SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for chrony-debugsource-4.1-150400.19.4.x86_64.rpm :

* Thu Mar 24 2022 maxAATTsuse.com- Fix config file handling in the spec file and remove \"ntsdumpdir\" from default config, because augeas-lenses cannot parse it during installation of SLE Micro on SLE-15-SP3 (bsc#1194220).
* Mon Jan 10 2022 maxAATTsuse.com- bsc#1194229: Fix pool package dependencies, so that SLE actually prefers chrony-pool-suse over chrony-pool-empty.
* Tue Dec 07 2021 maxAATTsuse.com- Add chrony-htonl.patch to work around undocumented behaviour of htonl() in older glibc versions (SLE-12) on 64 bit big endian architectures (s390x).
* Fri Nov 19 2021 maxAATTsuse.com- SLE bugs that have been fixed in openSUSE up to this point without explicit references: bsc#1183783, bsc#1184400, bsc#1171806, bsc#1161119, bsc#1159840.- Obsoleted SLE patches:
* chrony-fix-open.patch
* chrony-gettimeofday.patch
* chrony-ntp-era-split.patch
* chrony-pidfile.patch
* chrony-select-timeout.patch
* chrony-urandom.patch
* chrony.sysconfig
* clknetsim-glibc-2.31.patch
* Fri Oct 08 2021 maxAATTsuse.com- boo#1190926: PrivateDevices is too strict, we might need to access the rtc and ptp devices.- Add back support to build chrony on SLE12.- Drop dependency on asciidoctor. It is only needed for building the HTML documentation which we don\'t package anyway.
* Mon Aug 30 2021 jsegitzAATTsuse.com- Added hardening to systemd service(s). Added patch(es):
* harden_chrony-wait.service.patch
* harden_chronyd.service.patch
* Thu Jul 01 2021 maxAATTsuse.com- boo#1187906: Consolidate all references to the helper script.- bsc#1173760: MD5 is not available from mozilla-nss in FIPS mode, but needed for calculating refids from IPv6 addresses as part of the NTP protocol (rfc5905). As this is a non-cryptographic use of MD5 we can use our own implementation without violating FIPS rules: chrony-refid-internal-md5.patch .
* Sun Jun 13 2021 gmbr3AATTopensuse.org- Add now working CONFIG parameter to sysusers generator
* Wed Jun 02 2021 gmbr3AATTopensuse.org- Change to using systemd-sysusers- Remove otherproviders, not needed anymore
* Tue Jun 01 2021 maxAATTsuse.com- Update to 4.1
* Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate)
* Add source-specific configuration of trusted certificates
* Allow multiple files and directories with trusted certificates
* Allow multiple pairs of server keys and certificates
* Add copy option to server/pool directive
* Increase PPS lock limit to 40% of pulse interval
* Perform source selection immediately after loading dump files
* Reload dump files for addresses negotiated by NTS-KE server
* Update seccomp filter and add less restrictive level
* Restart ongoing name resolution on online command
* Fix dump files to not include uncorrected offset
* Fix initstepslew to accept time from own NTP clients
* Reset NTP address and port when no longer negotiated by NTS-KE server- Update clknetsim to snapshot f89702d.- Refresh chrony.keyring from https://chrony.tuxfamily.org/gpgkey-8F375C7E8D0EE125A3D3BD51537E2B76F7680DAC.asc- Ensure the correct pool packages are installed for openSUSE and SLE (bsc#1180689).
* Fri Feb 05 2021 maxAATTsuse.com- Enable syscallfilter unconditionally [boo#1181826].
* Mon Dec 07 2020 mrueckertAATTsuse.de- drop buildrequires on NSS. We need gnutls for NTS anyway and we can do all the other required crypto via nettle+gnutls. no need for another crypto library.
