From: NTP Release Engineering Date: Fri, 7 Jun 2019 07:17:43 +0000 (-0700) Subject: Merge ntp-build.tal1.ntfo.org:/ntpbuild/data/master/ntp-stable/ X-Git-Tag: NTP_4_3_98~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c68f8f0157010fc167c94f5236e671b35ca2471a;p=thirdparty%2Fntp.git Merge ntp-build.tal1.ntfo.org:/ntpbuild/data/master/ntp-stable/ into ntp-build.tal1.ntfo.org:/ntpbuild/data/newdev/ntp-dev bk: 5cfa0f97xV_YfuKl46sBjQB64rvKrg --- c68f8f0157010fc167c94f5236e671b35ca2471a diff --cc ChangeLog index 470a2ef91,f381a093c..4318fe791 --- a/ChangeLog +++ b/ChangeLog @@@ -1,5 -1,66 +1,69 @@@ ++From ntp-4.2.8p12: + --- + (4.2.8p12) 2018/08/14 Released by Harlan Stenn + + * [Sec 3505] CVE-2018-12327 - Arbitrary Code Execution Vulnerability + - fixed stack buffer overflow in the openhost() command-line call + of NTPQ/NTPDC + * [Sec 3012] noepeer tweaks. + * [Bug 3521] Fix a logic bug in the INVALIDNAK checks. + * [Bug 3509] Add support for running as non-root on FreeBSD, Darwin, + other TrustedBSD platforms + - applied patch by Ian Lepore + * [Bug 3506] Service Control Manager interacts poorly with NTPD + - changed interaction with SCM to signal pending startup + * [Bug 3486] Buffer overflow in ntpq/ntpq.c:tstflags() + - applied patch by Gerry Garvey + * [Bug 3485] Undefined sockaddr used in error messages in ntp_config.c + - applied patch by Gerry Garvey + * [Bug 3484] ntpq response from ntpd is incorrect when REFID is null + - rework of ntpq 'nextvar()' key/value parsing + * [Bug 3482] Fixes for compilation warnings (ntp_io.c & ntpq-subs.c) + - applied patch by Gerry Garvey (with mods) + * [Bug 3480] Refclock sample filter not cleared on clock STEP + - applied patch by Gerry Garvey + * [Bug 3479] ctl_putrefid() allows unsafe characters through to ntpq + - applied patch by Gerry Garvey (with mods) + * [Bug 3476]ctl_putstr() sends empty unquoted string [...] + - applied patch by Gerry Garvey (with mods); not sure if that's bug or feature, though + * [Bug 3475] modify prettydate() to suppress output of zero time + - applied patch by Gerry Garvey + * [Bug 3474] Missing pmode in mode7 peer info response + - applied patch by Gerry Garvey + * [Bug 3471] Check for openssl/[ch]mac.h. HStenn. + - add #define ENABLE_CMAC support in configure. HStenn. + * [Bug 3470] ntpd4.2.8p11 fails to compile without OpenSSL + * [Bug 3469] Incomplete string compare [...] in is_refclk_addr + - patch by Stephen Friedl + * [Bug 3467] Potential memory fault in ntpq [...] + - fixed IO redirection and CTRL-C handling in ntq and ntpdc + * [Bug 3465] Default TTL values cannot be used + * [Bug 3461] refclock_shm.c: clear error status on clock recovery + - initial patch by Hal Murray; also fixed refclock_report() trouble + * [Bug 3460] Fix typo in ntpq.texi, reported by Kenyon Ralph. + * [Bug 3456] Use uintptr_t rather than size_t to store an integer in a pointer + - According to Brooks Davis, there was only one location + * [Bug 3449] ntpq - display "loop" instead of refid [...] + - applied patch by Gerry Garvey + * [Bug 3445] Symmetric peer won't sync on startup + - applied patch by Gerry Garvey + * [Bug 3442] Fixes for ntpdate as suggested by Gerry Garvey, + with modifications + New macro REFID_ISTEXT() which is also used in ntpd/ntp_control.c. + * [Bug 3434] ntpd clears STA_UNSYNC on start + - applied patch by Miroslav Lichvar + * [Bug 3426] ntpdate.html -t default is 2 seconds. Leonid Evdokimov. + * [Bug 3121] Drop root privileges for the forked DNS worker + - integrated patch by Reinhard Max + * [Bug 2821] minor build issues + - applied patches by Christos Zoulas, including real bug fixes + * html/authopt.html: cleanup, from + * ntpd/ntpd.c: DROPROOT cleanup. + * Symmetric key range is 1-65535. Update docs. + * html/authentic.html: cleanup, from + +(4.3.97) 2019/06/06 Released by Harlan Stenn +From 4.2.8p11: --- (4.2.8p11) 2018/02/27 Released by Harlan Stenn