SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ntp-4.2.8p10-10.1.i586.rpm :
Thu Dec 21 13:00:00 2017 bwiedemannAATTsuse.com
- Add ntp-reproducible.patch to make build reproducible (boo#1047218)

Tue Dec 19 13:00:00 2017 maxAATTsuse.com
- Restart nptd if failed or aborted (FATE#315133).
- Do not try to set the HW clock when adding a server at runtime
to avoid blocking systemd.

Thu Nov 23 13:00:00 2017 rbrownAATTsuse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)

Thu Apr 6 14:00:00 2017 maxAATTsuse.com
- Enable experimental leap smearing (fate#321003).
See /usr/share/doc/packages/ntp/README.leapsmear for details.

Thu Apr 6 14:00:00 2017 ajAATTajaissle.de
- Fix spelling and default values in conf.sysconfig.ntp

Wed Mar 22 13:00:00 2017 maxAATTsuse.com
- Update to 4.2.8p10 (bsc#1030050):

* Sec 3389 / CVE-2017-6464 / VU#325339: NTP-01-016 NTP:
Denial of Service via Malformed Config

* Sec 3388 / CVE-2017-6462 / VU#325339: NTP-01-014 NTP:
Buffer Overflow in DPTS Clock

* Sec 3387 / CVE-2017-6463 / VU#325339: NTP-01-012 NTP:
Authenticated DoS via Malicious Config Option

* Sec 3386: NTP-01-011 NTP:
ntpq_stripquotes() returns incorrect Value

* Sec 3385: NTP-01-010 NTP:
ereallocarray()/eallocarray() underused

* Sec 3381: NTP-01-006 NTP: Copious amounts of Unused Code

* Sec 3380: NTP-01-005 NTP: Off-by-one in Oncore GPS Receiver

* Sec 3379 / CVE-2017-6458 / VU#325339: NTP-01-004 NTP:
Potential Overflows in ctl_put() functions

* Sec 3378 / CVE-2017-6451 / VU#325339: NTP-01-003
Improper use of snprintf() in mx4200_send()

* Sec 3377 / CVE-2017-6460 / VU#325339: NTP-01-002
Buffer Overflow in ntpq when fetching reslist

* Sec 3376: NTP-01-001 Makefile does not enforce Security Flags

* Sec 3361 / CVE-2016-9042 / VU#325339: 0rigin (zero origin) DoS.

* [Bug 3393] clang scan-build findings

* [Bug 3363] Support for openssl-1.1.0 without compatibility modes

* [Bug 3356] Bugfix 3072 breaks multicastclient

* [Bug 3173] forking async worker: interrupted pipe I/O

* [Bug 3139] (...) time_pps_create: Exec format error

* [Bug 3107] Incorrect Logic for Peer Event Limiting

* [Bug 3062] Change the process name of forked DNS worker

* [Bug 2923] Trap Configuration Fail

* [Bug 2896] Nothing happens if minsane < maxclock < minclock

* [Bug 2851] allow -4/-6 on restrict line with mask

* [Bug 2645] out-of-bound pointers in ctl_putsys and decode_bitflags
- Removed patches:

* ntp-openssl-version.patch: fixed upstream

* ntp-processname.patch: accepted upstream

* ntp-trap.patch: accepted upstream

* ntp-unbreak-multicast.patch: fixed upstream
- Remove spurious log messages (bsc#1014172, ntp-warnings.patch).

Fri Mar 10 13:00:00 2017 maxAATTsuse.com
- Fix a problem with multicast clients.
(bsc#1018940, ntp-unbreak-multicast.patch)

Tue Feb 21 13:00:00 2017 kukukAATTsuse.de
- Move ntp-kod to /var/lib/ntp, because /var/db is not a
standard directory and causes problems for transactional updates
(ntp-move-kod-file.patch)

Tue Jan 17 13:00:00 2017 maxAATTsuse.com
- Remove 50-ntp.list (bsc#1011919).
- Use system-wide libevent instead of local copy.

Mon Nov 28 13:00:00 2016 maxAATTsuse.com
- Simplify ntpd\'s search for its own executable to prevent AppArmor
warnings (bsc#956365, ntp-pathfind.patch).

Mon Nov 21 13:00:00 2016 maxAATTsuse.com
- Update to 4.2.8p9:

* CVE-2016-9311: Trap crash.

