From: Miroslav Lichvar Date: Tue, 25 Aug 2020 08:58:31 +0000 (+0200) Subject: doc: update NEWS X-Git-Tag: 4.0-pre3^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=009f1a5ae86ae316b8d1829d708fa6b35ea3033d;p=thirdparty%2Fchrony.git doc: update NEWS --- diff --git a/NEWS b/NEWS index 31608cd8..aab0295b 100644 --- a/NEWS +++ b/NEWS @@ -5,20 +5,33 @@ Enhancements ------------ * Add support for Network Time Security (NTS) authentication * Add support for AES-CMAC keys (AES128, AES256) with Nettle -* Add support for maxsamples of 1 for faster update with -q/-Q option +* Add authselectmode directive to control selection of unauthenticated sources +* Add binddevice, bindacqdevice, bindcmddevice directives +* Add confdir directive to better support fragmented configuration +* Add sourcedir directive and "reload sources" command to support + dynamic NTP sources specified in files +* Add dscp directive to set Differentiated Services Code Point (DSCP) * Add -L option to limit log messages by severity +* Add -p option to print whole configuration with included files +* Allow maxsamples to be set to 1 for faster update with -q/-Q option * Avoid replacing NTP sources with sources that have unreachable address * Improve pools to repeat name resolution to get "maxsources" sources +* Improve source selection with trusted sources * Improve NTP loop test to prevent synchronisation to itself +* Repeat iburst when NTP source is switched from offline state to online * Update clock synchronisation status and leap status more frequently * Update seccomp filter * Add "add pool" command +* Add "reset sources" command to drop all measurements +* Add authdata command to print details about NTP authentication +* Add selectdata command to print details about source selection * Add -N option and sourcename command to print original names of sources -* Add -a option to sources/sourcestats command to print unresolved sources -* Add reset command to drop all measurements +* Add -a option to some commands to print also unresolved sources +* Add -k, -p, -r options to clients command to select, limit, reset data Bug fixes --------- +* Don't set interface for NTP responses to allow asymmetric routing * Handle RTCs that don't support interrupts * Respond to command requests with correct address on multihomed hosts @@ -26,6 +39,13 @@ Removed features ---------------- * Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) +New in version 3.5.1 +==================== + +Security fixes +-------------- +* Create new file when writing pidfile (CVE-2020-14367) + New in version 3.5 ==================