* Sun Nov 01 2020 mrueckertAATTsuse.de- Update to 4.0 - Enhancements - Add support for Network Time Security (NTS) authentication - Add support for AES-CMAC keys (AES128, AES256) with Nettle - Add authselectmode directive to control selection of unauthenticated sources - Add binddevice, bindacqdevice, bindcmddevice directives - Add confdir directive to better support fragmented configuration - Add sourcedir directive and \"reload sources\" command to support dynamic NTP sources specified in files - Add clockprecision directive - Add dscp directive to set Differentiated Services Code Point (DSCP) - Add -L option to limit log messages by severity - Add -p option to print whole configuration with included files - Add -U option to allow start under non-root user - Allow maxsamples to be set to 1 for faster update with -q/-Q option - Avoid replacing NTP sources with sources that have unreachable address - Improve pools to repeat name resolution to get \"maxsources\" sources - Improve source selection with trusted sources - Improve NTP loop test to prevent synchronisation to itself - Repeat iburst when NTP source is switched from offline state to online - Update clock synchronisation status and leap status more frequently - Update seccomp filter - Add \"add pool\" command - Add \"reset sources\" command to drop all measurements - Add authdata command to print details about NTP authentication - Add selectdata command to print details about source selection - Add -N option and sourcename command to print original names of sources - Add -a option to some commands to print also unresolved sources - Add -k, -p, -r options to clients command to select, limit, reset data - Bug fixes - Don’t set interface for NTP responses to allow asymmetric routing - Handle RTCs that don’t support interrupts - Respond to command requests with correct address on multihomed hosts - Removed features - Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) - Drop support for long (non-standard) MACs in NTPv4 packets (chrony 2.x clients using non-MD5/SHA1 keys need to use option \"version 3\") - Drop support for line editing with GNU Readline- add BuildRequires for gnutls-devel (which also pulls nettle to enable the new features)- drop patches which are included in the update: chrony-test-update-processing-of-packet-log.patch chrony-test-fix-util-unit-test-for-NTP-era-split.patch- refreshed chrony-config.patch- track series file for easier quilt setup- added option to turn off testsuite with osc build --without=testsuite testsuite still runs by default
* Wed Oct 28 2020 kukukAATTsuse.com- By default we don\'t write log files but log to journald, so only recommend logrotate.
* Mon Sep 14 2020 maxAATTsuse.com- Adjust and rename the sysconfig file, so that it matches the expectations of chronyd.service (bsc#1173277).
* Sun Sep 13 2020 elimatAATTopensuse.org- Update to 3.5.1:
* Create new file when writing pidfile (CVE-2020-14367, bsc#1174911)
* Sun Aug 02 2020 callumjfarmer13AATTgmail.com- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
* Thu Jun 04 2020 maxAATTsuse.com- Add chrony-pool-suse and chrony-pool-openSUSE subpackages that preconfigure chrony to use NTP servers from the respective pools for SUSE and openSUSE (bsc#1156884, SLE-11424).- Add chrony-pool-empty to still allow installing chrony without preconfigured servers.- Use iburst in the default pool statements to speed up initial synchronisation (bsc#1172113).
* Thu Apr 30 2020 dimstarAATTopensuse.org- Use _systemdutildir instead of _libexecdir/systemd: systemd does not actually live below libexecdir.
* Thu Feb 13 2020 mliskaAATTsuse.cz- Add chrony-test-update-processing-of-packet-log.patch in order to fix test-suite failure.
* Wed Feb 12 2020 mliskaAATTsuse.cz- Update clknetsim to version 79ffe44 (fixes boo#1162964).- Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch.
* Sat Oct 26 2019 suse+buildAATTde-korte.org- Change to BuildRequires: rubygem(asciidoctor) and remove conditional (is available in SLE12-SP4 and SLE15
* as well)- Fix typo in %install
* Tue Oct 22 2019 suse+buildAATTde-korte.org- Fix asciidoc in Tumbleweed- Revert clknetsim to version 58c5e8b
* Tue Oct 22 2019 suse+buildAATTde-korte.org- Fix incorrect download link for package signature
* Mon Oct 21 2019 mpluskalAATTsuse.com- Temporarily disable signature usage as its expired- Update clknetsim to version ac3c832
* Sat Oct 19 2019 Mathias.HomannAATTopensuse.org- fix chrony-service-helper.patch
* Sat Oct 19 2019 Mathias.HomannAATTopensuse.org- Update to 3.5: + Add support for more accurate reading of PHC on Linux 5.0 + Add support for hardware timestamping on interfaces with read-only timestamping configuration + Add support for memory locking and real-time priority on FreeBSD, NetBSD, Solaris + Update seccomp filter to work on more architectures + Validate refclock driver options + Fix bindaddress directive on FreeBSD + Fix transposition of hardware RX timestamp on Linux 4.13 and later + Fix building on non-glibc systems
* Thu Mar 21 2019 maxAATTsuse.com- Fix ordering and dependencies of chronyd.service, so that it is started after name resolution is up (bsc#1129914).- Add chrony-service-ordering.patch- Fix location of helper script in chrony-dnssrvAATT.service (bsc#1128846).
