%define pver p5 %define ntp_user ntp %define ntp_group ntp Summary: Synchronizes system time using the Network Time Protocol (NTP) Name: ntp Version: 4.2.6%{pver} %define subrel 7 Release: %mkrel 24 License: BSD-Style Group: System/Servers URL: http://www.ntp.org/ Source0: http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/%{name}-%{version}.tar.gz Source99: http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/%{name}-%{version}.tar.gz.md5 Source1: ntp.conf Source2: ntp.keys Source4: ntpstat-0.2.tar.bz2 Source7: ntpd.sysconfig Source11: 50-ntpd.list Source12: ntpd.service Source13: ntpdate.service Source14: ntp-wait.service Source15: ntpdate.wrapper Source16: ntpdate.sysconfig Patch1: ntp-4.2.6p1-sleep.patch Patch2: ntp-4.2.6p4-droproot.patch Patch3: ntp-4.2.6p1-bcast.patch Patch4: ntp-4.2.6p1-cmsgalign.patch Patch5: ntp-4.2.6p1-linkfastmath.patch Patch6: ntp-4.2.6p2-tentative.patch Patch7: ntp-4.2.6p1-retcode.patch Patch8: ntp-4.2.6p4-rtnetlink.patch Patch10: ntp-4.2.6p4-htmldoc.patch Patch11: ntp-4.2.6p1-nano.patch Patch12: ntp-4.2.4p7-getprecision.patch Patch13: ntp-4.2.6p1-logdefault.patch Patch14: ntp-4.2.6p4-mlock.patch Patch15: ntp-4.2.6p2-multiopts.patch Patch16: ntp-4.2.6p3-no_checkChangeLog.diff Patch23: ntp-4.2.6p5-link-crypto.patch Patch24: ntp-4.2.6p5-cve-2014-9294.patch Patch25: ntp-4.2.6p5-cve-2014-9293.patch Patch26: ntp-4.2.6p5-cve-2014-9295.patch Patch27: ntp-4.2.6p5-cve-2014-9296.patch Patch28: ntp-4.2.6p5-cve-2014-9297.patch Patch29: ntp-4.2.6p5-cve-2014-9298.patch Patch30: ntp-4.2.6p5-CVE-2015-1798.diff Patch31: ntp-4.2.6p5-CVE-2015-1799.diff Patch32: ntp-4.2.6p5-cve-2015-5146.patch Patch33: ntp-4.2.6p5-cve-2015-5194.patch Patch34: ntp-4.2.6p5-cve-2015-5195.patch Patch35: ntp-4.2.6p5-cve-2015-7703.patch Patch36: ntp-4.2.6p5-cve-2015-5219.patch Patch37: ntp-4.2.6p5-cve-2015-7704.patch Patch38: ntp-4.2.6p5-cve-2015-5300.patch Patch39: ntp-4.2.6p5-cve-2015-7701.patch Patch40: ntp-4.2.6p5-cve-2015-7691_7692_7702.patch Patch41: ntp-4.2.6p5-cve-2015-7852.patch Patch42: ntp-4.2.6p5-cve-2015-7871.patch Patch43: ntp-4.2.6p5-CVE-2015-7850.patch Patch44: ntp-4.2.6p5-CVE-2015-7853.patch Patch45: ntp-4.2.6p5-CVE-2015-7855.patch Patch46: ntp-4.2.6p5-clockstate.patch Patch47: ntp-4.2.6p5-restrict46.patch Patch48: ntp-4.2.6p5-cve-2015-8138.patch Patch49: ntp-4.2.6p5-cve-2015-7977_7978.patch Patch50: ntp-4.2.6p5-cve-2015-8158.patch Patch51: ntp-4.2.6p5-cve-2015-7974.patch Patch52: ntp-4.2.6p5-cve-2015-7979.patch Patch53: ntp-4.2.6p5-orphreftime.patch Patch54: ntp-4.2.6p5-linklocal.patch Patch55: ntp-4.2.6p5-cve-2016-1548.patch Patch56: ntp-4.2.6p5-cve-2016-2516.patch Patch57: ntp-4.2.6p5-cve-2016-2518.patch Patch58: ntp-4.2.6p5-cve-2016-1550.patch Patch59: ntp-4.2.6p5-cve-2015-8139.patch Patch60: ntp-4.2.6p5-cve-2016-4954.patch Patch61: ntp-4.2.6p5-cve-2016-4955.patch Patch62: ntp-4.2.6p5-cve-2016-4956.patch Patch63: ntp-4.2.6p5-cve-2016-7426.patch Patch64: ntp-4.2.6p5-cve-2016-7429.patch Patch66: ntp-4.2.6p5-cve-2016-9310.patch Patch67: ntp-4.2.6p5-cve-2016-9311.patch