From: Harlan Stenn Date: Wed, 9 Nov 2016 09:25:24 +0000 (+0000) Subject: Merge psp-deb1.ntp.org:/home/perlinger/ntp-stable-3114 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2b205d4e8c90b694303a74bd850d9a9a5d5daa3;p=thirdparty%2Fntp.git Merge psp-deb1.ntp.org:/home/perlinger/ntp-stable-3114 into psp-deb1.ntp.org:/home/stenn/ntp-stable-p9-3114 bk: 5822eb84r2s5Cwo1VQ4iK-ZgUYL7qQ --- f2b205d4e8c90b694303a74bd850d9a9a5d5daa3 diff --cc ChangeLog index be672ed91,02e91f937..480ccbcbe --- a/ChangeLog +++ b/ChangeLog @@@ -1,58 -1,6 +1,61 @@@ --- +(4.2.8p9) 2016/MM/DD Released by Harlan Stenn + +* [Sec 3119] Trap crash +* [Sec 3118] Mode 6 information disclosure and DDoS vector + - TRAP config via mode 6 packet requires AUTH now. + * [Sec 3114] Broadcast Mode Replay Prevention DoS + - applied patches by Matthew Van Gundy. ++ - with tweaks and cleanup by stenn@ntp.org +* [Sec 3113] Broadcast Mode Poll Interval Enforcement DoS + - applied fix as suggested by Matthew Van Gundy +* [Sec 3110] Windows: ntpd DoS by oversized UDP packet + - fixed error handling for truncated UDP packets. +* [Sec 3102] Zero origin issues. HStenn. +* [Sec 3082] null pointer dereference in _IO_str_init_static_internal() + - more hardening to read_mru_list(). perlinger@ntp.org +* [Sec 3072] Attack on interface selection + - implemented Miroslav Lichvars suggestion + to skip interface updates based on incoming packets +* [Bug 3125] NTPD doesn't fully start when ntp.conf entries are out of order + using the loopback-ppsapi-provider.dll +* [Bug 3116] unit tests for NTP time stamp expansion. +* [Bug 3100] ntpq can't retrieve daemon_version + - fixed extended sysvar lookup (bug introduced with bug 3008 fix) +* [Bug 3095] Compatibility with openssl 1.1 + - applied patches by Kurt Roeckx to source + - added shim layer for SSL API calls with issues (both directions) +* [Bug 3084] update-leap mis-parses the leapfile name. HStenn. +* [Bug 3068] Linker warnings when building on Solaris. perlinger@ntp.org + - applied patch thanks to Andrew Stormont +* [Bug 3066] NMEA clock ignores pps. perlinger@ntp.org + - PPS-HACK works again. +* [Bug 3059] Potential buffer overrun from oversized hash + - applied patch by Brian Utterback +* [Bug 3053] ntp_loopfilter.c frequency calc precedence error. Sarah White. +* [Bug 3050] Fix for bug #2960 causes [...] spurious error message. + + - patches by Reinhard Max and Havard Eidnes +* [Bug 3047] Fix refclock_jjy C-DEX JST2000. abe@ntp.org + - Patch provided by Kuramatsu. +* [Bug 3021] unity_fixture.c needs pragma weak + - removed unnecessary & harmful decls of 'setUp()' & 'tearDown()' +* [Bug 2998] sntp/tests/packetProcessing.c broken without openssl. JPerlinger +* [Bug 2961] sntp/tests/packetProcessing.c assumes AUTOKEY. HStenn. +* [Bug 2959] refclock_jupiter: gps week correction + - fixed GPS week expansion to work based on build date. Special thanks + to Craig Leres for initial patch and testing. +* [Bug 2951] ntpd tests fail: multiple definition of `send_via_ntp_signd' + - fixed Makefile.am +* [Bug 2689] ATOM driver processes last PPS pulse at startup, + even if it is very old + - make sure PPS source is alive before processing samples + - improve stability close to the 500ms phase jump (phase gate) +* Fix typos in include/ntp.h. +* Shim X509_get_signature_nid() if needed. +* git author attribution cleanup +* bk ignore file cleanup +* remove locks in Windows IO, use rpc-like thread synchronisation instead --- (4.2.8p8) 2016/06/02 Released by Harlan Stenn