Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 ntp-4-2-8p12
|
#
1.1.1.6 |
|
29-Sep-2018 |
christos |
--- (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org>
* [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability - fixed stack buffer overflow in the openhost() command-line call of NTPQ/NTPDC <perlinger@ntp.org> * [Sec 3012] noepeer tweaks. <stenn@ntp.org> * [Bug 3521] Fix a logic bug in the INVALIDNAK checks. <stenn@ntp.org> * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, other TrustedBSD platforms - applied patch by Ian Lepore <perlinger@ntp.org> * [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger@ntp.org> - changed interaction with SCM to signal pending startup * [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger@ntp.org> - rework of ntpq 'nextvar()' key/value parsing * [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods) * [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger@ntp.org> - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though * [Bug 3475] modify prettydate() to suppress output of zero time <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3474] Missing pmode in mode7 peer info response <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3471] Check for openssl/[ch]mac.h. HStenn. - add #define ENABLE_CMAC support in configure. HStenn. * [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger@ntp.org> * [Bug 3469] Incomplete string compare [...] in is_refclk_addr <perlinger@ntp.org> - patch by Stephen Friedl * [Bug 3467] Potential memory fault in ntpq [...] <perlinger@ntp.org> - fixed IO redirection and CTRL-C handling in ntq and ntpdc * [Bug 3465] Default TTL values cannot be used <perlinger@ntp.org> * [Bug 3461] refclock_shm.c: clear error status on clock recovery <perlinger@ntp.org> - initial patch by Hal Murray; also fixed refclock_report() trouble * [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph. <stenn@ntp.org> * [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer - According to Brooks Davis, there was only one location <perlinger@ntp.org> * [Bug 3449] ntpq - display "loop" instead of refid [...] <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3445] Symmetric peer won't sync on startup <perlinger@ntp.org> - applied patch by Gerry Garvey * [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey, with modifications New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c. * [Bug 3434] ntpd clears STA_UNSYNC on start <perlinger@ntp.org> - applied patch by Miroslav Lichvar * [Bug 3426] ntpdate.html -t default is 2 seconds. Leonid Evdokimov. * [Bug 3121] Drop root privileges for the forked DNS worker <perlinger@ntp.org> - integrated patch by Reinhard Max * [Bug 2821] minor build issues <perlinger@ntp.org> - applied patches by Christos Zoulas, including real bug fixes * html/authopt.html: cleanup, from <stenn@ntp.org> * ntpd/ntpd.c: DROPROOT cleanup. <stenn@ntp.org> * Symmetric key range is 1-65535. Update docs. <stenn@ntp.org> * html/authentic.html: cleanup, from <stenn@ntp.org>
|
Revision tags: pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 ntp-4-2-8p11
|
#
1.1.1.5 |
|
07-Apr-2018 |
christos |
---
* [Sec 3454] Unauthenticated packet can reset authenticated interleave associations. HStenn. * [Sec 3453] Interleaved symmetric mode cannot recover from bad state. HStenn. * [Sec 3415] Permit blocking authenticated symmetric/passive associations. Implement ippeerlimit. HStenn, JPerlinger. * [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits - initial patch by <stenn@ntp.org>, extended by <perlinger@ntp.org> * [Sec 3412] ctl_getitem(): Don't compare names past NUL. <perlinger@ntp.org> * [Sec 3012] Sybil vulnerability: noepeer support. HStenn, JPerlinger. * [Bug 3457] OpenSSL FIPS mode regression <perlinger@ntp.org> * [Bug 3455] ntpd doesn't use scope id when binding multicast <perlinger@ntp.org> - applied patch by Sean Haugh * [Bug 3452] PARSE driver prints uninitialized memory. <perlinger@ntp.org> * [Bug 3450] Dubious error messages from plausibility checks in get_systime() - removed error log caused by rounding/slew, ensured postcondition <perlinger@ntp.org> * [Bug 3447] AES-128-CMAC (fixes) <perlinger@ntp.org> - refactoring the MAC code, too * [Bug 3441] Validate the assumption that AF_UNSPEC is 0. stenn@ntp.org * [Bug 3439] When running multiple commands / hosts in ntpq... <perlinger@ntp.org> - applied patch by ggarvey * [Bug 3438] Negative values and values > 999 days in... <perlinger@ntp.org> - applied patch by ggarvey (with minor mods) * [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain - applied patch (with mods) by Miroslav Lichvar <perlinger@ntp.org> * [Bug 3435] anchor NTP era alignment <perlinger@ntp.org> * [Bug 3433] sntp crashes when run with -a. <stenn@ntp.org> * [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2" - fixed several issues with hash algos in ntpd, sntp, ntpq, ntpdc and the test suites <perlinger@ntp.org> * [Bug 3424] Trimble Thunderbolt 1024 week millenium bug <perlinger@ntp.org> - initial patch by Daniel Pouzzner * [Bug 3423] QNX adjtime() implementation