update

author Harlan Stenn <stenn@ntp.org>

Sat, 11 Apr 2020 07:12:47 +0000 (07:12 +0000)

committer Harlan Stenn <stenn@ntp.org>

Sat, 11 Apr 2020 07:12:47 +0000 (07:12 +0000)
author Harlan Stenn <stenn@ntp.org>
Sat, 11 Apr 2020 07:12:47 +0000 (07:12 +0000)
committer Harlan Stenn <stenn@ntp.org>
Sat, 11 Apr 2020 07:12:47 +0000 (07:12 +0000)
diff --git a/NEWS b/NEWS

index e1ed000566147260fdfa9eead35114c9f97b8b11..60d4d699cafb9f936bd1301908d4229cee2c8d56 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,25 @@
+---
+NTP 4.2.8p15 (Harlan Stenn <stenn@ntp.org>, 2020 Apr 23)
+
+Focus: Security, Bug fixes
+
+Severity: MEDIUM
+
+This release fixes one vulnerability: Associations that use CMAC
+authentication between ntpd from versions 4.2.8p11/4.3.97 and
+4.2.8p14/4.3.100 will leak a small amount of memory for each packet.
+Eventually, ntpd will run out of memory and abort.
+
+It also fixes 46 other bugs and addresses
+4 other issues.
+
+* [Bug 3655] ntpdc memstats hash counts <perlinger@ntp.org>
+  - fix by Gerry garvey
+* [Bug 3653] Refclock jitter RMS calculation <perlinger@ntp.org>
+  - thanks to Gerry Garvey
+* [Bug 3646] Avoid sync with unsync orphan <perlinger@ntp.org>
+  - patch by Gerry Garvey
+
  ---
  NTP 4.2.8p14 (Harlan Stenn <stenn@ntp.org>, 2020 Mar 03)
author	Harlan Stenn <stenn@ntp.org>
	Sat, 11 Apr 2020 07:12:47 +0000 (07:12 +0000)
committer	Harlan Stenn <stenn@ntp.org>
	Sat, 11 Apr 2020 07:12:47 +0000 (07:12 +0000)