* CVE-2016-9310: Mode 6 unauthenticated trap information
disclosure and DDoS vector.

* CVE-2016-7427: Broadcast Mode Replay Prevention DoS.

* CVE-2016-7428: Broadcast Mode Poll Interval Enforcement DoS.

* CVE-2016-7431: Regression: 010-origin: Zero Origin Timestamp
Bypass.

* CVE-2016-7434: Null pointer dereference in
_IO_str_init_static_internal().

* CVE-2016-7429: Interface selection attack.

* CVE-2016-7426: Client rate limiting and server responses.

* CVE-2016-7433: Reboot sync calculation problem.

* Fix a spurious error message (obsoletes ntp-sigchld.patch).

* Other bugfixes, see /usr/share/doc/packages/ntp/ChangeLog.
- Fix a regression in \"trap\" (bsc#981252, ntp-trap.patch).
- Reduce the number of netlink groups to listen on for changes to
the local network setup (bsc#992606, ntp-netlink.patch).
- Fix segfault in \"sntp -a\" (bnc#1009434, ntp-sntp-a.patch).
- Silence an OpenSSL version warning (bsc#992038,
ntp-openssl-version.patch).

Wed Oct 5 14:00:00 2016 guillaumeAATTopensuse.org
- Depend on pps-tools-devel only for openSUSE > 13.2

Thu Aug 25 14:00:00 2016 josef.moellersAATTsuse.com
- Make the resolver task change user and group IDs to the same
values as the main task. (bnc#988028, ntp-usrgrp-resolver.patch)

Tue Jun 7 14:00:00 2016 maxAATTsuse.com
- Keep the parent process alive until the daemon has finished
initialisation, to make sure that the PID file exists when the
parent returns (ntp-daemonize.patch).
- Update to 4.2.8p8 (bsc#982056):

* CVE-2016-4953, bsc#982065: Bad authentication demobilizes
ephemeral associations.

* CVE-2016-4954, bsc#982066: Processing spoofed server packets.

* CVE-2016-4955, bsc#982067: Autokey association reset.

* CVE-2016-4956, bsc#982068: Broadcast interleave.

* CVE-2016-4957, bsc#982064: CRYPTO_NAK crash.
- Change the process name of the forking DNS worker process to
avoid the impression that ntpd is started twice.
(bsc#979302, ntp-processname.patch).
- Don\'t ignore SIGCHILD because it breaks wait()
(boo#981422, ntp-sigchld.patch).
- ntp-wait does not accept fractional seconds, so use 1 instead of
0.2 in ntp-wait.service (boo#979981).
- Separate the creation of ntp.keys and key #1 in it to avoid
problems when upgrading installations that have the file, but
no key #1, which is needed e.g. by \"rcntp addserver\".
- Fix the TZ offset output of sntp during DST.
(bsc#951559, ntp-sntp-dst.patch)
- Add /var/db/ntp-kod (bsc#916617).
- Add ntp-ENOBUFS.patch to limit a warning that might happen
quite a lot on loaded systems (bsc#956773).
- Don\'t wait for 11 minutes to restart ntpd when it has died
(boo#894031).

Wed May 4 14:00:00 2016 maxAATTsuse.com
- Update to 4.2.8p7 (bsc#977446):

* CVE-2016-1547, bsc#977459:
Validate crypto-NAKs, AKA: CRYPTO-NAK DoS.

* CVE-2016-1548, bsc#977461: Interleave-pivot

* CVE-2016-1549, bsc#977451:
Sybil vulnerability: ephemeral association attack.

* CVE-2016-1550, bsc#977464: Improve NTP security against buffer
comparison timing attacks.

* CVE-2016-1551, bsc#977450:
Refclock impersonation vulnerability

* CVE-2016-2516, bsc#977452: Duplicate IPs on unconfig
directives will cause an assertion botch in ntpd.

* CVE-2016-2517, bsc#977455: remote configuration trustedkey/
requestkey/controlkey values are not properly validated.

* CVE-2016-2518, bsc#977457: Crafted addpeer with hmode > 7
causes array wraparound with MATCH_ASSOC.

* CVE-2016-2519, bsc#977458: ctl_getitem() return value not
always checked.