Patch100: ntpstat-0.2-clksrc.patch Patch101: ntpstat-0.2-multipacket.patch Patch102: ntpstat-0.2-sysvars.patch Patch103: ntpstat-0.2-maxerror.patch Patch104: ntpstat-0.2-errorbit.patch Patch105: ntpstat-0.2-manual.patch Patch300: ntp-4.2.4p5-format_not_a_string_literal_and_no_format_arguments.diff Patch301: ntp-4.2.6p5-automake-1.13.patch Requires(post): rpm-helper >= 0.24.8-1 Requires(preun): rpm-helper >= 0.24.8-1 Requires: ntp-client BuildRequires: openssl-devel BuildRequires: ncurses-devel BuildRequires: elfutils-devel BuildRequires: libcap-devel BuildRequires: libedit-devel BuildRequires: net-snmp-devel BuildRequires: bison # for html2man BuildRequires: perl-HTML-Parser %description The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). Install the ntp package if you need tools for keeping your system's time synchronized via the NTP protocol. Note: Primary, original, big, HTML documentation, is in the package ntp-doc. %package client Summary: The ntpdate client for setting system time from NTP servers Group: System/Servers Requires(post): rpm-helper >= 0.24.8-1 Requires(preun): rpm-helper >= 0.24.8-1 %description client The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). ntpdate is a simple NTP client which allows a system's clock to be set to match the time obtained by communicating with one or more servers. ntpdate is optional (but recommended) if you're running an NTP server, because initially setting the system clock to an almost-correct time will help the NTP server synchronize faster. The ntpdate client by itself is useful for occasionally setting the time on machines that are not on the net full-time, such as laptops. %package doc Summary: Complete HTML documentation for ntp Group: System/Servers BuildArch: noarch %description doc This is the original, complete, documentation for NTP, in HTML format. Manpages documentation comes with the binary package(s). The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). %prep %setup -q -n ntp-%{version} -a4 %patch1 -p1 -b .sleep %patch2 -p1 -b .droproot %patch3 -p0 -b .bcast %patch4 -p1 -b .cmsgalign %ifarch ia64 %patch5 -p1 -b .linkfastmath %endif %patch6 -p0 -b .tentative %patch7 -p1 -b .retcode %patch8 -p1 -b .rtnetlink %patch10 -p1 -b .htmldoc %patch11 -p1 -b .nano %patch12 -p1 -b .getprecision %patch13 -p1 -b .logdefault %patch14 -p1 -b .mlock %patch15 -p1 -b .multiopts %patch16 -p0 -b .no_checkChangeLog %patch23 -p1 -b .link-crypto %patch24 -p1 -b .cve-2014-9294 %patch25 -p1 -b .cve-2014-9293 %patch26 -p1 -b .cve-2014-9295 %patch27 -p1 -b .cve-2014-9296 %patch28 -p1 -b .cve-2014-9297 %patch29 -p1 -b .cve-2014-9298 %patch30 -p1 -b .CVE-2015-1798 %patch31 -p1 -b .CVE-2015-2781 %patch32 -p1 -b .cve-2015-5146 %patch33 -p1 -b .cve-2015-5194 %patch34 -p1 -b .cve-2015-5195 %patch35 -p1 -b .cve-2015-5196 %patch36 -p1 -b .cve-2015-5219 %patch37 -p1 -b .cve-2015-7704 %patch38 -p1 -b .cve-2015-5300 %patch39 -p1 -b .cve-2015-7701 %patch40 -p1 -b .cve-2015-7691_7692_7702 %patch41 -p1 -b .cve-2015-7852 %patch42 -p1 -b .cve-2015-7871 %patch43 -p1 -b .CVE-2015-7850 %patch44 -p1 -b .CVE-2015-7853 %patch45 -p1 -b .CVE-2015-7855 %patch46 -p1 -b .clockstate %patch47 -p1 -b .restrict46 %patch48 -p1 -b .cve-2015-8138 %patch49 -p1 -b .cve-2015-7977_7978 %patch50 -p1 -b .cve-2015-8158 %patch51 -p1 -b .cve-2015-7974 %patch52 -p1 -b .cve-2015-7979 %patch53 -p1 -b .orphreftime %patch54 -p1 -b .linklocal %patch55 -p1 -b .cve-2016-1548 %patch56 -p1 -b .cve-2016-2516 %patch57 -p1 -b .cve-2016-2518 %patch58 -p1 -b .cve-2016-1550 %patch59 -p1 -b .cve-2015-8139 %patch60 -p1 -b .cve-2016-4954 %patch61 -p1 -b .cve-2016-4955 %patch62 -p1 -b .cve-2016-4956 %patch63 -p1 -b .cve-2016-7426 %patch64 -p1 -b .cve-2016-7429 %patch66 -p1 -b .cve-2016-9310 %patch67 -p1 -b .cve-2016-9311 # set default path to sntp KoD database sed -i 's|/var/db/ntp-kod|%{_localstatedir}/lib/ntp/sntp-kod|' sntp/*.{1,c} # ntpstat patches %patch100 -p1 -b .clksrc %patch101 -p1 -b .multipacket %patch102 -p1 -b .sysvars %patch103 -p1 -b .maxerror %patch104 -p1 -b .errorbit %patch105 -p1 -b .manual %patch300 -p1 -b .format_not_a_string_literal_and_no_format_arguments %patch301 -p1 -b .automake-1_13 %build autoreconf -fis %serverbuild %configure2_5x \ --with-crypto=openssl \ --enable-linuxcaps \ --with-ntpsnmpd %make CFLAGS="$CFLAGS" %{__make} -C ntpstat-0.2 CFLAGS="$CFLAGS" # generate manpages from HTML docs pushd html ../scripts/html2man # remove adjacent blank lines sed -i 's/^[\t\ ]*$//;/./,/^$/!d' man/man*/*.[58] popd mv html/man . # biggest file in the main package, when uncompressed bzip2 -9 ChangeLog* %install install -d -m 755 %{buildroot}%{_mandir}/man1 install -d -m 755 %{buildroot}%{_mandir}/man5 install -d -m 755 %{buildroot}%{_mandir}/man8 %makeinstall bindir=%{buildroot}%{_sbindir} install -d -m 755 %{buildroot}%{_sysconfdir} install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/ntp.conf install -d -m 755 %{buildroot}%{_sysconfdir}/ntp install -m 640 %{SOURCE2} %{buildroot}%{_sysconfdir}/ntp/keys install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig install -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/sysconfig/ntpd install -m 644 %{SOURCE16} %{buildroot}%{_sysconfdir}/sysconfig/ntpdate install -m 755 %{SOURCE15} %{buildroot}%{_sbindir}/ntpdate-wrapper /bin/touch %{buildroot}%{_sysconfdir}/ntp/step-tickers install -d -m 755 %{buildroot}/var/lib/ntp install -m755 ntpstat-0.2/ntpstat %{buildroot}%{_sbindir}/ install -m644 ntpstat-0.2/ntpstat.1 %{buildroot}%{_mandir}/man1/ install -m644 man/man5/*.5 %{buildroot}%{_mandir}/man5/ install -m644 man/man8/*.8 %{buildroot}%{_mandir}/man8/ # cleanup patched HTML files %{__rm} -f html/ntpdate.html.droproot # for %doc %{__cp} sntp/COPYRIGHT COPYRIGHT.sntp # prevent man1 pages from hiding the more complete html2man generated man8 ones rm -f %{buildroot}%{_mandir}/man1/ntpd.1* rm -f %{buildroot}%{_mandir}/man1/ntpdc.1* rm -f %{buildroot}%{_mandir}/man1/ntp-keygen.1* rm -f %{buildroot}%{_mandir}/man1/ntpq.1* install -D -p -m 644 %{SOURCE11} %{buildroot}%{_prefix}/lib/systemd/ntp-units.d/50-ntpd.list install -D -p -m 644 %{SOURCE12} %{buildroot}%{_unitdir}/ntpd.service install -D -p -m 644 %{SOURCE13} %{buildroot}%{_unitdir}/ntpdate.service install -D -p -m 644 %{SOURCE14} %{buildroot}%{_unitdir}/ntp-wait.service %pre %_pre_useradd %{ntp_user} %{_sysconfdir}/ntp /bin/false %post %_post_service ntpd /bin/touch %{_sysconfdir}/ntp/step-tickers %preun %_preun_service ntpd %postun %_postun_userdel %{ntp_user} %files %doc COPYRIGHT NEWS TODO README* ChangeLog.bz2 conf COPYRIGHT.sntp %config(noreplace) %{_sysconfdir}/ntp.conf %config(noreplace) %{_sysconfdir}/sysconfig/ntpd %dir %{_sysconfdir}/ntp %attr(0640,root,%{ntp_group})%config(noreplace) %{_sysconfdir}/ntp/keys %config(noreplace) %{_sysconfdir}/ntp/step-tickers %attr(-,%{ntp_user},%{ntp_group}) /var/lib/ntp %{_sbindir}/ntpd %{_sbindir}/ntpdc %{_sbindir}/ntp-keygen %{_sbindir}/ntpq %{_sbindir}/ntpsnmpd %{_sbindir}/ntpstat %{_sbindir}/ntptime %{_sbindir}/ntptrace %{_sbindir}/ntp-wait %{_sbindir}/sntp %{_sbindir}/tickadj %{_mandir}/man1/ntpsnmpd.1* %{_mandir}/man1/ntpstat.1* %{_mandir}/man1/sntp.1* %{_mandir}/man5/ntp_acc.5* %{_mandir}/man5/ntp_auth.5* %{_mandir}/man5/ntp_clock.5* %{_mandir}/man5/ntp.conf.5* %{_mandir}/man5/ntp_decode.5* %{_mandir}/man5/ntp_misc.5* %{_mandir}/man5/ntp_mon.5* %{_mandir}/man8/ntpd.8* %{_mandir}/man8/ntpdc.8* %{_mandir}/man8/ntp-keygen.8* %{_mandir}/man8/ntpq.8* %{_mandir}/man8/ntptime.8* %{_mandir}/man8/ntptrace.8* %{_mandir}/man8/ntp-wait.8* %{_mandir}/man8/tickadj.8* %{_prefix}/lib/systemd/ntp-units.d/50-ntpd.list %{_unitdir}/ntp-wait.service %{_unitdir}/ntpd.service %files client %doc COPYRIGHT ChangeLog.bz2 README %{_sbindir}/ntpdate %{_sbindir}/ntpdate-wrapper %{_mandir}/man8/ntpdate.8* %{_unitdir}/ntpdate.service %config(noreplace) %{_sysconfdir}/sysconfig/ntpdate %files doc %doc COPYRIGHT html/ %changelog * Fri Nov 25 2016 luigiwalser <luigiwalser> 4.2.6p5-24.7.mga5 + Revision: 1070156 - add patches from fedora to fix security issues: - don't limit rate of packets from sources (CVE-2016-7426) - don't change interface from received packets (CVE-2016-7429) - require authentication for trap commands (CVE-2016-9310) - fix crash when reporting peer event to trappers (CVE-2016-9311) - add patches from fedora to fix more security issues: - CVE-2015-8139 - CVE-2016-4954 - CVE-2016-4955 - CVE-2016-4956 - add patches from fedora to fix more bugs and security issues: - update reference timestamp in orphan mode - allow sources specified by IPv6 link-local address - don't allow spoofed packet to enable symmetric interleaved mode (CVE-2016-1548) - don't crash on duplicate address in unconfig command (CVE-2016-2516) - check mode of new source in config command (CVE-2016-2518) - make MAC check resilient against timing attack (CVE-2016-1550) - rename CVE-2015-5196 to CVE-2015-7703 - fix CVE-2015-7692 patch name - add patches from fedora to fix several bugs and security issues: - report clock state changes related to leap seconds - allow -4/-6 on restrict