Hello community, here is the log from the commit of package ntp for openSUSE:Factory checked in at 2015-04-22 01:16:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ntp (Old) and /work/SRC/openSUSE:Factory/.ntp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ntp" Changes: -------- --- /work/SRC/openSUSE:Factory/ntp/ntp.changes 2015-04-07 09:28:13.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ntp.new/ntp.changes 2015-04-22 01:16:27.000000000 +0200 @@ -1,0 +2,9 @@ +Tue Apr 7 10:50:00 UTC 2015 - [email protected] + +- update to 4.2.8p2 + * fixes CVE-2015-1798, CVE-2015-1799 (medium-severity + vulnerabilities involving private key authentication) + * bug fixes and enhancements + * New script: update-leap + +------------------------------------------------------------------- @@ -4,0 +14,22 @@ + +------------------------------------------------------------------- +Mon Mar 16 16:50:03 UTC 2015 - [email protected] + +- update to 4.2.8p1 + * fixes CVE-2014-9297, CVE-2014-9298 + * over 30 bugfixes and improvements +- update to 4.2.8 + * fixes CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296 + * changed Internal NTP Era counters + * ntpdc responses disabled by default + * over 1100 issues resolved between the 4.2.6 branch and 4.2.8 +- adjusted patches to fit 4.2.8p1: + ntp-segfault_on_invalid_device.patch bnc#506908.diff MOD_NANO.diff +- removed obsolete / now-in-upstream patches: + ntpd-maxmonmen.patch ntp-code-cleanup.patch ntp-sntp-recverr.patch + bnc#817893.patch ntp-CVE-2014-9295.patch ntp-CVE-2014-9296.patch +- changes to spec file: + * added --datadir (for private perl module needed by ntp scripts) + and --html-dir (html docs now get installed by "make install") + to configure options + * script ntp-wait has moved in source tree Old: ---- bnc#817893.patch ntp-4.2.6p5.tar.bz2 ntp-CVE-2014-9295.patch ntp-CVE-2014-9296.patch ntp-code-cleanup.patch ntp-sntp-recverr.patch ntpd-maxmonmen.patch New: ---- ntp-4.2.8p2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ntp.spec ++++++ --- /var/tmp/diff_new_pack.bxTiu0/_old 2015-04-22 01:16:28.000000000 +0200 +++ /var/tmp/diff_new_pack.bxTiu0/_new 2015-04-22 01:16:28.000000000 +0200 @@ -21,14 +21,14 @@ %global _ntpunitsdir %{_libexecdir}/systemd/ntp-units.d %endif Name: ntp -Version: 4.2.6p5 +Version: 4.2.8p2 Release: 0 Summary: Network Time Protocol daemon (version 4) License: (MIT and BSD-3-Clause and BSD-4-Clause) and GPL-2.0 Group: Productivity/Networking/Other Url: http://www.ntp.org/ # main source -Source0: http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-%{version}.tar.bz2 +Source0: http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-%{version}.tar.gz # configuration Source1: conf.logrotate.ntp Source2: conf.ntp.conf @@ -48,18 +48,12 @@ Source15: conf.ntptimeset Source16: ntp.NetworkManager Patch1: ntp-segfault_on_invalid_device.patch -Patch4: ntpd-maxmonmen.patch Patch10: ntp-strcat.patch Patch11: ntp-4.2.6p2-seed_file.patch -Patch13: ntp-code-cleanup.patch Patch15: bnc#506908.diff Patch16: MOD_NANO.diff Patch18: bnc#574885.diff Patch19: ntp-4.2.6p2-ntpq-speedup-782060.patch -Patch20: ntp-sntp-recverr.patch -Patch21: bnc#817893.patch -Patch22: ntp-CVE-2014-9295.patch -Patch23: ntp-CVE-2014-9296.patch BuildRequires: autoconf BuildRequires: avahi-compat-mDNSResponder-devel BuildRequires: fdupes @@ -118,21 +112,15 @@ # unpack ntp-faq tar -x -C html -j -f %{SOURCE10} %patch1 -%patch4 -p1 # copy README.SUSE cp %{SOURCE12} . tar xzf %{SOURCE13} %patch10 -p1 %patch11 -%patch13 %patch15 %patch16 %patch18 %patch19 -%patch20 -%patch21 -%patch22 -p1 -%patch23 -p1 # fix DOS line breaks sed -i 