* integrate ntp-fork.patch

* Improve the fixes for:
CVE-2015-7704, CVE-2015-7705, CVE-2015-7974
- Restrict the parser in the startup script to the first
occurrance of \"keys\" and \"controlkey\" in ntp.conf (boo#957226).
- Depend on pps-tools-devel to provide timepps.h header to enable
Linux PPSAPI support to make GPS devices usefull. (boo#977563)

Fri Mar 11 13:00:00 2016 maxAATTsuse.com
- CVE-2015-8158, bsc#962966: potential infinite loop in ntpq
- CVE-2015-8138, bsc#963002: Zero Origin Timestamp Bypass
- CVE-2015-7978, bsc#963000: Stack exhaustion in recursive
traversal of restriction list.
- CVE-2015-7979, bsc#962784: off-path denial of service on
authenticated broadcast mode
- CVE-2015-7977, bsc#962970: restriction list NULL pointer
dereference
- CVE-2015-7976, bsc#962802: \'ntpq saveconfig\' command allows
dangerous characters in filenames
- CVE-2015-7975, bsc#962988: nextvar() missing length check in ntpq
- CVE-2015-7974, bsc#962960: Missing key check allows impersonation
between authenticated peers
- CVE-2015-7973, bsc#962995: replay attack on authenticated
broadcast mode
- CVE-2015-5300, bsc#951629: MITM attacker can force ntpd to make
a step larger than the panic threshold

Mon Mar 7 13:00:00 2016 hskAATTimb-jena.de
- update to 4.2.8p6

* fixes low- and medium-severity vulnerabilities
4.2.8p6: CVE-2015-8158 CVE-2015-8138 CVE-2015-7978
CVE-2015-7979 CVE-2015-7977 CVE-2015-7976 CVE-2015-7975
CVE-2015-7974 CVE-2015-7973
4.2.8p5: CVE-2015-5300

* bug fixes

Mon Jan 18 13:00:00 2016 wbauerAATTtmo.at
- Explicitely run /usr/sbin/sntp to synchronize in start-ntpd. When
run as cron job, /usr/sbin/ is not in the path, which caused the
synchronization to fail. (boo#962318)

Fri Nov 6 13:00:00 2015 maxAATTsuse.com
- Fix ntp-4.2.6p2-ntpq-speedup-782060.patch to not pick arbitraty
port numbers (bsc#782060).

Thu Oct 29 13:00:00 2015 maxAATTsuse.com
- Update to 4.2.8p4 to fix several security issues (bsc#951608):

* CVE-2015-7871: NAK to the Future: Symmetric association
authentication bypass via crypto-NAK

* CVE-2015-7855: decodenetnum() will ASSERT botch instead of
returning FAIL on some bogus values

* CVE-2015-7854: Password Length Memory Corruption Vulnerability

* CVE-2015-7853: Invalid length data provided by a custom
refclock driver could cause a buffer overflow

* CVE-2015-7852 ntpq atoascii() Memory Corruption Vulnerability

* CVE-2015-7851 saveconfig Directory Traversal Vulnerability

* CVE-2015-7850 remote config logfile-keyfile

* CVE-2015-7849 trusted key use-after-free

* CVE-2015-7848 mode 7 loop counter underrun

* CVE-2015-7701 Slow memory leak in CRYPTO_ASSOC

* CVE-2015-7703 configuration directives \"pidfile\" and
\"driftfile\" should only be allowed locally

* CVE-2015-7704, CVE-2015-7705 Clients that receive a KoD should
validate the origin timestamp field

* CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Incomplete autokey
data packet length checks

* obsoletes ntp-memlock.patch.
- Add a controlkey line to /etc/ntp.conf if one does not already
exist, to allow runtime configuration via ntpq.
- Use SHA1 instead of MD5 for symmetric keys (bsc#905885).
- Improve runtime configuration:

* Read keytype from ntp.conf

* Don\'t write ntp keys to syslog.
- Fix legacy action scripts to pass on command line arguments.
- Remove ntp.1.gz, it wasn\'t installed anymore.
- Remove ntp-4.2.7-rh-manpages.tar.gz and only keep ntptime.8.gz.
The rest is partially irrelevant, partially redundant and
potentially outdated (bsc#942587).
- Remove \"kod\" from the restrict line in ntp.conf (bsc#944300).

Fri Sep 4 14:00:00 2015 maxAATTsuse.com
- Add \"addserver\" as a new legacy action.
- Fix the comment regarding addserver in ntp.conf (bnc#910063).

