Re: NTPsec 1.2.2a released
> On 08/04/2023 6:35 PM PDT Fred Wright via devel wrote: > :::snip::: > > I notice that the two commits for that don't seem to be in any branch. > Having commits only "owned" by a tag and not a branch seems fragile. I do not think it is particularly fragile; I mean the garbage collector is that aggressive, is it? > In the process of investigating this, I noticed that only the master > branch is visible in the WebGUI, even though there are actually 25 > branches in the repo. I also only see the branch master. Then again I am not expecting to see 26 branches because we have 25 tags and master. BTW master at one point or another contained all of those tags. > Having a separate branch for each patch release could get somewhat > cluttered, but it's straightfoward to use a single branch for all patch > releases, as long as folks aren't allergic to merge commits. > > Fred Wright If it bothers you, I could add a merge request to add a 1.2.2 branch. I have a few CI changes to backport. I am not going to create another merge request unless I can get confirmation someone besides me wants it. ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
Re: NTPsec 1.2.2a released
On Fri, 4 Aug 2023, Fred Wright via devel wrote: On Fri, 4 Aug 2023, Matthew Selsky wrote: On Fri, Aug 04, 2023 at 01:47:29PM -0700, Fred Wright via devel wrote: And for that matter, what exactly is 1.2.2a, given that there's no git tag for that version? 1.2.2a is 1.2.2 + the 2 line patch to avoid the crash. We'll release 1.2.3 in late August with all of the changes in HEAD since 1.2.2 Please use "git fetch origin --tags" to pull the https://gitlab.com/NTPsec/ntpsec/-/tags/NTPsec_1_2_2a tag Oops - forgot to fetch the tags. Actually for anyone using a fork (which is desirable even for people with write access), it's more likely: git fetch upstream --tags I notice that the two commits for that don't seem to be in any branch. Having commits only "owned" by a tag and not a branch seems fragile. In the process of investigating this, I noticed that only the master branch is visible in the WebGUI, even though there are actually 25 branches in the repo. Having a separate branch for each patch release could get somewhat cluttered, but it's straightfoward to use a single branch for all patch releases, as long as folks aren't allergic to merge commits. Fred Wright ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
NTPsec 1.2.2a released
The NTPsec Project is pleased to announce the tagging of version 1.2.2a * Fix a crash in ntpd if NTS is disabled and an NTS-enabled client request (mode 3) is received. (CVE-2023-4012) #794 For other changes since the previous release, please consult the project NEWS.adoc file at https://gitlab.com/NTPsec/ntpsec/-/blob/master/NEWS.adoc Getting this release You can clone the git repo from https://gitlab.com/NTPsec/ntpsec.git and you can download the release tarballs with sums and signatures from https://ftp.ntpsec.org/pub/releases/ This release is signed with the GPG key id E57235D22764129FA4F2F4D17F52608ED0E49D76 -- Matt Selsky Release Manager NTPsec Project ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
Re: NTPsec 1.2.2a released
On Fri, 4 Aug 2023, Matthew Selsky wrote: On Fri, Aug 04, 2023 at 01:47:29PM -0700, Fred Wright via devel wrote: And for that matter, what exactly is 1.2.2a, given that there's no git tag for that version? 1.2.2a is 1.2.2 + the 2 line patch to avoid the crash. We'll release 1.2.3 in late August with all of the changes in HEAD since 1.2.2 Please use "git fetch origin --tags" to pull the https://gitlab.com/NTPsec/ntpsec/-/tags/NTPsec_1_2_2a tag Oops - forgot to fetch the tags. Actually for anyone using a fork (which is desirable even for people with write access), it's more likely: git fetch upstream --tags Fred Wright ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
Re: NTPsec 1.2.2a released
On Fri, Aug 04, 2023 at 01:47:29PM -0700, Fred Wright via devel wrote: > And for that matter, what exactly is 1.2.2a, given that there's no git tag > for that version? Hi Fred, 1.2.2a is 1.2.2 + the 2 line patch to avoid the crash. We'll release 1.2.3 in late August with all of the changes in HEAD since 1.2.2 Please use "git fetch origin --tags" to pull the https://gitlab.com/NTPsec/ntpsec/-/tags/NTPsec_1_2_2a tag Thanks, -Matt ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
Re: NTPsec 1.2.2a released
On Thu, Aug 03, 2023 at 11:38:25PM -0700, Hal Murray wrote: > Should that also go to users@ and devel@? I'll do this shortly. Thanks, -Matt ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
Re: NTPsec 1.2.2a released
On Thu, 3 Aug 2023, Hal Murray via devel wrote: Should that also go to users@ and devel@? What fraction of people on users or devel are also on announce? And for that matter, what exactly is 1.2.2a, given that there's no git tag for that version? Fred Wright ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
Re: NTPsec 1.2.2a released
Should that also go to users@ and devel@? What fraction of people on users or devel are also on announce? -- These are my opinions. I hate spam. ___ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
