From: Harlan Stenn <stenn@ntp.org>
Date: Sat, 11 Apr 2020 07:12:47 +0000 (+0000)
Subject: update
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=36f8e9acaff14280f110ad12c9abdac9db5cae12;p=thirdparty%2Fntp.git

update

bk: 5e916defP6aaTe0HXOm3Cb2iBhhT6A
---

diff --git a/NEWS b/NEWS
index e1ed00056..60d4d699c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,25 @@
+---
+NTP 4.2.8p15 (Harlan Stenn <stenn@ntp.org>, 2020 Apr 23)
+
+Focus: Security, Bug fixes
+
+Severity: MEDIUM
+
+This release fixes one vulnerability: Associations that use CMAC
+authentication between ntpd from versions 4.2.8p11/4.3.97 and
+4.2.8p14/4.3.100 will leak a small amount of memory for each packet.
+Eventually, ntpd will run out of memory and abort.
+
+It also fixes 46 other bugs and addresses
+4 other issues.
+
+* [Bug 3655] ntpdc memstats hash counts <perlinger@ntp.org>
+  - fix by Gerry garvey
+* [Bug 3653] Refclock jitter RMS calculation <perlinger@ntp.org>
+  - thanks to Gerry Garvey
+* [Bug 3646] Avoid sync with unsync orphan <perlinger@ntp.org>
+  - patch by Gerry Garvey
+
 ---
 NTP 4.2.8p14 (Harlan Stenn <stenn@ntp.org>, 2020 Mar 03)