Thu Aug 13 14:00:00 2015 maxAATTsuse.com
- Use ntpq instead of deprecated ntpdc in start-ntpd (bnc#936327).
- Add a controlkey to ntp.conf to make the above work.
- Don\'t let \"keysdir\" lines in ntp.conf trigger the \"keys\" parser.
- Disable mode 7 (ntpdc) again, now that we don\'t use it anymore.

Thu Jul 16 14:00:00 2015 maxAATTsuse.com
- Update to version 4.2.8p3 which incorporates all security fixes
and most other patches we have so far (fate#319040).
More information on:
http://archive.ntp.org/ntp4/ChangeLog-stable
- Disable chroot by default (bnc#926510).
- Enable ntpdc for backwards compatibility (bnc#920238).

Tue Apr 7 14:00:00 2015 hskAATTimb-jena.de
- update to 4.2.8p2

* fixes CVE-2015-1798, CVE-2015-1799 (medium-severity
vulnerabilities involving private key authentication)

* bug fixes and enhancements

* New script: update-leap

Fri Mar 27 13:00:00 2015 maxAATTsuse.com
- /bin/logger is needed for runtime configuration (bnc#924451).

Mon Mar 16 13:00:00 2015 hskAATTimb-jena.de
- update to 4.2.8p1

* fixes CVE-2014-9297, CVE-2014-9298

* over 30 bugfixes and improvements
- update to 4.2.8

* fixes CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296

* changed Internal NTP Era counters

* ntpdc responses disabled by default

* over 1100 issues resolved between the 4.2.6 branch and 4.2.8
- adjusted patches to fit 4.2.8p1:
ntp-segfault_on_invalid_device.patch bnc#506908.diff MOD_NANO.diff
- removed obsolete / now-in-upstream patches:
ntpd-maxmonmen.patch ntp-code-cleanup.patch ntp-sntp-recverr.patch
bnc#817893.patch ntp-CVE-2014-9295.patch ntp-CVE-2014-9296.patch
- changes to spec file:

* added --datadir (for private perl module needed by ntp scripts)
and --html-dir (html docs now get installed by \"make install\")
to configure options

* script ntp-wait has moved in source tree

Mon Mar 16 13:00:00 2015 crrodriguezAATTopensuse.org
-
*.service: Do not start ntpd when running on containers
or when CAP_SYS_TIME was dropped from the default capability
set ( see SYSTEMD-SYSTEM.CONF(5) for details)

Sun Mar 8 13:00:00 2015 wbauerAATTtmo.at
- Explicitely run /usr/sbin/sntp to synchronize in start-ntpd. When
run as cron job, /usr/sbin/ is not in the path, which caused the
synchronization to fail. (boo#901751)

Wed Jan 21 13:00:00 2015 dimstarAATTopensuse.org
- Add ntp.NetworkManager: install NetworkManager dipatcher hook:
if the DHCP Server delivers NTP Servers, accept those and
configure NTP using the information (boo#900982).

Sun Jan 4 13:00:00 2015 mpluskalAATTsuse.com
- Enable avahi support

Fri Dec 19 13:00:00 2014 maxAATTsuse.com
- bnc#910764: VU#852879 ntp security fixes

* A potential remote code execution problem was found inside
ntpd. The functions crypto_recv() (when using autokey
authentication), ctl_putdata(), and configure() where updated
to avoid buffer overflows that could be
exploited. (CVE-2014-9295)

* Furthermore a problem inside the ntpd error handling was found
that is missing a return statement. This could also lead to a
potentially attack vector. (CVE-2014-9296)
- ntp-CVE-2014-9295.patch and ntp-CVE-2014-9296.patch will be
obsoleted by the upcoming update to version 4.2.8.

Tue Dec 2 13:00:00 2014 obsAATTbotter.cc
- fix typo in version check regarding
/usr/lib/initscripts/legacy-actions to fix build for <= 13.1

Fri Sep 26 14:00:00 2014 maxAATTsuse.com
- Re-enable the ntptimeset legacy init script action (bnc#893406).

Tue Sep 9 14:00:00 2014 crrodriguezAATTopensuse.org
- conf.ntpd.service: Must run with PrivateTmp set to true

Tue Jul 15 14:00:00 2014 crrodriguezAATTopensuse.org
- Ensure systemd services conflict with systemd-timesyncd.service
present in upcoming systemd releases.

