SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for chrony-4.3-3.5.x86_64.rpm :

* Thu Sep 01 2022 Reinhard Max - Update to 4.3:
* Add local option to refclock directive to stabilise system clock with more stable free-running clock (e.g. TCXO, OCXO).
* Add maxdelayquant option to server/pool/peer directive to replace maxdelaydevratio filter with long-term quantile-based filtering.
* Add selection option to log directive.
* Allow external PPS in PHC refclock without configurable pin.
* Don\'t accept first interleaved response to minimise error in delay.
* Don\'t use arc4random on Linux to avoid server performance loss.
* Improve filter option to better handle missing NTP samples.
* Improve stability with hardware timestamping and PHC refclock.
* Update seccomp filter- Update clknetsim to snapshot f00531b.- Use a more specific conditional for the /usr/etc stuff.
* Wed Jun 15 2022 Stefan Schubert - Moved logrotate files from user specific directory /etc/logrotate.d to vendor specific directory /usr/etc/logrotate.d.
* Thu May 12 2022 Stefan Schubert - Moved 20-chrony file from user specif directory /etc/NetworkManager/dispatcher.d to vendor specific directory /usr/lib/NetworkManager/dispatcher.d. So, users changes can still be done in /etc and will not be overwritten by an update.
* Mon Jan 10 2022 Reinhard Max - boo#1194206: Use /run instead of /var/run throughout.- bsc#1194229: Fix pool package dependencies, so that SLE actually prefers chrony-pool-suse over chrony-pool-empty.
* Thu Dec 16 2021 Reinhard Max - Update to 4.2
* Add support for NTPv4 extension field improving synchronisation stability and resolution of root delay and dispersion (experimental)
* Add support for NTP over PTP (experimental)
* Add support for AES-CMAC and hash functions in GnuTLS
* Improve server interleaved mode to be more reliable and support multiple clients behind NAT
* Update seccomp filter
* Fix RTC support with 64-bit time_t on 32-bit Linux
* Fix seccomp filter to work correctly with bind
*device directives- Obsoleted patches:
* chrony-refid-internal-md5.patch
* harden_chrony-wait.service.patch
* harden_chronyd.service.patch- Update clknetsim to snapshot 470b5e9.
* Tue Dec 07 2021 Reinhard Max - Add chrony-htonl.patch to work around undocumented behaviour of htonl() in older glibc versions (SLE-12) on 64 bit big endian architectures (s390x).
* Fri Nov 19 2021 Reinhard Max - SLE bugs that have been fixed in openSUSE up to this point without explicit references: bsc#1183783, bsc#1184400, bsc#1171806, bsc#1161119, bsc#1159840.- Obsoleted SLE patches:
* chrony-fix-open.patch
* chrony-gettimeofday.patch
* chrony-ntp-era-split.patch
* chrony-pidfile.patch
* chrony-select-timeout.patch
* chrony-urandom.patch
* chrony.sysconfig
* clknetsim-glibc-2.31.patch
* Fri Oct 08 2021 Reinhard Max - boo#1190926: PrivateDevices is too strict, we might need to access the rtc and ptp devices.- Add back support to build chrony on SLE12.- Drop dependency on asciidoctor. It is only needed for building the HTML documentation which we don\'t package anyway.
* Mon Aug 30 2021 Johannes Segitz - Added hardening to systemd service(s). Added patch(es):
* harden_chrony-wait.service.patch
* harden_chronyd.service.patch
* Thu Jul 01 2021 Reinhard Max - boo#1187906: Consolidate all references to the helper script.- bsc#1173760: MD5 is not available from mozilla-nss in FIPS mode, but needed for calculating refids from IPv6 addresses as part of the NTP protocol (rfc5905). As this is a non-cryptographic use of MD5 we can use our own implementation without violating FIPS rules: chrony-refid-internal-md5.patch .
* Sun Jun 13 2021 Callum Farmer - Add now working CONFIG parameter to sysusers generator
* Wed Jun 02 2021 Callum Farmer - Change to using systemd-sysusers- Remove otherproviders, not needed anymore
* Tue Jun 01 2021 Reinhard Max - Update to 4.1
* Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate)
* Add source-specific configuration of trusted certificates
* Allow multiple files and directories with trusted certificates
* Allow multiple pairs of server keys and certificates
* Add copy option to server/pool directive
* Increase PPS lock limit to 40% of pulse interval
* Perform source selection immediately after loading dump files
* Reload dump files for addresses negotiated by NTS-KE server
* Update seccomp filter and add less restrictive level
* Restart ongoing name resolution on online command
* Fix dump files to not include uncorrected offset
* Fix initstepslew to accept time from own NTP clients
* Reset NTP address and port when no longer negotiated by NTS-KE server- Update clknetsim to snapshot f89702d.- Refresh chrony.keyring from https://chrony.tuxfamily.org/gpgkey-8F375C7E8D0EE125A3D3BD51537E2B76F7680DAC.asc- Ensure the correct pool packages are installed for openSUSE and SLE (bsc#1180689).
* Fri Feb 05 2021 Reinhard Max - Enable syscallfilter unconditionally [boo#1181826].
