Martin Pluskal (pluskalm) accepted request 718254 from Matthias Gerstner (mgerstner) almost 5 years ago (revision 184)

- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
  firewalld, see [1].
  [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html

• Files Changed
• Browse Source

Reinhard Max (rmax) accepted request 715455 from Martin Liška (marxin) almost 5 years ago (revision 183)

- Update ntp-4.2.6p2-seed_file.patch in order to not return
  0 from in a void function.
- Use %make_build in order to provide verbose output.

• Files Changed
• Browse Source

Martin Pluskal (pluskalm) accepted request 708087 from Tomáš Chvátal (scarabeus_iv) almost 5 years ago (revision 182)

- Drop the omc config fate#301838:
  * it is obsolete since SLE11

• Files Changed
• Browse Source

Martin Pluskal (pluskalm) accepted request 695079 from Thorsten Kukuk (kukuk) about 5 years ago (revision 181)

- Don't source /etc/rc.status if we don't use it.

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 5 years ago (revision 180)

- Update ro 4.2.8p13
  * CVE-2019-8936, bsc#1128525: Crafted null dereference attack in
    authenticated mode 6 packet.
  * Fix several bugs in the BANCOMM reclock driver.
  * Fix ntp_loopfilter.c snprintf compilation warnings.
  * Fix spurious initgroups() error message.
  * Fix STA_NANO struct timex units.
  * Fix GPS week rollover in libparse.
  * Fix incorrect poll interval in packet.
  * Add a missing check for ENABLE_CMAC.

• Files Changed
• Browse Source

Reinhard Max (rmax) accepted request 678071 from Franck Bui (fbui) about 5 years ago (revision 179)

- Drop use of $FIRST_ARG in ntp.spec
  The use of $FIRST_ARG was probably required because of the
  %service_* rpm macros were playing tricks on the shell positional
  parameters. This is bad practice and error prones so let's assume
  that no macros should do that anymore and hence it's safe to assume
  that positional parameters remains unchanged after any rpm macro
  call.

• Files Changed
• Browse Source

Reinhard Max (rmax) accepted request 656782 from Franck Bui (fbui) over 5 years ago (revision 178)

- No more rely on /etc/insserv.conf for adding dependencies in
  ntpd.service against time-sync.target (boo#1118375)

• Files Changed
• Browse Source

Reinhard Max (rmax) committed over 5 years ago (revision 177)

  * Add further tweaks to improve the fix for CVE-2018-7170,
    bsc#1083424.

• Files Changed
• Browse Source

Reinhard Max (rmax) committed over 5 years ago (revision 176)

- Update to 4.2.8p12
  * CVE-2018-12327, bsc#1098531: fixed stack buffer overflow in
    the openhost() command-line call of NTPQ/NTPDC.
  * Further tweaks to improve the fix for CVE-2018-7170.
  * ntp-usrgrp-resolver.patch was integrated upstream.
- Don't run autoreconf anymore and remove all related hacks and
  BuildRequires.

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 6 years ago (revision 175)

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 6 years ago (revision 174)

- Refactor the key handling in %post so that it does not overwrite
  user settings (bsc#1036505) and is more robust against ignored
  SIGPIPE (bsc#1090564).

• Files Changed
• Browse Source

Martin Pluskal (pluskalm) accepted request 588327 from Christian Boltz (cboltz) about 6 years ago (revision 173)

- change example statsdir in ntp.conf to /var/log/ntpstats/ to match
  the AppArmor profile (boo#1076247)

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 6 years ago (revision 172)

Fix typo in changes

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 6 years ago (revision 171)

- Update to 4.2.8p11 (bsc#1082210):

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 6 years ago (revision 170)

- Update to 4.2.8p10 (bsc#1082210):
  * CVE-2016-1549: Sybil vulnerability: ephemeral association
    attack. While fixed in ntp-4.2.8p7, there are significant
    additional protections for this issue in 4.2.8p11.
  * CVE-2018-7182, bsc#1083426: ctl_getitem(): buffer read overrun
    leads to undefined behavior and information leak.
  * CVE-2018-7170, bsc#1083424: Multiple authenticated ephemeral
    associations.
  * CVE-2018-7184, bsc#1083422: Interleaved symmetric mode cannot
    recover from bad state.
  * CVE-2018-7185, bsc#1083420: Unauthenticated packet can reset
    authenticated interleaved association.
  * CVE-2018-7183, 1083417: ntpq:decodearr() can write beyond its
    buffer limit.
  * Obsoletes these patches: ntp-sntp-a.patch, ntp-warnings.patch
- Remove dead code from conf.start-ntpd (bsc#1082063).
- Don't use libevent's cached time stamps in sntp.
  (bsc#1077445, ntp-sntp-libevent.patch)

• Files Changed
• Browse Source

Reinhard Max (rmax) committed over 6 years ago (revision 169)

- Add ntp-reproducible.patch to make build reproducible (boo#1047218)

• Files Changed
• Browse Source

Reinhard Max (rmax) committed over 6 years ago (revision 168)

- Restart nptd if failed or aborted (FATE#315133).
- Do not try to set the HW clock when adding a server at runtime
  to avoid blocking systemd.

• Files Changed
• Browse Source

Reinhard Max (rmax) accepted request 559102 from Bernhard Wiedemann (bmwiedemann) over 6 years ago (revision 167)

Add ntp-4.2.8p10-reproducible.patch to make build reproducible (boo#1047218)

• Files Changed
• Browse Source

Reinhard Max (rmax) accepted request 544753 from Richard Brown (RBrownSUSE) over 6 years ago (revision 166)

Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)

• Files Changed
• Browse Source

Reinhard Max (rmax) committed about 7 years ago (revision 165)

- Enable experimental leap smearing (fate#321003).
  See /usr/share/doc/packages/ntp/README.leapsmear for details.

• Files Changed
• Browse Source