[ntp:hackers] NTP Development Snapshot 4.3.97 Released

NTP Public Services Project webmaster at ntp.org
Fri Jun 7 07:30:05 UTC 2019


NTP Development Snapshot 4.3.97 is now available for download.

Security Updates:

* [Sec 3453] Interleaved symmetric mode cannot recover from bad state.  HStenn.
   http://bugs.ntp.org/3453
* [Sec 3454] Unauthenticated packet can reset authenticated interleave
  associations.  HStenn.
   http://bugs.ntp.org/3454
* [Sec 3412] ctl_getitem(): Don't compare names past NUL. <perlinger at ntp.org>
   http://bugs.ntp.org/3412
* [Sec 3414] ntpq: decodearr() can write beyond its 'buf' limits
  - initial patch by <stenn at ntp.org>, extended by <perlinger at ntp.org>
   http://bugs.ntp.org/3414
* [Sec 3415] Permit blocking authenticated symmetric/passive associations.
  Implement ippeerlimit.  HStenn, JPerlinger.
   http://bugs.ntp.org/3415
* [Sec 3012] Sybil vulnerability: noepeer support.  HStenn, JPerlinger.
   http://bugs.ntp.org/3012

Bug Fixes:

* [Bug 3438] Negative values and values 999 days in... <perlinger at ntp.org>
 - applied patch by ggarvey (with minor mods)
   http://bugs.ntp.org/3438
* [Bug 3358] Spurious KoD log messages in .INIT. phase.  HStenn.
   http://bugs.ntp.org/3358
* [Bug 3439] When running multiple commands / hosts in ntpq... <perlinger at ntp.org>
 - applied patch by ggarvey
   http://bugs.ntp.org/3439
* [Bug 3404] Fix openSSL DLL usage under Windows <perlinger at ntp.org>
  - fix/drop assumptions on OpenSSL libs directory layout
   http://bugs.ntp.org/3404
* [Bug 3405] update-leap.in: general cleanup, HTTPS support.  Paul McMath.
   http://bugs.ntp.org/3405
* [Bug 3450] Dubious error messages from plausibility checks in get_systime()
 - removed error log caused by rounding/slew, ensured postcondition <perlinger at ntp.org>
   http://bugs.ntp.org/3450
* [Bug 3452] PARSE driver prints uninitialized memory. <perlinger at ntp.org>
   http://bugs.ntp.org/3452
* [Bug 3408] refclock_jjy.c: Avoid a wrong report of the coverity static
  analysis tool. <abe at ntp.org>
   http://bugs.ntp.org/3408
* [Bug 3455] ntpd doesn't use scope id when binding multicast <perlinger at ntp.org>
 - applied patch by Sean Haugh 
   http://bugs.ntp.org/3455
* [Bug 3457] OpenSSL FIPS mode regression <perlinger at ntp.org>
   http://bugs.ntp.org/3457
* [Bug 2900] libntp build order problem.  HStenn.
   http://bugs.ntp.org/2900
* [Bug 3423] QNX adjtime() implementation error checking is
  wrong <perlinger at ntp.org>
   http://bugs.ntp.org/3423
* [Bug 3424] Trimble Thunderbolt 1024 week millenium bug <perlinger at ntp.org>
  - initial patch by Daniel Pouzzner
   http://bugs.ntp.org/3424
* [Bug 3391] ntpd segfaults on startup due to small warmup thread stack size
  - increased mimimum stack size to 32kB <perlinger at ntp.org>
   http://bugs.ntp.org/3391
* [Bug 3394] Leap second deletion does not work on ntpd clients
  - fixed handling of dynamic deletion w/o leap file <perlinger at ntp.org>
   http://bugs.ntp.org/3394
* [Bug 3397] ctl_putstr() asserts that data fits in its buffer
  rework of formatting & data transfer stuff in 'ntp_control.c'
  avoids unecessary buffers and size limitations. <perlinger at ntp.org>
   http://bugs.ntp.org/3397
* [Bug 3441] Validate the assumption that AF_UNSPEC is 0.  stenn at ntp.org
   http://bugs.ntp.org/3441
* [Bug 3398] tests fail with core dump <perlinger at ntp.org>
  - patch contributed by Alexander Bluhm
   http://bugs.ntp.org/3398
* [Bug 3399] NTP: linker error in 4.2.8p10 during Linux cross-compilation
  - initial patch by timeflies at mail2tor.com  <perlinger at ntp.org>
   http://bugs.ntp.org/3399
* [Bug 2878] Tests are cluttering up syslog <perlinger at ntp.org>
   http://bugs.ntp.org/2878
* [Bug 3365] Updates driver40(-ja).html and miscopt.html <abe at ntp.org>
   http://bugs.ntp.org/3365
* [Bug 3447] AES-128-CMAC (fixes) <perlinger at ntp.org>
  - refactoring the MAC code, too
   http://bugs.ntp.org/3447
* [Bug 2557] Fix Thunderbolt init. ntp-bugs at bodosom.net, perlinger at ntp.
   http://bugs.ntp.org/2557
* [Bug 3367] Faulty LinuxPPS NMEA clock support in 4.2.8 <perlinger at ntp.org>
  - reverted handling of PPS kernel consumer to 4.2.6 behavior
   http://bugs.ntp.org/3367
* [Bug 3411] problem about SIGN(6) packet handling for ntp-4.2.8p10
  - raised receive buffer size to 1200 <perlinger at ntp.org>
   http://bugs.ntp.org/3411
* [Bug 3417] ntpq ifstats packet counters can be negative
  made IFSTATS counter quantities unsigned <perlinger at ntp.org>
   http://bugs.ntp.org/3417
* [Bug 2737] Wrong phone number listed for USNO. ntp-bugs at bodosom.net,
  perlinger at ntp.org
   http://bugs.ntp.org/2737
* [Bug 3016] wrong error position reported for bad ":config pool"
  - fixed location counter & ntpq output <perlinger at ntp.org>
   http://bugs.ntp.org/3016
* [Bug 3430] ntpq dumps core (SIGSEGV) for "keytype md2"
  - fixed several issues with hash algos in ntpd, sntp, ntpq,
    ntpdc and the test suites <perlinger at ntp.org>
   http://bugs.ntp.org/3430
* [Bug 948] Trustedkey config directive leaks memory. <perlinger at ntp.org>
   http://bugs.ntp.org/948
* [Bug 3433] sntp crashes when run with -a.  <stenn at ntp.org>
   http://bugs.ntp.org/3433
* [Bug 3435] anchor NTP era alignment <perlinger at ntp.org>
   http://bugs.ntp.org/3435
* [Bug 3437] ntpd tries to open socket with AF_UNSPEC domain
 - applied patch (with mods) by Miroslav Lichvar <perlinger at ntp.org>
   http://bugs.ntp.org/3437

