Annotation of embedaddon/ntp/NEWS, revision 1.1
1.1 ! misho 1: ---
! 2: NTP 4.2.6p5 (Harlan Stenn <stenn@ntp.org>, 2011/12/24)
! 3:
! 4: Focus: Bug fixes
! 5:
! 6: Severity: Medium
! 7:
! 8: This is a recommended upgrade.
! 9:
! 10: This release updates sys_rootdisp and sys_jitter calculations to match the
! 11: RFC specification, fixes a potential IPv6 address matching error for the
! 12: "nic" and "interface" configuration directives, suppresses the creation of
! 13: extraneous ephemeral associations for certain broadcastclient and
! 14: multicastclient configurations, cleans up some ntpq display issues, and
! 15: includes improvements to orphan mode, minor bugs fixes and code clean-ups.
! 16:
! 17: New features / changes in this release:
! 18:
! 19: ntpd
! 20:
! 21: * Updated "nic" and "interface" IPv6 address handling to prevent
! 22: mismatches with localhost [::1] and wildcard [::] which resulted from
! 23: using the address/prefix format (e.g. fe80::/64)
! 24: * Fix orphan mode stratum incorrectly counting to infinity
! 25: * Orphan parent selection metric updated to includes missing ntohl()
! 26: * Non-printable stratum 16 refid no longer sent to ntp
! 27: * Duplicate ephemeral associations suppressed for broadcastclient and
! 28: multicastclient without broadcastdelay
! 29: * Exclude undetermined sys_refid from use in loopback TEST12
! 30: * Exclude MODE_SERVER responses from KoD rate limiting
! 31: * Include root delay in clock_update() sys_rootdisp calculations
! 32: * get_systime() updated to exclude sys_residual offset (which only
! 33: affected bits "below" sys_tick, the precision threshold)
! 34: * sys.peer jitter weighting corrected in sys_jitter calculation
! 35:
! 36: ntpq
! 37:
! 38: * -n option extended to include the billboard "server" column
! 39: * IPv6 addresses in the local column truncated to prevent overruns
! 40:
! 41: ---
! 42: NTP 4.2.6p4 (Harlan Stenn <stenn@ntp.org>, 2011/09/22)
! 43:
! 44: Focus: Bug fixes and portability improvements
! 45:
! 46: Severity: Medium
! 47:
! 48: This is a recommended upgrade.
! 49:
! 50: This release includes build infrastructure updates, code
! 51: clean-ups, minor bug fixes, fixes for a number of minor
! 52: ref-clock issues, and documentation revisions.
! 53:
! 54: Portability improvements affect AIX, HP-UX, Linux, OS X and 64-bit time_t.
! 55:
! 56: New features / changes in this release:
! 57:
! 58: Build system
! 59:
! 60: * Fix checking for struct rtattr
! 61: * Update config.guess and config.sub for AIX
! 62: * Upgrade required version of autogen and libopts for building
! 63: from our source code repository
! 64:
! 65: ntpd
! 66:
! 67: * Back-ported several fixes for Coverity warnings from ntp-dev
! 68: * Fix a rare boundary condition in UNLINK_EXPR_SLIST()
! 69: * Allow "logconfig =allall" configuration directive
! 70: * Bind tentative IPv6 addresses on Linux
! 71: * Correct WWVB/Spectracom driver to timestamp CR instead of LF
! 72: * Improved tally bit handling to prevent incorrect ntpq peer status reports
! 73: * Exclude the Undisciplined Local Clock and ACTS drivers from the initial
! 74: candidate list unless they are designated a "prefer peer"
! 75: * Prevent the consideration of Undisciplined Local Clock or ACTS drivers for
! 76: selection during the 'tos orphanwait' period
! 77: * Prefer an Orphan Mode Parent over the Undisciplined Local Clock or ACTS
! 78: drivers
! 79: * Improved support of the Parse Refclock trusttime flag in Meinberg mode
! 80: * Back-port utility routines from ntp-dev: mprintf(), emalloc_zero()
! 81: * Added the NTPD_TICKADJ_PPM environment variable for specifying baseline
! 82: clock slew on Microsoft Windows
! 83: * Code cleanup in libntpq
! 84:
! 85: ntpdc
! 86:
! 87: * Fix timerstats reporting
! 88:
! 89: ntpdate
! 90:
! 91: * Reduce time required to set clock
! 92: * Allow a timeout greater than 2 seconds
! 93:
! 94: sntp
! 95:
! 96: * Backward incompatible command-line option change:
! 97: -l/--filelog changed -l/--logfile (to be consistent with ntpd)
! 98:
! 99: Documentation
! 100:
! 101: * Update html2man. Fix some tags in the .html files
! 102: * Distribute ntp-wait.html
! 103:
! 104: ---
! 105: NTP 4.2.6p3 (Harlan Stenn <stenn@ntp.org>, 2011/01/03)
! 106:
! 107: Focus: Bug fixes and portability improvements
! 108:
! 109: Severity: Medium
! 110:
! 111: This is a recommended upgrade.