Wed Jun 18 14:00:00 2014 tchvatalAATTsuse.com
- Try to fix broken migration from openSUSE-13.1

Thu Jun 12 14:00:00 2014 maxAATTsuse.com
- Forward-port some bugs that got fixed for SLE11 (bnc#831311):

* bnc#817893

* bnc#482349

* bnc#817893.patch

Thu Jun 5 14:00:00 2014 tchvatalAATTsuse.com
- Cleanup with spec cleaner for better readability
- Remove conditionals for < 12.2 distros as it does not work on
them anyway.

Mon May 5 14:00:00 2014 seife+obsAATTb1-systems.com
- fix start-ntpd again: service is now called ntpd, not ntp

Tue Apr 29 14:00:00 2014 maxAATTsuse.com
- Remove /var/run/ntp from the package:
http://lists.opensuse.org/opensuse-packaging/2014-04/msg00046.html
- Fix Provides/Obsoletes of package aliases.
- Add /usr/sbin/rc
* links.
- Stay enabled across sysv to systemd migrations (bnc#875490).

Sat Apr 19 14:00:00 2014 seife+obsAATTb1-systems.com
- fix \"start-ntp addserver\": start-ntp has no \"status\" method

Thu Apr 3 14:00:00 2014 wernerAATTsuse.de
- Remove empty insserv call whic hhad only caused an error message
- Correct 50-ntp.list to include ntpd.service

Mon Mar 31 14:00:00 2014 wernerAATTsuse.de
- Restart nptd if failed or aborted (FATE#315133)

Thu Mar 27 13:00:00 2014 wernerAATTsuse.de
- Service unit files are no executables

Thu Mar 27 13:00:00 2014 wernerAATTsuse.de
- Use correct ntp-wait script from source tar ball (bnc#864193)
- Implement new ntp-wait.service to provide time-sync.target
- A few cleanups on the new start script of ntpd

Thu Mar 27 13:00:00 2014 kukukAATTsuse.de
- Add missing systemd %pre macro

Tue Mar 4 13:00:00 2014 varkolyAATTsuse.com
- Add systemd configuration and start script

Fri Feb 14 13:00:00 2014 maxAATTsuse.com
- bnc#863815, ntp-sntp-recverr.patch: Get sntp to recognize socket
errors, so that it skips unreachable destinations immediately
instead of trying to reach them for more than five minutes
before finally timing out.
This patch will probably be obsoleted by the next major upgrade,
because the current development release takes a different
approach to get a quick answer from one of the specified servers.

Mon Jan 20 13:00:00 2014 maxAATTsuse.com
- CVE-2013-5211, bnc#857195: restrict query, configuration,
modification access from world by default. Avoids that ntp can
be used as a DDoS amplifier.

Tue Oct 22 14:00:00 2013 varkolyAATTsuse.com
- bnc#838458 ntp start script does not update /var/lib/ntp/etc/localtime file if /etc/localtime is symlink

Mon Aug 19 14:00:00 2013 crrodriguezAATTopensuse.org
- Build with -DOPENSSL_LOAD_CONF , ntp must respect and use
the system\'s openssl configuration.

Sat Mar 9 13:00:00 2013 seife+obsAATTb1-systems.com
- fix build with automake-1.13

Thu Feb 28 13:00:00 2013 varkolyAATTsuse.com
- bnc#797351 - ntpd \"listen-on\" directive support is missing/broken;
unable to restrict/secure listening IPs

Tue Feb 26 13:00:00 2013 varkolyAATTsuse.com
- bnc#793012 - NTP default to \'sync time on startup\' conflicts with NetworkManager

Fri Feb 22 13:00:00 2013 mhruseckyAATTsuse.cz
- disable Undisciplined Local Clock in default conf file (bnc#784760)

Fri Jan 18 13:00:00 2013 bwiedemannAATTsuse.com
- Speedup ntpq (bnc#782060)
+ntp-4.2.6p2-ntpq-speedup-782060.patch

Thu Jan 17 13:00:00 2013 varkolyAATTsuse.com
- bnc#450196 - ext3 - recovering journal on / on first boot on new kernel/fresh system updates
- bnc#774553 - ntp initscript: hwclock: With --noadjfile, you must specify either --utc or --localtime

Fri Dec 14 13:00:00 2012 lnusselAATTsuse.de
- logrotate is not strictly required for operation of ntp so change
it to Suggested. That way the minimal installation doesn\'t draw in
cron and postfix.