* Wed Mar 06 2019 mpluskalAATTsuse.com- Update testsuite to version 58c5e8b
* Thu Dec 20 2018 maxAATTsuse.com- Read runtime servers from /var/run/netconfig/chrony.servers to fix bsc#1099272.- Move chrony-helper to /usr/lib/chrony/helper, because there should be no executables in /usr/share.
* Fri Dec 14 2018 mpluskalAATTsuse.com- Make sure to generate correct sysconfig file (boo#1117147)- Update clknetsim to revision 8b48422
* Thu Nov 22 2018 mpluskalAATTsuse.com- Remove discrepancies between spec file and chrony-tmpfiles (boo#1115529)
* Thu Oct 18 2018 idonmezAATTsuse.com- Update the keyring and uncomment it in the spec file
* Thu Oct 18 2018 mpluskalAATTsuse.com- Comment out bad signature
* Wed Sep 19 2018 michaelAATTstroeder.com- Added %{_tmpfilesdir}/%{name}.conf- Updated clknetsim- Update to version 3.4
* Enhancements + Add filter option to server/pool/peer directive + Add minsamples and maxsamples options to hwtimestamp directive + Add support for faster frequency adjustments in Linux 4.19 + Change default pidfile to /var/run/chrony/chronyd.pid to allow chronyd without root privileges to remove it on exit + Disable sub-second polling intervals for distant NTP sources + Extend range of supported sub-second polling intervals + Get/set IPv4 destination/source address of NTP packets on FreeBSD + Make burst options and command useful with short polling intervals + Modify auto_offline option to activate when sending request failed + Respond from interface that received NTP request if possible + Add onoffline command to switch between online and offline state according to current system network configuration + Improve example NetworkManager dispatcher script
* Bug fixes + Avoid waiting in Linux getrandom system call + Fix PPS support on FreeBSD and NetBSD
* Fri Aug 03 2018 mpluskalAATTsuse.com- Update clknetsim to revision 42b693b
* Drop not needed chrony-fix-open.patch- Build tests with optflags as well- Do not run tests on i586- Enable signd
* Thu Aug 02 2018 mpluskalAATTsuse.com- Mention all sources as such in spec file- Fix formatting of changelog- Drop reference to change is not present
* Wed Aug 01 2018 bwiedemannAATTsuse.com- Update to version 3.3
* Enhancements: + Add burst option to server/pool directive + Add stratum and tai options to refclock directive + Add support for Nettle crypto library + Add workaround for missing kernel receive timestamps on Linux + Wait for late hardware transmit timestamps + Improve source selection with unreachable sources + Improve protection against replay attacks on symmetric mode + Allow PHC refclock to use socket in /var/run/chrony + Add shutdown command to stop chronyd + Simplify format of response to manual list command + Improve handling of unknown responses in chronyc
* Bug fixes: + Respond to NTPv1 client requests with zero mode + Fix -x option to not require CAP_SYS_TIME under non-root user + Fix acquisitionport directive to work with privilege separation + Fix handling of socket errors on Linux to avoid high CPU usage + Fix chronyc to not get stuck in infinite loop after clock step
* Wed Apr 18 2018 mpostAATTsuse.com- Added /etc/chrony.d/ directory to the package (bsc#1083597) Modifed default chrony.conf to add \"include /etc/chrony.d/
*\"
* Mon Mar 26 2018 kukukAATTsuse.de- Use %license instead of %doc [bsc#1082318]
* Wed Mar 14 2018 kukukAATTsuse.de- Fix name of fillup template (was never installed before)- Fix Requires for fillup, it\'s used in post, not pre.
* Fri Feb 09 2018 mpluskalAATTsuse.com- Enable pps support
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Thu Oct 26 2017 mpluskalAATTsuse.com- Cleanup spec file:
* Drop pre systemd support
* Run spec-cleaner
* Tue Oct 24 2017 mpostAATTsuse.com- Modified the spec file to comment out the pool statement in chrony.conf if _not_ building for openSUSE. (bsc#1063704).