error checking is wrong <perlinger@ntp.org> * [Bug 3417] ntpq ifstats packet counters can be negative made IFSTATS counter quantities unsigned <perlinger@ntp.org> * [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10 - raised receive buffer size to 1200 <perlinger@ntp.org> * [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static analysis tool. <abe@ntp.org> * [Bug 3405] update-leap.in: general cleanup, HTTPS support. Paul McMath. * [Bug 3404] Fix openSSL DLL usage under Windows <perlinger@ntp.org> - fix/drop assumptions on OpenSSL libs directory layout * [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation - initial patch by timeflies@mail2tor.com <perlinger@ntp.org> * [Bug 3398] tests fail with core dump <perlinger@ntp.org> - patch contributed by Alexander Bluhm * [Bug 3397] ctl_putstr() asserts that data fits in its buffer rework of formatting & data transfer stuff in 'ntp_control.c' avoids unecessary buffers and size limitations. <perlinger@ntp.org> * [Bug 3394] Leap second deletion does not work on ntpd clients - fixed handling of dynamic deletion w/o leap file <perlinger@ntp.org> * [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size - increased mimimum stack size to 32kB <perlinger@ntp.org> * [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 <perlinger@ntp.org> - reverted handling of PPS kernel consumer to 4.2.6 behavior * [Bug 3365] Updates driver40(-ja).html and miscopt.html <abe@ntp.org> * [Bug 3358] Spurious KoD log messages in .INIT. phase. HStenn. * [Bug 3016] wrong error position reported for bad ":config pool" - fixed location counter & ntpq output <perlinger@ntp.org> * [Bug 2900] libntp build order problem. HStenn. * [Bug 2878] Tests are cluttering up syslog <perlinger@ntp.org> * [Bug 2737] Wrong phone number listed for USNO. ntp-bugs@bodosom.net, perlinger@ntp.org * [Bug 2557] Fix Thunderbolt init. ntp-bugs@bodosom.net, perlinger@ntp. * [Bug 948] Trustedkey config directive leaks memory. <perlinger@ntp.org> * Use strlcpy() to copy strings, not memcpy(). HStenn. * Typos. HStenn. * test_ntp_scanner_LDADD needs ntpd/ntp_io.o. HStenn. * refclock_jjy.c: Add missing "%s" to an msyslog() call. HStenn. * Build ntpq and libntpq.a with NTP_HARD_*FLAGS. perlinger@ntp.org * Fix trivial warnings from 'make check'. perlinger@ntp.org * Fix bug in the override portion of the compiler hardening macro. HStenn. * record_raw_stats(): Log entire packet. Log writes. HStenn. * AES-128-CMAC support. BInglis, HStenn, JPerlinger. * sntp: tweak key file logging. HStenn. * sntp: pkt_output(): Improve debug output. HStenn. * update-leap: updates from Paul McMath. * When using pkg-config, report --modversion. HStenn. * Clean up libevent configure checks. HStenn. * sntp: show the IP of who sent us a crypto-NAK. HStenn. * Allow .../N to specify subnet bits for IPs in ntp.keys. HStenn, JPerlinger. * authistrustedip() - use it in more places. HStenn, JPerlinger. * New sysstats: sys_lamport, sys_tsrounding. HStenn. * Update ntp.keys .../N documentation. HStenn. * Distribute testconf.yml. HStenn. * Add DPRINTF(2,...) lines to receive() for packet drops. HStenn. * Rename the configuration flag fifo variables. HStenn. * Improve saveconfig output. HStenn. * Decode restrict flags on receive() debug output. HStenn. * Decode interface flags on receive() debug output. HStenn. * Warn the user if deprecated "driftfile name WanderThreshold" is used. HStenn. * Update the documentation in ntp.conf.def . HStenn. * restrictions() must return restrict flags and ippeerlimit. HStenn. * Update ntpq peer documentation to describe the 'p' type. HStenn. * Rename restrict 'flags' to 'rflags. Use an enum for the values. HStenn. * Provide dump_restricts() for debugging. HStenn. * Use consistent 4th arg type for [gs]etsockopt. JPerlinger. * Some tests might need LIBM. HStenn. * update-leap: Allow -h/--help early. HStenn.
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 ntp-4-2-8p10 pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 ntp-4-2-8p9 pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base ntp-4-2-8p8 ntp-4-2-8p7 ntp-4-2-8p5 ntp-4-2-8p4 ntp-4-2-8p3 ntp-4-2-8p2 ntp-4-2-8
|
#
1.1.1.4 |
|
19-Dec-2014 |
christos |
branches: 1.1.1.4.2; 1.1.1.4.4; 1.1.1.4.6; 1.1.1.4.14; 1.1.1.4.20; Import ntp 4.2.8
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 ntp-2-4-7p404 tls-maxphys-base
|
#
1.1.1.3 |
|
27-Dec-2013 |
christos |
branches: 1.1.1.3.4; import devel ntpd to avoid amplification attacks.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 agc-symver-base netbsd-6-1-RC2 netbsd-6-1-RC1 yamt-pagecache-base8 netbsd-6-0-1-RELEASE yamt-pagecache-base7 matt-nb6-plus-nbase yamt-pagecache-base6 netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base5 yamt-pagecache-base4 netbsd-6-base ntp-4-2-6p5
|
#
1.1.1.2 |
|
31-Jan-2012 |
kardel |
branches: 1.1.1.2.2; 1.1.1.2.6; 1.1.1.2.8; 1.1.1.2.16; Import ntp 4.2.6p5
|
Revision tags: yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231 matt-premerge-20091211 ntp-4-2-6
|
#
1.1.1.1 |
|
13-Dec-2009 |
kardel |
branches: 1.1.1.1.6; Import ntp 4.2.6
|