Thu Aug 2 14:00:00 2012 rmilasanAATTsuse.com
- Created the correct link to /run/ntp

Thu Jul 19 14:00:00 2012 crrodriguezAATTopensuse.org
- Openssl wanted but not properly detected, fixed.

Wed Jul 4 14:00:00 2012 cfarrellAATTsuse.com
- license update: (MIT and BSD-3-Clause and BSD-4-Clause) and GPL-2.0
Properly categorise licenses and sync with Fedora declaration

Mon Apr 23 14:00:00 2012 varkolyAATTsuse.com
- bnc#758253 - L3: ntp fails if host has more than 1024 IP-addresses
ntp#1180 - ntpd won\'t start with more than 1000 interfaces

Mon Jan 9 13:00:00 2012 lmuelleAATTsuse.com
- Remove superfluous remove of acconfig.h while build.
- BuildRequire autoconf to avoid implicit dependency for post-11.4 systems.
- Remove call to suse_update_config macro for post-11.4 systems.

Mon Jan 9 13:00:00 2012 lmuelleAATTsuse.com
- BuildRequire fdupes for post-10.1 systems.
- Do not call autoreconf for pre-10.2 systems.

Mon Jan 9 13:00:00 2012 lmuelleAATTsuse.de
- Update to version 4.2.6p5.
- ntpd

* Updated \"nic\" and \"interface\" IPv6 address handling to prevent
mismatches with localhost [::1] and wildcard [::] which resulted from
using the address/prefix format (e.g. fe80::/64)

* Fix orphan mode stratum incorrectly counting to infinity

* Orphan parent selection metric updated to includes missing ntohl()

* Non-printable stratum 16 refid no longer sent to ntp

* Duplicate ephemeral associations suppressed for broadcastclient and
multicastclient without broadcastdelay

* Exclude undetermined sys_refid from use in loopback TEST12

* Exclude MODE_SERVER responses from KoD rate limiting

* Include root delay in clock_update() sys_rootdisp calculations

* get_systime() updated to exclude sys_residual offset (which only
affected bits \"below\" sys_tick, the precision threshold)

* sys.peer jitter weighting corrected in sys_jitter calculation
- ntpq

* -n option extended to include the billboard \"server\" column

* IPv6 addresses in the local column truncated to prevent overruns
- Update to version 4.2.6p4.
- Build system

* Fix checking for struct rtattr

* Upgrade required version of autogen and libopts for building
from our source code repository
- ntpd

* Back-ported several fixes for Coverity warnings from ntp-dev

* Fix a rare boundary condition in UNLINK_EXPR_SLIST()

* Allow \"logconfig =allall\" configuration directive

* Bind tentative IPv6 addresses on Linux

* Correct WWVB/Spectracom driver to timestamp CR instead of LF

* Improved tally bit handling to prevent incorrect ntpq peer status reports

* Exclude the Undisciplined Local Clock and ACTS drivers from the initial
candidate list unless they are designated a \"prefer peer\"

* Prevent the consideration of Undisciplined Local Clock or ACTS drivers for
selection during the \'tos orphanwait\' period·

* Prefer an Orphan Mode Parent over the Undisciplined Local Clock or ACTS
drivers

* Improved support of the Parse Refclock trusttime flag in Meinberg mode

* Back-port utility routines from ntp-dev: mprintf(), emalloc_zero()

* Code cleanup in libntpq
- ntpdc

* Fix timerstats reporting
- ntpdate

* Reduce time required to set clock

* Allow a timeout greater than 2 seconds
- sntp

* Backward incompatible command-line option change:
- l/--filelog changed -l/--logfile (to be consistent with ntpd)
- Documentation

* Update html2man. Fix some tags in the .html files

* Distribute ntp-wait.html

Mon Jan 9 13:00:00 2012 lmuelleAATTsuse.de
- Remove superfluously used NTPD_PID_NOPREFIX from init script.
- Refresh patches to apply with no offset.

