From: Juergen Perlinger <perlinger@ntp.org>
Date: Sun, 31 Mar 2019 06:32:18 +0000 (+0200)
Subject: Merge bk://bk2.ntp.org/ntp-stable
X-Git-Tag: NTP_4_3_106~10^2~1^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=196593853310f019da9dce60bb56e5d31dde4075;p=thirdparty%2Fntp.git

Merge bk://bk2.ntp.org/ntp-stable
into  ntp.org:/home/jnperlin/Projects/Packages/NTP-DEV/src/ntp-stable-3432

bk: 5ca05ef2gO5VDmsRjCU0Un7jiC2rCA
---

196593853310f019da9dce60bb56e5d31dde4075
diff --cc ChangeLog
index b86a14b7d,9ff845c81..29a88686c
--- a/ChangeLog
+++ b/ChangeLog
@@@ -1,5 -1,79 +1,83 @@@
 +---
++* [Bug 3432] refclocks that 'write()' should check the result <perlinger@ntp.org>
++  - plus some more work on warnings for unchecked results
++
+ ---
+ (4.2.8p13) 2019/03/07 Released by Harlan Stenn <stenn@ntp.org>
+ 
+ * [Sec 3565] Crafted null dereference attack in authenticated
+ 	     mode 6 packet <perlinger@ntp.org>
+   - reported by Magnus Stubman
+ * [Bug 3560] Fix build when HAVE_DROPROOT is not defined <perlinger@ntp.org>
+   - applied patch by Ian Lepore
+ * [Bug 3558] Crash and integer size bug <perlinger@ntp.org>
+   - isolate and fix linux/windows specific code issue
+ * [Bug 3556] ntp_loopfilter.c snprintf compilation warnings <perlinger@ntp.org>
+   - provide better function for incremental string formatting
+ * [Bug 3555] Tidy up print alignment of debug output from ntpdate <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
+ * [Bug 3554] config revoke stores incorrect value <perlinger@ntp.org>
+   - original finding by Gerry Garvey, additional cleanup needed
+ * [Bug 3549] Spurious initgroups() error message <perlinger@ntp.org>
+   - patch by Christous Zoulas
+ * [Bug 3548] Signature not verified on windows system <perlinger@ntp.org>
+   - finding by Chen Jiabin, plus another one by me
+ * [Bug 3541] patch to fix STA_NANO struct timex units <perlinger@ntp.org>
+   - applied patch by Maciej Szmigiero
+ * [Bug 3540] Cannot set minsane to 0 anymore <perlinger@ntp.org>
+   - applied patch by Andre Charbonneau
+ * [Bug 3539] work_fork build fails when droproot is not supported <perlinger@ntp.org>
+   - applied patch by Baruch Siach
+ * [Bug 3538] Build fails for no-MMU targets <perlinger@ntp.org>
+   - applied patch by Baruch Siach
+ * [Bug 3535] libparse won't handle GPS week rollover <perlinger@ntp.org>
+   - refactored handling of GPS era based on 'tos basedate' for
+     parse (TSIP) and JUPITER clocks
+ * [Bug 3529] Build failures on Mac OS X 10.13 (High Sierra) <perlinger@ntp.org>
+   - patch by Daniel J. Luke; this does not fix a potential linker
+     regression issue on MacOS.
+ * [Bug 3527 - Backward Incompatible] mode7 clockinfo fudgeval2 packet
+   anomaly <perlinger@ntp.org>, reported by GGarvey.
+   - --enable-bug3527-fix support by HStenn
+ * [Bug 3526] Incorrect poll interval in packet <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
+ * [Bug 3471] Check for openssl/[ch]mac.h.  <perlinger@ntp.org>
+   - added missing check, reported by Reinhard Max <perlinger@ntp.org>
+ * [Bug 1674] runtime crashes and sync problems affecting both x86 and x86_64
+   - this is a variant of [bug 3558] and should be fixed with it
+ * Implement --disable-signalled-io
  
+ ---
+ (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org>
+ 
+ * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability
+   - fixed stack buffer overflow in the openhost() command-line call
+     of NTPQ/NTPDC <perlinger@ntp.org>
+ * [Sec 3012] noepeer tweaks.  <stenn@ntp.org>
+ * [Bug 3521] Fix a logic bug in the INVALIDNAK checks.  <stenn@ntp.org>
+ * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin,
+              other TrustedBSD platforms
+   - applied patch by Ian Lepore <perlinger@ntp.org>
+ * [Bug 3506] Service Control Manager interacts poorly with NTPD <perlinger@ntp.org>
+   - changed interaction with SCM to signal pending startup
+ * [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
+ * [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
+ * [Bug 3484] ntpq response from ntpd is incorrect when REFID is null <perlinger@ntp.org>
+   - rework of ntpq 'nextvar()' key/value parsing
+ * [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) <perlinger@ntp.org>
+   - applied patch by Gerry Garvey (with mods)
+ * [Bug 3480] Refclock sample filter not cleared on clock STEP <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
+ * [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq <perlinger@ntp.org>
+   - applied patch by Gerry Garvey (with mods)
+ * [Bug 3476]ctl_putstr() sends empty unquoted string [...] <perlinger@ntp.org>
+   - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though
+ * [Bug 3475] modify prettydate() to suppress output of zero time <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
+ * [Bug 3474] Missing pmode in mode7 peer info response <perlinger@ntp.org>
+   - applied patch by Gerry Garvey
  * [Bug 3471] Check for openssl/[ch]mac.h.  HStenn.
    - add #define ENABLE_CMAC support in configure.  HStenn.
  * [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL <perlinger@ntp.org>