! 112:
! 113: This release includes build infrastructure updates, code
! 114: clean-ups, minor bug fixes, fixes for a number of minor
! 115: ref-clock issues, and documentation revisions.
! 116:
! 117: Portability improvements in this release affect AIX, Atari FreeMiNT,
! 118: FreeBSD4, Linux and Microsoft Windows.
! 119:
! 120: New features / changes in this release:
! 121:
! 122: Build system
! 123: * Use lsb_release to get information about Linux distributions.
! 124: * 'test' is in /usr/bin (instead of /bin) on some systems.
! 125: * Basic sanity checks for the ChangeLog file.
! 126: * Source certain build files with ./filename for systems without . in PATH.
! 127: * IRIX portability fix.
! 128: * Use a single copy of the "libopts" code.
! 129: * autogen/libopts upgrade.
! 130: * configure.ac m4 quoting cleanup.
! 131:
! 132: ntpd
! 133: * Do not bind to IN6_IFF_ANYCAST addresses.
! 134: * Log the reason for exiting under Windows.
! 135: * Multicast fixes for Windows.
! 136: * Interpolation fixes for Windows.
! 137: * IPv4 and IPv6 Multicast fixes.
! 138: * Manycast solicitation fixes and general repairs.
! 139: * JJY refclock cleanup.
! 140: * NMEA refclock improvements.
! 141: * Oncore debug message cleanup.
! 142: * Palisade refclock now builds under Linux.
! 143: * Give RAWDCF more baud rates.
! 144: * Support Truetime Satellite clocks under Windows.
! 145: * Support Arbiter 1093C Satellite clocks under Windows.
! 146: * Make sure that the "filegen" configuration command defaults to "enable".
! 147: * Range-check the status codes (plus other cleanup) in the RIPE-NCC driver.
! 148: * Prohibit 'includefile' directive in remote configuration command.
! 149: * Fix 'nic' interface bindings.
! 150: * Fix the way we link with openssl if openssl is installed in the base
! 151: system.
! 152:
! 153: ntp-keygen
! 154: * Fix -V coredump.
! 155: * OpenSSL version display cleanup.
! 156:
! 157: ntpdc
! 158: * Many counters should be treated as unsigned.
! 159:
! 160: ntpdate
! 161: * Do not ignore replies with equal receive and transmit timestamps.
! 162:
! 163: ntpq
! 164: * libntpq warning cleanup.
! 165:
! 166: ntpsnmpd
! 167: * Correct SNMP type for "precision" and "resolution".
! 168: * Update the MIB from the draft version to RFC-5907.
! 169:
! 170: sntp
! 171: * Display timezone offset when showing time for sntp in the local
! 172: timezone.
! 173: * Pay proper attention to RATE KoD packets.
! 174: * Fix a miscalculation of the offset.
! 175: * Properly parse empty lines in the key file.
! 176: * Logging cleanup.
! 177: * Use tv_usec correctly in set_time().
! 178: * Documentation cleanup.
! 179:
! 180: ---
! 181: NTP 4.2.6p2 (Harlan Stenn <stenn@ntp.org>, 2010/07/08)
! 182:
! 183: Focus: Bug fixes and portability improvements
! 184:
! 185: Severity: Medium
! 186:
! 187: This is a recommended upgrade.
! 188:
! 189: This release includes build infrastructure updates, code
! 190: clean-ups, minor bug fixes, fixes for a number of minor
! 191: ref-clock issues, improved KOD handling, OpenSSL related
! 192: updates and documentation revisions.
