Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: ntpsec | Distribution: openSUSE Tumbleweed |
Version: 1.2.3 | Vendor: openSUSE |
Release: 1.1 | Build date: Wed Apr 17 11:27:12 2024 |
Group: Unspecified | Build host: reproducible |
Size: 754831 | Source RPM: ntpsec-1.2.3-1.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://www.ntpsec.org/ | |
Summary: Improved implementation of Network Time Protocol |
A more secure implementation of NTP, derived from NTP Classic, Dave Mills’s original.
BSD-2-Clause AND NTP AND BSD-3-Clause AND MIT
* Wed Apr 17 2024 Martin Hauke <mardnh@gmx.de> - Updat to version 1.2.3 * Change mode6 alignment to four, which may break some compatibility with classic NTP. * Seccomp should now also yield invalid syscall names when dying. * Make ntpq stop dropping output timestamp leading zeroes. * Update documents in quite a few places. * Reset some stats hourly, even when not logged into files. * Add error logging, and stats for ms-sntp. * Add spacing between multiple peer views in ntpq. * We think we have fixed ms-sntp but we can’t test it. * ntpd and ntpq both treat SHA-1 as an alias for SHA1 NIST uses SHA-1. The crypto package from OpenSSL uses SHA1. * The default crypto type for ntpq is now AES. RFC 8573 deprecated MD5. * There are now log files with hourly statistics for NTS and NTS-KE traffic: filegen ntsstats and filegen ntskestats, * Update ntpsnmpd to use python built-in to get uname information. * Update license file names for REUSE compliance. * Fix ntploggps issue where count_used_satellites checked before it is initialized. * Print out OpenSSL version at configure time. * Enable debug symbols by default, with only an option to disable. * Add support for ecdhcurves list. * Fix ntpdig crash when using 2.ntp.pool.org with a host without IPv6 support. * Do not install libaes_siv test anymore. * Add update option to buildprep. * ntpdig shows packet delay in JSON output. * Thu Feb 22 2024 Dominique Leuenberger <dimstar@opensuse.org> - Use %patch -P N instead of deprecated %patchN. * Sat Nov 25 2023 Dirk Müller <dmueller@suse.com> - update to 1.2.2a (bsc#1214024, CVE-2023-4012): * Fix a crash in ntpd if NTS is disabled and an NTS-enabled client request (mode 3) is received. (CVE-2023-4012) * Mon Feb 06 2023 Marcus Meissner <meissner@suse.com> - Updated to version 1.2.2 - Restore/cleanup NTPv1 support - ntpq sysstats now shows NTPv1 traffic. - NTPv1 counter added to sysstats log file. - NTS supports partial wildcards, for example *.example.com - Work on documentation, ntpdate, ntpheat, ntploggpg, ntpq's sysstats, ntpviz, and seccomp. - NTP auth no longer breaks on NULs. - The NTS server now saves 10 days worth of cookie keys. This will allow clients that only poll once a day to use NTS without using NTS-KE to keep cookies up to date. - rawstats now logs dropped packets and their BOGON code - Only one per request to avoid DoSing the log file - This lets you see packets that take too long. - Add 4 or 6 to DNS/NTS RefID tags to indicate that the DNS or NTS-KE has succeeded but NTP has not worked yet. - Build improvements - Restore Python 2.6 support - Restore LibreSSL support - Add support for OpenSSL 3.0 - Fix hash validation in ntpleapfetch again. - FreeBSD now gets nanosecond resolution on receive time stamps. - added ntpsec.keyring * Tue Oct 12 2021 Johannes Segitz <jsegitz@suse.com> - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_ntp-wait.service.patch * harden_ntpd.service.patch * harden_ntplogtemp.service.patch * harden_ntpviz-daily.service.patch * harden_ntpviz-weekly.service.patch * Wed Jun 09 2021 Martin Hauke <mardnh@gmx.de> - Update to version 1.2.1 * Update