's/\r//g' html/scripts/{footer.txt,style.css} @@ -153,6 +141,8 @@ --bindir=%{_sbindir} \ --mandir=%{_mandir} \ --infodir=%{_infodir} \ + --datadir=%{_datadir} \ + --htmldir=%{_docdir}/ntp-doc \ --enable-parse-clocks \ --enable-all-clocks \ --enable-linuxcaps \ @@ -225,7 +215,7 @@ # install -d %{buildroot}%{_datadir}/omc/svcinfo.d/ install -m 644 %{SOURCE14} %{buildroot}%{_datadir}/omc/svcinfo.d/ -install -m 755 scripts/ntp-wait %{buildroot}%{_sbindir}/ +install -m 755 scripts/ntp-wait/ntp-wait %{buildroot}%{_sbindir}/ %if %{defined _ntpunitsdir} install -d %{buildroot}%{_ntpunitsdir} @@ -320,6 +310,7 @@ %dir %{_sysconfdir}/NetworkManager/dispatcher.d %config %{_sysconfdir}/NetworkManager/dispatcher.d/ntp %{_sbindir}/* +%{_datadir}/ntp %if 0%{?suse_version} > 1310 /usr/lib/initscripts/legacy-actions/ntpd %else @@ -338,6 +329,6 @@ %files doc %defattr(-,root,root) -%doc html/* +%doc %{_docdir}/ntp-doc %changelog ++++++ MOD_NANO.diff ++++++ --- /var/tmp/diff_new_pack.bxTiu0/_old 2015-04-22 01:16:28.000000000 +0200 +++ /var/tmp/diff_new_pack.bxTiu0/_new 2015-04-22 01:16:28.000000000 +0200 @@ -7,13 +7,13 @@ #endif +#if defined(ADJ_NANO) && !defined(MOD_NANO) -+#define MOD_NANO ADJ_NANO ++# define MOD_NANO ADJ_NANO +#endif + +#if defined(ADJ_TAI) && !defined(MOD_TAI) -+#define MOD_TAI ADJ_TAI ++# define MOD_TAI ADJ_TAI +#endif + #ifndef NTP_SYSCALLS_LIBC - #ifdef NTP_SYSCALLS_STD - # define ntp_adjtime(t) syscall(SYS_ntp_adjtime, (t)) + # ifdef NTP_SYSCALLS_STD + # define ntp_adjtime(t) syscall(SYS_ntp_adjtime, (t)) ++++++ bnc#506908.diff ++++++ --- /var/tmp/diff_new_pack.bxTiu0/_old 2015-04-22 01:16:28.000000000 +0200 +++ /var/tmp/diff_new_pack.bxTiu0/_new 2015-04-22 01:16:28.000000000 +0200 @@ -1,13 +1,15 @@ -Index: scripts/ntptrace.in +Index: scripts/lib/NTP/Util.pm =================================================================== ---- scripts/ntptrace.in.orig -+++ scripts/ntptrace.in -@@ -6,7 +6,7 @@ use Socket; - use Getopt::Std; - use vars qw($opt_n $opt_m); +--- scripts/lib/NTP/Util.pm.orig ++++ scripts/lib/NTP/Util.pm +@@ -7,8 +7,8 @@ --$ntpq = "ntpq"; -+$ntpq = "/usr/sbin/ntpq"; + our @EXPORT_OK = qw(ntp_read_vars do_dns ntp_peers ntp_sntp_line); + +-my $ntpq_path = 'ntpq'; +-my $sntp_path = 'sntp'; ++my $ntpq_path = '/usr/sbin/ntpq'; ++my $sntp_path = '/usr/sbin/sntp'; + + our $IP_AGNOSTIC; - $Getopt::Std::STANDARD_HELP_VERSION=1; - getopts('nm:'); ++++++ ntp-segfault_on_invalid_device.patch ++++++ --- /var/tmp/diff_new_pack.bxTiu0/_old 2015-04-22 01:16:28.000000000 +0200 +++ /var/tmp/diff_new_pack.bxTiu0/_new 2015-04-22 01:16:28.000000000 +0200 @@ -3,7 +3,7 @@ --- ntpd/refclock_parse.c.orig +++ ntpd/refclock_parse.c @@ -3409,6 +3409,10 @@ parse_control( - struct parseunit *parse = (struct parseunit *)peer->procptr->unitptr; + struct parseunit *parse = peer->procptr->unitptr; parsectl_t tmpctl; + /* If opening the clock device failed, unitptr is NULL */ ++++++ ntp-strcat.patch ++++++ --- /var/tmp/diff_new_pack.bxTiu0/_old 2015-04-22 01:16:29.000000000 +0200 +++ /var/tmp/diff_new_pack.bxTiu0/_new 2015-04-22 01:16:29.000000000 +0200 @@ -3,11 +3,11 @@ --- ntp-4.2.6p5.orig/ntpd/refclock_parse.c +++ ntp-4.2.6p5/ntpd/refclock_parse.c @@ -3668,7 +3668,7 @@ parse_process( - + NLOG(NLOG_CLOCKINFO) /* conditional if clause for conditional syslog */ msyslog(LOG_WARNING, "PARSE receiver #%d: conversion status \"%s\"", - CLK_UNIT(parse->peer), parsestatus(parsetime->parse_status, buffer, sizeof(buffer))); + CLK_UNIT(parse->peer), parsestatus(parsetime->parse_status, buffer, sizeof(buffer) - strlen(buffer) - 1)); - + if ((parsetime->parse_status & CVT_MASK) == CVT_FAIL) {
