---
-* [Bug 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org
+
+* [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn.
+* [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org
+* [Sec 2938] ntpq saveconfig command allows dangerous characters
+ in filenames. perlinger@ntp.org
+* [Sec 2939] reslist NULL pointer dereference. perlinger@ntp.org
+* [Sec 2940] Stack exhaustion in recursive traversal of restriction
+ list. perlinger@ntp.org
+* [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org
++* [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org
+* Make leapsec_query debug messages less verbose. Harlan Stenn.
+
+---
+(4.2.8p5) 2016/01/07 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Sec 2956] small-step/big-step. Close the panic gate earlier. HStenn.
+* CID 1339955: Free allocated memory in caljulian test. HStenn.
+* CID 1339962: Explicitly initialize variable in caljulian test. HStenn.
+* CID 1341527: Quiet a CHECKED_RETURN in sntp/tests/t-log.c. HStenn.
+* CID 1341533: Missing assertion in sntp/tests/t-log.c. HStenn.
+* CID 1341534: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
+* CID 1341535: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
+* CID 1341536: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
+* CID 1341537: Resource leak in tests/ntpd/t-ntp_signd.c. HStenn.
+* CID 1341538: Memory leak in tests/ntpd/ntp_prio_q.c:262. HStenn.
+* CID 1341677: Nits in sntp/tests/keyFile.c. HStenn.
+* CID 1341678: Nits in sntp/tests/keyFile.c. HStenn.
+* CID 1341679: Nits in sntp/tests/keyFile.c. HStenn.
+* CID 1341680: Nits in sntp/tests/keyFile.c. HStenn.
+* CID 1341681: Nits in sntp/tests/keyFile.c. HStenn.
+* CID 1341682: Nit in libntp/authreadkeys.c. HStenn.
+* CID 1341684: Nit in tests/ntpd/t-ntp_signd.c. HStenn.
+* [Bug 2829] Look at pipe_fds in ntpd.c (did so. perlinger@ntp.org)
+* [Bug 2887] stratum -1 config results as showing value 99
+ - fudge stratum should only accept values [0..16]. perlinger@ntp.org
+* [Bug 2932] Update leapsecond file info in miscopt.html. CWoodbury, HStenn.
+* [Bug 2934] tests/ntpd/t-ntp_scanner.c has a magic constant wired in. HMurray
+* [Bug 2944] errno is not preserved properly in ntpdate after sendto call.
+ - applied patch by Christos Zoulas. perlinger@ntp.org
+* [Bug 2952] Symmetric active/passive mode is broken. HStenn.
+* [Bug 2954] Version 4.2.8p4 crashes on startup with sig fault
+ - fixed data race conditions in threaded DNS worker. perlinger@ntp.org
+ - limit threading warm-up to linux; FreeBSD bombs on it. perlinger@ntp.org
+* [Bug 2957] 'unsigned int' vs 'size_t' format clash. perlinger@ntp.org
+ - accept key file only if there are no parsing errors
+ - fixed size_t/u_int format clash
+ - fixed wrong use of 'strlcpy'
+* [Bug 2958] ntpq: fatal error messages need a final newline. Craig Leres.
+* [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets. perlinger@ntp.org
+ - fixed several other warnings (cast-alignment, missing const, missing prototypes)
+ - promote use of 'size_t' for values that express a size
+ - use ptr-to-const for read-only arguments
+ - make sure SOCKET values are not truncated (win32-specific)
+ - format string fixes
+* [Bug 2965] Local clock didn't work since 4.2.8p4. Martin Burnicki.
+* [Bug 2967] ntpdate command suffers an assertion failure
+ - fixed ntp_rfc2553.c to return proper address length. perlinger@ntp.org
+* [Bug 2969] Seg fault from ntpq/mrulist when looking at server with
+ lots of clients. perlinger@ntp.org
+* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+ - changed stacked/nested handling of CTRL-C. perlinger@ntp.org
+* Unity cleanup for FreeBSD-6.4. Harlan Stenn.
+* Unity test cleanup. Harlan Stenn.
+* Libevent autoconf pthread fixes for FreeBSD-10. Harlan Stenn.
+* Header cleanup in tests/sandbox/uglydate.c. Harlan Stenn.
+* Header cleanup in tests/libntp/sfptostr.c. Harlan Stenn.
+* Quiet a warning from clang. Harlan Stenn.
+* Update the NEWS file. Harlan Stenn.
+* Update scripts/calc_tickadj/Makefile.am. Harlan Stenn.
+
---
-(4.2.8p4-RC1) 2015/10/06 Released by Harlan Stenn <stenn@ntp.org>
+* [Sec 2899] CVE-2014-9297 perlinger@ntp.org
+* [Sec 2901] Drop invalid packet before checking KoD. Check for all KoD's.
+ Danny Mayer. Log incoming packets that fail TEST2. Harlan Stenn.
+* [Sec 2902] configuration directives "pidfile" and "driftfile"
+ should be local-only. perlinger@ntp.org (patch by Miroslav Lichvar)
+* [Sec 2909] added missing call to 'free()' in ntp_crypto.c. perlinger@ntp.org
+* [Sec 2913] TALOS-CAN-0052: crash by loop counter underrun. perlinger@ntp.org
+* [Sec 2916] TALOS-CAN-0054: memory corruption in password store. JPerlinger
+* [Sec 2917] TALOS-CAN-0055: Infinite loop if extended logging enabled and
+ the logfile and keyfile are the same. perlinger@ntp.org
+* [Sec 1918] TALOS-CAN-0062: prevent directory traversal for VMS, too, when
+ using 'saveconfig' command. perlinger@ntp.org
+* [Bug 2919] TALOS-CAN-0063: avoid buffer overrun in ntpq. perlinger@ntp.org
+* [Sec 2020] TALOS-CAN-0064: signed/unsiged clash could lead to buffer overun
+ and memory corruption. perlinger@ntp.org
+* [Sec 2921] TALOS-CAN-0065: password length memory corruption. JPerlinger.
+* [Sec 2922] decodenetnum() will ASSERT botch instead of returning FAIL
+ on some bogus values. Harlan Stenn.
+* [Sec 2941] NAK to the Future: Symmetric association authentication
+ bypass via crypto-NAK. Patch applied. perlinger@ntp.org
* [Bug 2332] (reopened) Exercise thread cancellation once before dropping
privileges and limiting resources in NTPD removes the need to link
forcefully against 'libgcc_s' which does not always work. J.Perlinger
projects / thirdparty / ntp.git / commitdiff