Thu Nov 24 13:00:00 2011 varkolyAATTsuse.com
- bnc#730374 - Hardware Clock does not get synchronized

Wed Nov 23 13:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to avoid implicit dependency

Thu Oct 27 14:00:00 2011 varkolyAATTsuse.com
- bnc#656509 - don\'t use --bind on /var/lib/ntp/proc

Fri Aug 26 14:00:00 2011 varkolyAATTsuse.com
- bnc#699724 - ntpdate was replaced with a dud script

Wed Jun 1 14:00:00 2011 varkolyAATTsuse.de
- The default timeout for sntp is to long. This can stop booting
- bnc#689070 - ntp post install script always removes /etc/sysconfig/ntp
- bnc#688529 - (ntp) ntpq and ntpdc command history broken
- bnc#695598 - \"Started sntp\" in /var/log/messages

Sun May 1 14:00:00 2011 hpjAATTurpla.net
- fix \"rcntp ntptimeset\"

* never try to syncronize with local clocks (127.127.
*), which led to
sntp blocking until timeout elapsed (and probably blocking boot
sequence for ~5 min per device..)
- fix DOS line breaks in some doc files

Tue Apr 26 14:00:00 2011 varkolyAATTnovell.com
- fix/improve init script

* related to bugzilla 688132

* \"rcntp ntptimeset\" could not parse servers from ntp.conf when IP proto
was specified (server [-4|-6] hostname)

* \"rcntp ntptimeset\" is now using ip proto parameter (-4|-6) if it\'s set in
NTPD_OPTIONS and skip servers where the opposite proto is defined

Fri Apr 1 14:00:00 2011 hpjAATTurpla.net
- replace remove-ntpdate.diff with sed script
- don\'t effectively zap existing /etc/sysconfig/ntp
- while at it, simplify /etc/sysconfig/ntp update
- improve NTP_PARSE_DEVICE documentation for /etc/sysconfig/ntp
- refresh all patches with offsets and fuzz

Thu Feb 3 13:00:00 2011 mvidnerAATTsuse.cz
- updated the sntp syntax also in our ntpdate script (bnc#658255#c2)

Tue Jan 4 13:00:00 2011 adrianAATTsuse.de
- update to version 4.2.6p3

* main feature, it really ! updates the time, old version was
miscalculating the offset based on t21 and t34

Tue Jan 4 13:00:00 2011 adrianAATTsuse.de
- require $network startup before ntp. This is not enforced via
$network_fs when no nfs and cifs is enabled

Tue Dec 14 13:00:00 2010 ismailAATTnamtrac.org
- bnc#657194 - compile with --enable-ntp-signd

Mon Dec 13 13:00:00 2010 varkolyAATTnovell.com
- bnc#658799 - ntp init script makes /proc readonly, blocking login

Wed Dec 8 13:00:00 2010 varkolyAATTnovell.com
- bnc#658255 - ntpd is not working and sntp complains about unknown options

Tue Nov 30 13:00:00 2010 varkolyAATTnovell.com
- update to 4.2.6p2

* Major code clean up.
1. The protostats statistics files have been very useful in exposing
little twitches and turns when something hiccups, like a broken PPS
signal. Most of what used to be syslog messages are now repackaged as
protostats messages with optional syslog as well.
2. Close inspection of the clock discipline behavior at long poll
intervals (36 h) showed it not doing as well as it should.
3. Autokey. The enhanced error checking was becoming a major pain. A way was found
to toss out gobs of ugly fat code and replace the function with a much simpler
and more comprehensive scheme.
4. The interface code for the kernel PPS signal was not in sync with the
kernel code itself. Some error checks were duplicated and some ineffective.
5. The flake restrict bit turned out to be really interesting, especially
with symmtric modes and of those especially those using Autokey.

* Documentation updates
- New old feature: sync time on startup. If not needed NTPD_FORCE_SYNC_ON_STARTUP must
be set to no in /etc/sysconfig/ntp

Tue Sep 28 14:00:00 2010 ajAATTsuse.de
- Handle /var/run as tmpfs

Fri Apr 23 14:00:00 2010 varkolyAATTnovell.com
- Set time by starting ntp via ntptimeset

Fri Apr 9 14:00:00 2010 varkolyAATTnovell.com
- rcntp timeset now gets the time via sntp inmediately

Sun Mar 21 13:00:00 2010 novellbmwAATTlsmod.de
- fix read-only mount of proc in chroot

Thu Mar 18 13:00:00 2010 varkolyAATTnovell.com
- bnc#574885 - XEN is using many network interfaces and stopping and
restarting XEN instances results in ntpd error \"Cannot find existing
interface for address ...\".