* Thu Sep 28 2017 mrueckertAATTsuse.de- refresh patches to apply cleanly again - chrony-config.patch - chrony-fix-open.patch
* Wed Sep 20 2017 mpostAATTsuse.com- Upgraded to version 3.2: Enhancements
* Improve stability with NTP sources and reference clocks
* Improve stability with hardware timestamping
* Improve support for NTP interleaved modes
* Control frequency of system clock on macOS 10.13 and later
* Set TAI-UTC offset of system clock with leapsectz directive
* Minimise data in client requests to improve privacy
* Allow transmit-only hardware timestamping
* Add support for new timestamping options introduced in Linux 4.13
* Add root delay, root dispersion and maximum error to tracking log
* Add mindelay and asymmetry options to server/peer/pool directive
* Add extpps option to PHC refclock to timestamp external PPS signal
* Add pps option to refclock directive to treat any refclock as PPS
* Add width option to refclock directive to filter wrong pulse edges
* Add rxfilter option to hwtimestamp directive
* Add -x option to disable control of system clock
* Add -l option to log to specified file instead of syslog
* Allow multiple command-line options to be specified together
* Allow starting without root privileges with -Q option
* Update seccomp filter for new glibc versions
* Dump history on exit by default with dumpdir directive
* Use hardening compiler options by default Bug fixes
* Don\'t drop PHC samples with low-resolution system clock
* Ignore outliers in PHC tracking, RTC tracking, manual input
* Increase polling interval when peer is not responding
* Exit with error message when include directive fails
* Don\'t allow slash after hostname in allow/deny directive/command
* Try to connect to all addresses in chronyc before giving up- Upgraded clknetsim to version 71dbbc5.- Reworked chrony-fix-open.patch to fit the new version
* Tue Jan 31 2017 mpostAATTsuse.com- Upgraded to version 3.1: - Enhancements - Add support for precise cross timestamping of PHC on Linux - Add minpoll, precision, nocrossts options to hwtimestamp directive - Add rawmeasurements option to log directive and modify measurements option to log only valid measurements from synchronised sources - Allow sub-second polling interval with NTP sources - Bug fixes - Fix time smoothing in interleaved mode- Upgraded clknetsim to version ce89a1b.- Reworked the following patches to fit the new versions - chrony-config.patch - chrony-service-helper.patch - chrony-fix-open.patch
* Mon Jan 16 2017 mpostAATTsuse.com- Upgraded to version 3.0: - Enhancements - Add support for software and hardware timestamping on Linux - Add support for client/server and symmetric interleaved modes - Add support for MS-SNTP authentication in Samba - Add support for truncated MACs in NTPv4 packets - Estimate and correct for asymmetric network jitter - Increase default minsamples and polltarget to improve stability with very low jitter - Add maxjitter directive to limit source selection by jitter - Add offset option to server/pool/peer directive - Add maxlockage option to refclock directive - Add -t option to chronyd to exit after specified time - Add partial protection against replay attacks on symmetric mode - Don\'t reset polling interval when switching sources to online state - Allow rate limiting with very short intervals - Improve maximum server throughput on Linux and NetBSD - Remove dump files after start - Add tab-completion to chronyc with libedit/readline - Add ntpdata command to print details about NTP measurements - Allow all source options to be set in add server/peer command - Indicate truncated addresses/hostnames in chronyc output - Print reference IDs as hexadecimal numbers to avoid confusion with IPv4 addresses - Bug fixes - Fix crash with disabled asynchronous name resolving- Upgraded clknetsim to version 6bb6519.
* Tue Nov 29 2016 mpostAATTsuse.com- Upgraded to version 2.4.1: - Bug fixes - Fix processing of kernel timestamps on non-Linux systems - Fix crash with smoothtime directive - Fix validation of refclock sample times - Fix parsing of refclock directive
* Wed Jun 08 2016 mrueckertAATTsuse.de- update to 2.4: - Enhancements - Add orphan option to local directive for orphan mode compatible with ntpd - Add distance option to local directive to set activation threshold (1 second by default) - Add maxdrift directive to set maximum allowed drift of system clock - Try to replace NTP sources exceeding maximum distance - Randomise source replacement to avoid getting stuck with bad sources - Randomise selection of sources from pools on start - Ignore reference timestamp as ntpd doesn\'t always set it correctly - Modify tracking report to use same values as seen by NTP clients - Add -c option to chronyc to write reports in CSV format - Provide detailed manual pages - Bug fixes - Fix SOCK refclock to work correctly when not specified as last refclock - Fix initstepslew and -q/-Q options to accept time from own NTP clients - Fix authentication with keys using 512-bit hash functions - Fix crash on exit when multiple signals are received - Fix conversion of very small floating-point numbers in command packets - Removed features - Drop documentation in Texinfo format- update clknetsim to a5949fe for fixing a testsuite failure: - add IP_PKTINFO socket option - accept environment variables in make - fix building with FORTIFY_SOURCE - fix compiler warning - support multiple SHM refclocks - fix recv functions with new glibc headers- refreshed chrony-fix-open.patch: to apply cleanly after clknetsim update- drop patches: - chrony-include-termios.patch - make-105-ntpauth-more-reliable.patch- drop buildrequires for texinfo and pre requires on the install info packages- no longer use make install-docs: it only installed 0 byte html files.