* Mon Dec 07 2020 Marcus Rueckert - drop buildrequires on NSS. We need gnutls for NTS anyway and we can do all the other required crypto via nettle+gnutls. no need for another crypto library.
* Sun Nov 01 2020 Marcus Rueckert - Update to 4.0 - Enhancements - Add support for Network Time Security (NTS) authentication - Add support for AES-CMAC keys (AES128, AES256) with Nettle - Add authselectmode directive to control selection of unauthenticated sources - Add binddevice, bindacqdevice, bindcmddevice directives - Add confdir directive to better support fragmented configuration - Add sourcedir directive and \"reload sources\" command to support dynamic NTP sources specified in files - Add clockprecision directive - Add dscp directive to set Differentiated Services Code Point (DSCP) - Add -L option to limit log messages by severity - Add -p option to print whole configuration with included files - Add -U option to allow start under non-root user - Allow maxsamples to be set to 1 for faster update with -q/-Q option - Avoid replacing NTP sources with sources that have unreachable address - Improve pools to repeat name resolution to get \"maxsources\" sources - Improve source selection with trusted sources - Improve NTP loop test to prevent synchronisation to itself - Repeat iburst when NTP source is switched from offline state to online - Update clock synchronisation status and leap status more frequently - Update seccomp filter - Add \"add pool\" command - Add \"reset sources\" command to drop all measurements - Add authdata command to print details about NTP authentication - Add selectdata command to print details about source selection - Add -N option and sourcename command to print original names of sources - Add -a option to some commands to print also unresolved sources - Add -k, -p, -r options to clients command to select, limit, reset data - Bug fixes - Don’t set interface for NTP responses to allow asymmetric routing - Handle RTCs that don’t support interrupts - Respond to command requests with correct address on multihomed hosts - Removed features - Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) - Drop support for long (non-standard) MACs in NTPv4 packets (chrony 2.x clients using non-MD5/SHA1 keys need to use option \"version 3\") - Drop support for line editing with GNU Readline- add BuildRequires for gnutls-devel (which also pulls nettle to enable the new features)- drop patches which are included in the update: chrony-test-update-processing-of-packet-log.patch chrony-test-fix-util-unit-test-for-NTP-era-split.patch- refreshed chrony-config.patch- track series file for easier quilt setup- added option to turn off testsuite with osc build --without=testsuite testsuite still runs by default
* Wed Oct 28 2020 Thorsten Kukuk - By default we don\'t write log files but log to journald, so only recommend logrotate.
* Mon Sep 14 2020 Reinhard Max - Adjust and rename the sysconfig file, so that it matches the expectations of chronyd.service (bsc#1173277).
* Sun Sep 13 2020 Matthias Eliasson - Update to 3.5.1:
* Create new file when writing pidfile (CVE-2020-14367, bsc#1174911)
* Sun Aug 02 2020 Callum Farmer - Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
* Thu Jun 04 2020 Reinhard Max - Add chrony-pool-suse and chrony-pool-openSUSE subpackages that preconfigure chrony to use NTP servers from the respective pools for SUSE and openSUSE (bsc#1156884, SLE-11424).- Add chrony-pool-empty to still allow installing chrony without preconfigured servers.- Use iburst in the default pool statements to speed up initial synchronisation (bsc#1172113).
* Thu Apr 30 2020 Dominique Leuenberger - Use _systemdutildir instead of _libexecdir/systemd: systemd does not actually live below libexecdir.
* Thu Feb 13 2020 Martin Liška - Add chrony-test-update-processing-of-packet-log.patch in order to fix test-suite failure.
* Wed Feb 12 2020 Martin Liška - Update clknetsim to version 79ffe44 (fixes boo#1162964).- Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch.
* Sat Oct 26 2019 Arjen de Korte - Change to BuildRequires: rubygem(asciidoctor) and remove conditional (is available in SLE12-SP4 and SLE15
* as well)- Fix typo in %install
* Tue Oct 22 2019 Arjen de Korte - Fix asciidoc in Tumbleweed- Revert clknetsim to version 58c5e8b
* Tue Oct 22 2019 Arjen de Korte - Fix incorrect download link for package signature
* Mon Oct 21 2019 Martin Pluskal - Temporarily disable signature usage as its expired- Update clknetsim to version ac3c832
* Sat Oct 19 2019 Mathias Homann - fix chrony-service-helper.patch
* Sat Oct 19 2019 Mathias Homann - Update to 3.5: + Add support for more accurate reading of PHC on Linux 5.0 + Add support for hardware timestamping on interfaces with read-only timestamping configuration + Add support for memory locking and real-time priority on FreeBSD, NetBSD, Solaris + Update seccomp filter to work on more architectures + Validate refclock driver options + Fix bindaddress directive on FreeBSD + Fix transposition of hardware RX timestamp on Linux 4.13 and later + Fix building on non-glibc systems
* Thu Mar 21 2019 Reinhard Max - Fix ordering and dependencies of chronyd.service, so that it is started after name resolution is up (bsc#1129914).- Add chrony-service-ordering.patch- Fix location of helper script in chrony-dnssrvAATT.service (bsc#1128846).
* Wed Mar 06 2019 Martin Pluskal - Update testsuite to version 58c5e8b
  
ICM