ntpkeygen/keygone to properly filter # characters. Fix security issue: CVE-2021-22212 * Add dextral peers mode in ntpq and ntpmon. * Drop NTPv1 as the support was not RFC compliant, maybe v2 except mode 6 next. * Fix argument P for ntpd parsing fixed and ntpdate improvements. * Fix crash for raw ntpq readvar. * Add processor usage to NTS-KE logging except on NetBSD. * Remove --build-epoch and replace it with arbitrary - -build-desc text. Passing '--build-desc=$(date -u +%Y-%m-%dT%H:%M:%Sz)' restores the previous default extended version. * The build epoch has been replaced with a hardcoded timestamp which will be manually updated every nine years or so (approx 512w). This makes the binaries reproducible by default. * Compare versions of ntp.ntpc and libntpc printing a warning if mismatched. Fix libntpc install path if using it. * Reduce maxclocks default to 5 to reduce the NTP pool load. * Print LIBDIR during ./waf configure. * Add documentation, new GPG key, and other cleanups. - Update to version 1.2.0 * The minor version bump is to indicate official official support of RFC8915 "Network Time Security for the Network Time Protocol" which was released 2020-09-30. * NTS-KE client now defaults to port 4460. * NTS-KE server now listens on port 4460. (Listening on port 123 has been removed.) * The shebang of installed Python scripts can now be customized with: waf configure --pyshebang="…" This has multiple uses, but one example is for distros (like CentOS 8 or Ubuntu 20.04) with no python executable: python3 waf configure - -pyshebang="/usr/bin/env python3" * NTP clients now use a shared library with Python instead of an extension. * Add flakiness option to ntpq and fixed limit=1 in mrulist. * Fixed a minor formatting issue in rate page. - Create subpackages for libntpc and ntpsec-devel * Fri Jan 08 2021 Martin Hauke <mardnh@gmx.de> - Let system-user-ntp handle the user/group generation * Fri May 29 2020 Christophe Giboudeaux <christophe@krop.fr> - Update to 1.1.9. See the NEWS.adoc file for the full list of changes. * Correctly parse ntpq :config output on Python 3 and check return MACs. * Add AES and other algorithm support to ntpq and ntpdig, from OpenSSL. * Remove support for NetInfo. * The default restrictions now start with noquery and limited to reduce the opportunities for being used for DDoS-ing. * NTS client now requires ALPN on TLSv1.3. * asciidoctor (1.5.8 or newer) is now supported and is the preferred AsciiDoc processor. * Mon Feb 17 2020 Tomáš Chvátal <tchvatal@suse.com> - Update to 1.1.8: * Fix bug in NTS-KE client so that NTP server names work. * Fix/tweak several NTS logging messages. * Mon Oct 14 2019 Tomáš Chvátal <tchvatal@suse.com> - Update the unit install commands wrt bsc#1153841
/etc/logrotate.d/ntp /etc/ntp.conf /usr/bin/ntpfrob /usr/bin/ntpleapfetch /usr/bin/ntptime /usr/lib/systemd/system/ntpd.service /usr/sbin/ntpd /usr/sbin/rcntpd /usr/share/doc/packages/ntpsec /usr/share/doc/packages/ntpsec/NEWS.adoc /usr/share/doc/packages/ntpsec/README.adoc /usr/share/licenses/ntpsec /usr/share/licenses/ntpsec/Apache-2.0.txt /usr/share/licenses/ntpsec/BSD-2-Clause.txt /usr/share/licenses/ntpsec/BSD-3-Clause.txt /usr/share/licenses/ntpsec/BSD-4-Clause.txt /usr/share/licenses/ntpsec/Beerware.txt /usr/share/licenses/ntpsec/CC-BY-4.0.txt /usr/share/licenses/ntpsec/ISC.txt /usr/share/licenses/ntpsec/MIT.txt /usr/share/licenses/ntpsec/NTP.txt /usr/share/man/man5/ntp.conf.5.gz /usr/share/man/man5/ntp.keys.5.gz /usr/share/man/man8/ntpd.8.gz /usr/share/man/man8/ntpfrob.8.gz /usr/share/man/man8/ntpleapfetch.8.gz /usr/share/man/man8/ntptime.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Nov 13 00:41:02 2024