! 193:
! 194: Portability improvements in this release affect Irix, Linux,
! 195: Mac OS, Microsoft Windows, OpenBSD and QNX6
! 196:
! 197: New features / changes in this release:
! 198:
! 199: ntpd
! 200: * Range syntax for the trustedkey configuration directive
! 201: * Unified IPv4 and IPv6 restrict lists
! 202:
! 203: ntpdate
! 204: * Rate limiting and KOD handling
! 205:
! 206: ntpsnmpd
! 207: * default connection to net-snmpd via a unix-domain socket
! 208: * command-line 'socket name' option
! 209:
! 210: ntpq / ntpdc
! 211: * support for the "passwd ..." syntax
! 212: * key-type specific password prompts
! 213:
! 214: sntp
! 215: * MD5 authentication of an ntpd
! 216: * Broadcast and crypto
! 217: * OpenSSL support
! 218:
! 219: ---
! 220: NTP 4.2.6p1 (Harlan Stenn <stenn@ntp.org>, 2010/04/09)
! 221:
! 222: Focus: Bug fixes, portability fixes, and documentation improvements
! 223:
! 224: Severity: Medium
! 225:
! 226: This is a recommended upgrade.
! 227:
! 228: ---
! 229: NTP 4.2.6 (Harlan Stenn <stenn@ntp.org>, 2009/12/08)
! 230:
! 231: Focus: enhancements and bug fixes.
! 232:
! 233: ---
! 234: NTP 4.2.4p8 (Harlan Stenn <stenn@ntp.org>, 2009/12/08)
! 235:
! 236: Focus: Security Fixes
! 237:
! 238: Severity: HIGH
! 239:
! 240: This release fixes the following high-severity vulnerability:
! 241:
! 242: * [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.
! 243:
! 244: See http://support.ntp.org/security for more information.
! 245:
! 246: NTP mode 7 (MODE_PRIVATE) is used by the ntpdc query and control utility.
! 247: In contrast, ntpq uses NTP mode 6 (MODE_CONTROL), while routine NTP time
! 248: transfers use modes 1 through 5. Upon receipt of an incorrect mode 7
! 249: request or a mode 7 error response from an address which is not listed
! 250: in a "restrict ... noquery" or "restrict ... ignore" statement, ntpd will
! 251: reply with a mode 7 error response (and log a message). In this case:
! 252:
! 253: * If an attacker spoofs the source address of ntpd host A in a
! 254: mode 7 response packet sent to ntpd host B, both A and B will
! 255: continuously send each other error responses, for as long as
! 256: those packets get through.
! 257:
! 258: * If an attacker spoofs an address of ntpd host A in a mode 7
! 259: response packet sent to ntpd host A, A will respond to itself
! 260: endlessly, consuming CPU and logging excessively.
! 261:
! 262: Credit for finding this vulnerability goes to Robin Park and Dmitri
! 263: Vinokurov of Alcatel-Lucent.
! 264:
! 265: THIS IS A STRONGLY RECOMMENDED UPGRADE.
! 266:
! 267: ---
! 268: ntpd now syncs to refclocks right away.
! 269:
! 270: Backward-Incompatible changes:
! 271:
! 272: ntpd no longer accepts '-v name' or '-V name' to define internal variables.
! 273: Use '--var name' or '--dvar name' instead. (Bug 817)
! 274:
! 275: ---
! 276: NTP 4.2.4p7 (Harlan Stenn <stenn@ntp.org>, 2009/05/04)
! 277:
! 278: Focus: Security and Bug Fixes
! 279:
! 280: Severity: HIGH
! 281:
! 282: This release fixes the following high-severity vulnerability:
! 283:
! 284: * [Sec 1151] Remote exploit if autokey is enabled. CVE-2009-1252
! 285:
! 286: See http://support.ntp.org/security for more information.
! 287:
! 288: If autokey is enabled (if ntp.conf contains a "crypto pw whatever"
! 289: line) then a carefully crafted packet sent to the machine will cause
! 290: a buffer overflow and possible execution of injected code, running
! 291: with the privileges of the ntpd process (often root).
! 292:
! 293: Credit for finding this vulnerability goes to Chris Ries of CMU.
! 294:
! 295: This release fixes the following low-severity vulnerabilities:
! 296:
! 297: * [Sec 1144] limited (two byte) buffer overflow in ntpq. CVE-2009-0159
! 298: Credit for finding this vulnerability goes to Geoff Keating of Apple.
! 299:
! 300: * [Sec 1149] use SO_EXCLUSIVEADDRUSE on Windows
! 301: Credit for finding this issue goes to Dave Hart.