Wed Jan 6 13:00:00 2010 jengelhAATTmedozas.de
- enable parallel build

Wed Dec 9 13:00:00 2009 varkolyAATTsuse.de
- update to ntp-4.2.4p8 to fix bnc#550316 - VUL-0: ntp DoS
- bnc#557716 - NTP PLL does not converge based on
https://support.ntp.org/bugs/show_bug.cgi?id=1219

Sat Nov 28 13:00:00 2009 seifeAATTopensuse.org
- Also fix multiple mount on multiple \"rcntp start\" invocations

Mon Aug 31 14:00:00 2009 tiwaiAATTsuse.de
- Really fix the multiple mount bug in ntp init script (bnc#517222)

Mon Jul 20 14:00:00 2009 varkolyAATTsuse.de
- bnc#517222 – Minor patch for ntp init-script

Tue Jul 14 14:00:00 2009 ajAATTsuse.de
- Add ntp-4.2.4p7-autoconf.patch to fix build failure.

Fri Jul 10 14:00:00 2009 varkolyAATTsuse.de
- bnc#515629 - NM_ONLINE_TIMEOUT does not work with parallel boot
- bnc#521044 - ntp init script: /etc/init.d/ntp: line 70: return: can
only `return\' from a function or sourced script

Fri Jun 19 14:00:00 2009 varkolyAATTsuse.de
- bnc#506908 - ntptrace doesn\'t work as non root user
- update to 4.2.4p7:

* [Sec 1151] Remote exploit if autokey is enabled - CVE-2009-1252.

* [Bug 1187] Update the copyright date.

* [Bug 1191] ntpd fails on Win2000 - \"Address already in use\" after fix for [Sec 1149].

* ntp.isc.org -> ntp.org cleanup.

* [Bug 1178] Use prior FORCE_DNSRETRY behavior as needed at runtime,
add configure --enable-ignore-dns-errors to be even more stubborn

* [Bug 784] Make --enable-linuxcaps the default when available

* [Bug 1179] error messages for -u/--user and -i lacking droproot

* Updated JJY reference clock driver from Takao Abe

* [Bug 1071] Log a message and exit before trying to use FD_SET with a
descriptor larger than FD_SETSIZE, which will corrupt memory

* On corruption of the iface list head in add_interface, log and exit

* [Bug 1172] 4.2.4p7-RC{3,4} fail to build on linux.

* flock-build script unportable \'set -m\' use removed

* [Bug 1167] use gcc -Winit-self only if it is understood

* [Bug 787] Bug fixes for 64-bit time_t on Windows

* [Bug 813] Conditional naming of Event

* [Bug 1147] System errors should be logged to msyslog()

* [Bug 1155] Fix compile problem on Windows with VS2005

* [Bug 1156] lock_thread_to_processor() should be declared in header

* [Bug 1157] quiet OpenSSL warnings, clean up configure.ac

* [Bug 1158] support for aix6.1

* [Bug 1160] MacOS X is like BSD regarding F_SETOWN

* [Sec 1144] limited buffer overflow in ntpq. CVE-2009-0159

* [Sec 1149] use SO_EXCLUSIVEADDRUSE on Windows

* [Bug 1131] UDP sockets should not use SIGPOLL on Solaris.

* build system email address cleanup

* [Bug 774] parsesolaris.c does not compile under the new Solaris

* [Bug 873] Windows serial refclock proper TTY line discipline emulation

* [Bug 1014] Enable building with VC9 (in Visual Studio 2008,
Visual C++ 2008, or SDK)

* [Bug 1117] Deferred interface binding under Windows works only correctly
if FORCE_DNSRETRY is defined

* [BUG 1124] Lock QueryPerformanceCounter() client threads to same CPU

* DPRINTF macro made safer, always evaluates to a statement and will not
misassociate an else which follows the macro.

Wed May 6 14:00:00 2009 varkolyAATTsuse.de
- bnc#468685 - ntpd causes 16 wakeups per second

Wed Apr 29 14:00:00 2009 varkolyAATTsuse.de
- bnc#492304 - ntpd man page refers to package xntp-doc (which does not exist)
- bnc#495496 – ntp misses prereq: /sbin/chkconfig


  
ICM