Other Changes:

* Rename the configuration flag fifo variables.  HStenn.
* Typos.  HStenn.
* Improve saveconfig output.  HStenn.
* test_ntp_scanner_LDADD needs ntpd/ntp_io.o.  HStenn.
* Decode restrict flags on receive() debug output.  HStenn.
* refclock_jjy.c: Add missing "%s" to an msyslog() call.  HStenn.
* Decode interface flags on receive() debug output.  HStenn.
* Build ntpq and libntpq.a with NTP_HARD_*FLAGS.  perlinger at ntp.org
* Warn the user if deprecated "driftfile name WanderThreshold" is used.  HStenn.
* Fix trivial warnings from 'make check'. perlinger at ntp.org
* Update the documentation in ntp.conf.def .  HStenn.
* Fix bug in the override portion of the compiler hardening macro. HStenn.
* restrictions() must return restrict flags and ippeerlimit.  HStenn.
* record_raw_stats(): Log entire packet.  Log writes.  HStenn.
* Update ntpq peer documentation to describe the 'p' type.  HStenn.
* AES-128-CMAC support.  BInglis, HStenn, JPerlinger.
* sntp: tweak key file logging.  HStenn.
* sntp: pkt_output(): Improve debug output.  HStenn.
* update-leap: updates from Paul McMath.
* When using pkg-config, report --modversion.  HStenn.
* Clean up libevent configure checks.  HStenn.
* sntp: show the IP of who sent us a crypto-NAK.  HStenn.
* Allow .../N to specify subnet bits for IPs in ntp.keys.  HStenn, JPerlinger.
* authistrustedip() - use it in more places.  HStenn, JPerlinger.
* New sysstats: sys_lamport, sys_tsrounding.  HStenn.
* Update ntp.keys .../N documentation.  HStenn.
* Rename restrict 'flags' to 'rflags.  Use an enum for the values.  HStenn.
* Provide dump_restricts() for debugging.  HStenn.
* Use consistent 4th arg type for [gs]etsockopt.  JPerlinger.
* Some tests might need LIBM.  HStenn.
* update-leap: Allow -h/--help early.  HStenn.
* Distribute testconf.yml.  HStenn.
* Add DPRINTF(2,...) lines to receive() for packet drops.  HStenn.
* Use strlcpy() to copy strings, not memcpy().  HStenn.

Tarball:

http://archive.ntp.org/ntp4/ntp-dev/ntp-dev-4.3.97.tar.gz 

MD5 sum:

http://archive.ntp.org/ntp4/ntp-dev/ntp-dev-4.3.97.tar.gz.md5

Complete ChangeLog:

http://archive.ntp.org/ntp4/ChangeLog-dev

Please report any bugs, issues, or desired enhancements at
http://bugs.ntp.org/.



More information about the hackers mailing list