! 302:
! 303: This release fixes a number of bugs and adds some improvements:
! 304:
! 305: * Improved logging
! 306: * Fix many compiler warnings
! 307: * Many fixes and improvements for Windows
! 308: * Adds support for AIX 6.1
! 309: * Resolves some issues under MacOS X and Solaris
! 310:
! 311: THIS IS A STRONGLY RECOMMENDED UPGRADE.
! 312:
! 313: ---
! 314: NTP 4.2.4p6 (Harlan Stenn <stenn@ntp.org>, 2009/01/07)
! 315:
! 316: Focus: Security Fix
! 317:
! 318: Severity: Low
! 319:
! 320: This release fixes oCERT.org's CVE-2009-0021, a vulnerability affecting
! 321: the OpenSSL library relating to the incorrect checking of the return
! 322: value of EVP_VerifyFinal function.
! 323:
! 324: Credit for finding this issue goes to the Google Security Team for
! 325: finding the original issue with OpenSSL, and to ocert.org for finding
! 326: the problem in NTP and telling us about it.
! 327:
! 328: This is a recommended upgrade.
! 329: ---
! 330: NTP 4.2.4p5 (Harlan Stenn <stenn@ntp.org>, 2008/08/17)
! 331:
! 332: Focus: Minor Bugfixes
! 333:
! 334: This release fixes a number of Windows-specific ntpd bugs and
! 335: platform-independent ntpdate bugs. A logging bugfix has been applied
! 336: to the ONCORE driver.
! 337:
! 338: The "dynamic" keyword and is now obsolete and deferred binding to local
! 339: interfaces is the new default. The minimum time restriction for the
! 340: interface update interval has been dropped.
! 341:
! 342: A number of minor build system and documentation fixes are included.
! 343:
! 344: This is a recommended upgrade for Windows.
! 345:
! 346: ---
! 347: NTP 4.2.4p4 (Harlan Stenn <stenn@ntp.org>, 2007/09/10)
! 348:
! 349: Focus: Minor Bugfixes
! 350:
! 351: This release updates certain copyright information, fixes several display
! 352: bugs in ntpdc, avoids SIGIO interrupting malloc(), cleans up file descriptor
! 353: shutdown in the parse refclock driver, removes some lint from the code,
! 354: stops accessing certain buffers immediately after they were freed, fixes
! 355: a problem with non-command-line specification of -6, and allows the loopback
! 356: interface to share addresses with other interfaces.
! 357:
! 358: ---
! 359: NTP 4.2.4p3 (Harlan Stenn <stenn@ntp.org>, 2007/06/29)
! 360:
! 361: Focus: Minor Bugfixes
! 362:
! 363: This release fixes a bug in Windows that made it difficult to
! 364: terminate ntpd under windows.
! 365: This is a recommended upgrade for Windows.
! 366:
! 367: ---
! 368: NTP 4.2.4p2 (Harlan Stenn <stenn@ntp.org>, 2007/06/19)
! 369:
! 370: Focus: Minor Bugfixes
! 371:
! 372: This release fixes a multicast mode authentication problem,
! 373: an error in NTP packet handling on Windows that could lead to
! 374: ntpd crashing, and several other minor bugs. Handling of
! 375: multicast interfaces and logging configuration were improved.
! 376: The required versions of autogen and libopts were incremented.
! 377: This is a recommended upgrade for Windows and multicast users.
! 378:
! 379: ---
! 380: NTP 4.2.4 (Harlan Stenn <stenn@ntp.org>, 2006/12/31)
! 381:
! 382: Focus: enhancements and bug fixes.
! 383:
! 384: Dynamic interface rescanning was added to simplify the use of ntpd in
! 385: conjunction with DHCP. GNU AutoGen is used for its command-line options
! 386: processing. Separate PPS devices are supported for PARSE refclocks, MD5
! 387: signatures are now provided for the release files. Drivers have been
! 388: added for some new ref-clocks and have been removed for some older
! 389: ref-clocks. This release also includes other improvements, documentation
! 390: and bug fixes.
! 391:
! 392: K&R C is no longer supported as of NTP-4.2.4. We are now aiming for ANSI
! 393: C support.
! 394:
! 395: ---
! 396: NTP 4.2.0 (Harlan Stenn <stenn@ntp.org>, 2003/10/15)
! 397:
! 398: Focus: enhancements and bug fixes.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to NEWS CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ntp