* Wed Apr 13 2016 mpluskalAATTsuse.com- Provide ntp-daemon (bsc#973981)
* Mon Apr 11 2016 meissnerAATTsuse.com- chrony-fix-open.patch: make sure _open and _close are initialized in open()/close() override, as libfreebl3 also calls from the the ELF constructor. FATE#319508- enable mozilla-nss
* Fri Apr 08 2016 mpluskalAATTsuse.com- Use correct license- Drop hardcoded dependency on libseccomp, it is detected during build
* Fri Apr 08 2016 mpluskalAATTsuse.com- Undo reference to chrony-dnssrvAATT.service in %pre, %preun, %post, and %postun as it would lead to error.- Change conditions for libseccom, we can use any version on SLE-12 x86_64
* Tue Apr 05 2016 mpostAATTsuse.com- Removed %if for distributions that aren\'t building chrony.- Renamed chrony-2.2_logrotate.patch to chrony-logrotate.patch since the patch is not particularly version-dependent.- Added clknetsim for \"make check\" processing.- Added Buildrequires for gcc-c++ and timezone for building clknetsim and running \"make check\".- Changed Buildrequires and Requires to specify the minimum level of libseccomp needed to build on s390x and ppc64le.- Removed \"-Recommends: timedatex\" since I couldn\'t find any instance of it anywhere in the build service.- Modified the description to use some of the information from the chrony web site.- Added chrony-include-termios.patch so that it will build on ppc64le.- Added make-105-ntpauth-more-reliable.patch so that \"make check\" will not report a non-failure as a failure.- Added --without-nss to ./configure to avoid \"interruption code 0x2003B in chronyd\" errors.- Changed the symbolic links for rcchronyd and rcchronyd-wait to point to the actual location of the service command, not the symlink in /sbin.- Added reference to chrony-dnssrvAATT.service in %pre, %preun, %post, and %postun.
* Mon Mar 28 2016 mpluskalAATTsuse.com- Cleanup spec file with spec-cleaner- Prepare for submission to Factory (see fate#319508)
* Thu Feb 18 2016 mrueckertAATTsuse.de- update to 2.3 - Enhancements - Add support for NTP and command response rate limiting - Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris - Add require and trust options for source selection - Enable logchange by default (1 second threshold) - Set RTC on Mac OS X with rtcsync directive - Allow binding to NTP port after dropping root privileges on NetBSD - Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled - Resolve names in separate process when seccomp filter is enabled - Replace old records in client log when memory limit is reached - Don\'t reveal local time and synchronisation state in client packets - Don\'t keep client sockets open for longer than necessary - Ignore poll in KoD RATE packets as ntpd doesn\'t always set it correctly - Warn when using keys shorter than 80 bits - Add keygen command to generate random keys easily - Add serverstats command to report NTP and command packet statistics - Bug fixes - Fix clock correction after making step on Mac OS X - Fix building on Solaris- refreshed patches to apply cleanly again: chrony-2.2_logrotate.patch chrony-config.patch chrony-service-helper.patch
* Fri Jan 29 2016 mrueckertAATTsuse.de- update to 2.2.1 Restrict authentication of NTP server/peer to specified key (CVE-2016-1567)
* Thu Nov 26 2015 mrueckertAATTsuse.de- silence groupadd/useradd call and drop the shell from the user.
* Thu Nov 26 2015 mrueckertAATTsuse.de- update to 2.2 see /usr/share/doc/packages/chrony/NEWS- sync with fedora spec and add systemd support- refreshed chrony-config.patch to apply cleanly again- added chrony-2.2_logrotate.patch: add missing su option as we no longer have the daemon run as root.- added chrony-service-helper.patch: imported from fedora with a changed path for moving from libexecdir to datadir- only use syscall filters on 12.3 and newer- move helper from libexecdir to datadir
  
ICM