FreeBSD.org> |
Fix potential alignement problems on Alpha + IPv6. This is done on the vendor branch to avoid spamming the tree. It has been sent to the NTP maintainers already. Submitted by: shin |
#
a151a66c |
|
28-Jan-2000 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.0.99b |
#
c0b746e5 |
|
09-Dec-1999 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.0.98f |
#
a2b8f1cb |
|
14-Jan-2015 |
Hiren Panchasara <hiren@FreeBSD.org> |
ntpd tries to bind to IPv6 interfaces in 'tentative' state and fails as IPv6 is actually disabled. Fix it by making ntpd ignore such interfaces. Submitted by: ume Reviewed by: bz, gnn MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D1527
|
#
359f2b46 |
|
08-Jan-2015 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Correct comparison of IPv6 wildcard address. MFC after: 3 days
|
#
a9b39478 |
|
28-Jun-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Compare port numbers correctly. They are stored by SRCPORT() in host byte order, so we need to compare them as such. Properly compare IPv6 addresses as well. This allows the, by default, 8 badaddrs slots per address family to work correctly and only print sendto() errors once. The change is no longer applicable to any latest upstream versions. Approved by: roberto Sponsored by: Sandvine Incorporated MFC after: 1 week
|
#
541ab6a6 |
|
29-May-2011 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
The argument to setsockopt for IP_MULTICAST_LOOP depends on operating system and is decided upon by configure and could be an u_int or a u_char. For FreeBSD it is a u_char. For IPv6 however RFC 3493, 5.2 defines the argument to IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always use that using a second variable for the IPV6 case. This is to get rid of these error messages every 5 minutes on some systems: ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument on socket 22, addr fe80::... for multicast address ff02::101 While here also fix the copy&paste error in the log message for IPV6_MULTICAST_LOOP. Reviewed by: roberto Sponsored by: The FreeBSD Foundation Sponsored by: iXsystems MFC after: 10 days Filed as: Bug 1936 on ntp.org
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
49040676 |
|
15-Dec-2009 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
MFC r199995: Don't try to bind to an anycast address. The KAME IPv6 stack doesn't allow bind to an anycast address. It does away with an annoying message.
|
#
0fa2c497 |
|
01-Dec-2009 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
Don't try to bind to an anycast addeess. The KAME IPv6 stack doesn't allow bind to an anycast addeess. It does away with an annoying message. Reviewed by: bz, roberto MFC after: 2 weeks
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
9c2daa00 |
|
20-Jul-2004 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.2.0
|
#
ce265a54 |
|
29-Oct-2002 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.1.1a
|
#
224ba2bd |
|
29-Aug-2001 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.1.0
|
#
1c809460 |
|
03-Mar-2000 |
Ollivier Robert <roberto@FreeBSD.org> |
Fix potential alignement problems on Alpha + IPv6. This is done on the vendor branch to avoid spamming the tree. It has been sent to the NTP maintainers already. Submitted by: shin
|
#
a151a66c |
|
28-Jan-2000 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.0.99b
|
#
c0b746e5 |
|
09-Dec-1999 |
Ollivier Robert <roberto@FreeBSD.org> |
Virgin import of ntpd 4.0.98f
|