| #
f5f40dd6 |
| 27-May-2024 |
Cy Schubert <cy@FreeBSD.org> |
ntp: Vendor import of ntp-4.2.8p18
MFC: 3 days
Merge commit '1f833b3fc9968c3dd7ed79ccf0525ebf16c891ad' into main
|
|
Revision tags: release/13.3.0, release/14.0.0 |
|
| #
e6bfd18d |
| 06-Jun-2023 |
Cy Schubert <cy@FreeBSD.org> |
ntp: import ntp-4.2.8p17
Fixes two small bugs including one regression.
MFC after: 3 days
Merge commit 'ab1f1aa8333369a83ff284848fc3fc2e52d5f29f'
|
| #
a466cc55 |
| 01-Jun-2023 |
Cy Schubert <cy@FreeBSD.org> |
ntp: import ntp-4.2.8p16
Security: NtpBUg3767, NtpBug3808, NtpBug3807 (CVE-2023-26555)
MFC after: immediately
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0, release/12.3.0 |
|
| #
fc393054 |
| 16-Aug-2021 |
Cy Schubert <cy@FreeBSD.org> |
ntp: Revert "Disable ntpd stack gap. When ASLR with STACK GAP != 0 ntpd suffers SIGSEGV."
This reverts commit 55263180628a386ad38b4b6621919220b137f770 because the
underlying problem was fixed by 889
ntp: Revert "Disable ntpd stack gap. When ASLR with STACK GAP != 0 ntpd suffers SIGSEGV."
This reverts commit 55263180628a386ad38b4b6621919220b137f770 because the
underlying problem was fixed by 889b56c8cd84c9a9f2d9e3b019c154d6f14d9021.
MFC after: 1 month
show more ...
|
|
Revision tags: release/13.0.0, release/12.2.0, release/11.4.0 |
|
| #
e43d33d2 |
| 05-Mar-2020 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r358466 through r358677.
|
| #
2d4e511c |
| 04-Mar-2020 |
Cy Schubert <cy@FreeBSD.org> |
MFV r358616:
Update ntp-4.2.8p13 --> 4.2.8p14.
The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele
No CVEs have been documented yet
MFV r358616:
Update ntp-4.2.8p13 --> 4.2.8p14.
The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele
No CVEs have been documented yet.
MFC after: now
Security: http://support.ntp.org/bin/view/Main/NtpBug3610
http://support.ntp.org/bin/view/Main/NtpBug3596
http://support.ntp.org/bin/view/Main/NtpBug3592
show more ...
|
| #
55263180 |
| 15-Nov-2019 |
Cy Schubert <cy@FreeBSD.org> |
Disable ntpd stack gap. When ASLR with STACK GAP != 0 ntpd suffers SIGSEGV.
PR: 241421, 241960
Reported by: Vladimir Zakharov <zakharov.vv@gmail.com>,
dewayne@heuristicsystems.com.au
Reviewed by:
Disable ntpd stack gap. When ASLR with STACK GAP != 0 ntpd suffers SIGSEGV.
PR: 241421, 241960
Reported by: Vladimir Zakharov <zakharov.vv@gmail.com>,
dewayne@heuristicsystems.com.au
Reviewed by: kib, imp (previous version), ian (suggestion)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D22358
show more ...
|
|
Revision tags: release/12.1.0 |
|
| #
f05b9584 |
| 21-Sep-2019 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r352537 through r352586.
|
| #
20674acb |
| 19-Sep-2019 |
Cy Schubert <cy@FreeBSD.org> |
Follow up on r352304 which disabled default mlockall() at startup.
Unfortunately though the original tarball supports this in ./configure
(for Linux), to fully support disabling of mlockall() by defa
Follow up on r352304 which disabled default mlockall() at startup.
Unfortunately though the original tarball supports this in ./configure
(for Linux), to fully support disabling of mlockall() by default requires
a little extra help otherwise the following is logged in syslog:
Cannot set RLIMIT_MEMLOCK: Operation not permitted
MFC after: 2 weeks
X-MFC with: r352304
show more ...
|
|
Revision tags: release/11.3.0 |
|
| #
2aaf9152 |
| 18-Mar-2019 |
Alan Somers <asomers@FreeBSD.org> |
MFHead@r345275
|
| #
ff511f1f |
| 11-Mar-2019 |
Enji Cooper <ngie@FreeBSD.org> |
MFhead@r344996
|
| #
052d159a |
| 07-Mar-2019 |
Cy Schubert <cy@FreeBSD.org> |
MFV r344878:
4.2.8p12 --> 4.2.8p13
MFC after: immediately
Security: CVE-2019-8936
VuXML: c2576e14-36e2-11e9-9eda-206a8a720317
Obtained from: nwtime.org
|
|
Revision tags: release/12.0.0 |
|
| #
7847e041 |
| 24-Aug-2018 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r338026 through r338297, and resolve conflicts.
|
| #
4e1ef62a |
| 21-Aug-2018 |
Xin LI <delphij@FreeBSD.org> |
MFV r338092: ntp 4.2.8p12.
Relnotes: yes
|
| #
3496c981 |
| 20-Jul-2018 |
Ian Lepore <ian@FreeBSD.org> |
Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting
Make it possible to run ntpd as a non-root user, add ntpd uid and gid.
Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.
This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.
Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.
Differential Revision: https://reviews.freebsd.org/D16281
show more ...
|
|
Revision tags: release/11.2.0 |
|
| #
09100258 |
| 28-Feb-2018 |
Xin LI <delphij@FreeBSD.org> |
MFV r330102: ntp 4.2.8p11
|
|
Revision tags: release/10.4.0, release/11.1.0 |
|
| #
f0574f5c |
| 23-Mar-2017 |
Xin LI <delphij@FreeBSD.org> |
MFV r315791: ntp 4.2.8p10.
|
|
Revision tags: release/11.0.1, release/11.0.0 |
|
| #
4990d495 |
| 27-Apr-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r298691:
ntp 4.2.8p7.
Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security: CVE-2016-2519
Security:
MFV r298691:
ntp 4.2.8p7.
Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security: CVE-2016-2519
Security: FreeBSD-SA-16:16.ntp
With hat: so
show more ...
|
|
Revision tags: release/10.3.0 |
|
| #
f9421853 |
| 25-Jan-2016 |
Glen Barber <gjb@FreeBSD.org> |
MFH
Sponsored by: The FreeBSD Foundation
|
| #
d9b9dae1 |
| 22-Jan-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r294169 through r294598.
|
| #
009e81b1 |
| 22-Jan-2016 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
MFH @r294567
|
| #
68ba7e87 |
| 22-Jan-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r294491: ntp 4.2.8p6.
Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975
Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978
Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139
Security:
MFV r294491: ntp 4.2.8p6.
Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975
Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978
Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139
Security: CVE-2015-8140, CVE-2015-8158
With hat: so
show more ...
|
| #
e6068002 |
| 12-Jan-2016 |
Glen Barber <gjb@FreeBSD.org> |
MFH
Sponsored by: The FreeBSD Foundation
|
| #
b229c1a0 |
| 08-Jan-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r293280 through r293429.
|
| #
3311ff84 |
| 08-Jan-2016 |
Xin LI <delphij@FreeBSD.org> |
MFV r293415:
ntp 4.2.8p5
Reviewed by: cy, roberto
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D4828
|