lines with mask - explain synchronised state in ntpstat man page - don't accept server/peer packets with zero origin timestamp (CVE-2015-8138) - fix crash with reslist command (CVE-2015-7977, CVE-2015-7978) - fix infinite loop in ntpq/ntpdc (CVE-2015-8158) - check key ID in packets authenticated with symmetric key (CVE-2015-7974) - don't allow spoofed packets to demobilize associations using symmetric key (CVE-2015-7979) - add patches from ubuntu to fix CVE-2015-785[035] - sync with fedora to fix October 2015 security issues: - check origin timestamp before accepting KoD RATE packet (CVE-2015-7704) - allow only one step larger than panic threshold with -g (CVE-2015-5300) - fix memory leak with autokey (CVE-2015-7701) - don't crash with crafted autokey packet (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702) - don't crash in ntpq with crafted packet (CVE-2015-7852) - don't mobilize passive association with crypto NAK (CVE-2015-7871) - add patches from fedora to fix CVE-2015-5146, CVE-2015-519[4-6], CVE-2015-5219 * Wed Apr 08 2015 oden <oden> 4.2.6p5-24.mga5 + Revision: 819877 - P30: security fix for CVE-2015-1798 - P31: security fix for CVE-2015-1799 * Sat Feb 28 2015 alien <alien> 4.2.6p5-23.mga5 + Revision: 817214 - New configurations are advised to use Orphan mode instead of local clocks * Tue Feb 10 2015 luigiwalser <luigiwalser> 4.2.6p5-22.mga5 + Revision: 814542 - do not restrict ntpq from localhost * Fri Feb 06 2015 luigiwalser <luigiwalser> 4.2.6p5-21.mga5 + Revision: 813679 - add patches from fedora to fix CVE-2014-9297 and CVE-2014-9298 * Sat Dec 20 2014 luigiwalser <luigiwalser> 4.2.6p5-20.mga5 + Revision: 804330 - link to openssl to fix build with CVE-2014-9294 patch - add patches from fedora to fix CVE-2014-929[3-6] * Wed Oct 15 2014 umeabot <umeabot> 4.2.6p5-17.mga5 + Revision: 748582 - Second Mageia 5 Mass Rebuild * Tue Sep 16 2014 umeabot <umeabot> 4.2.6p5-16.mga5 + Revision: 682949 - Mageia 5 Mass Rebuild * Thu Jan 23 2014 luigiwalser <luigiwalser> 4.2.6p5-15.mga4 + Revision: 567555 - restrict some remote query types by default to mitigate CVE-2013-5211 (mga#12326) * Sat Nov 23 2013 colin <colin> 4.2.6p5-14.mga4 + Revision: 552447 - Remove legacy directive from service unit * Sat Oct 19 2013 umeabot <umeabot> 4.2.6p5-13.mga4 + Revision: 522749 - Mageia 4 Mass Rebuild * Tue Mar 26 2013 tv <tv> 4.2.6p5-12.mga3 + Revision: 405373 - make doc subpackage noarch * Tue Feb 26 2013 colin <colin> 4.2.6p5-11.mga3 + Revision: 400393 - Revert (most of) r397878. ntpd -q does not behave like ntpdate at all. * Mon Feb 11 2013 colin <colin> 4.2.6p5-10.mga3 + Revision: 397879 - Tidy unit paths - Drop the ntpdate service (unneeded due to -g option to ntpd) * Sat Jan 12 2013 umeabot <umeabot> 4.2.6p5-9.mga3 + Revision: 361075 - Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild * Sun Jan 06 2013 cjw <cjw> 4.2.6p5-8.mga3 + Revision: 339648 - patch301: fix build with automake 1.13 * Thu Aug 09 2012 tv <tv> 4.2.6p5-7.mga3 + Revision: 280281 - drop sysv service * Fri Jul 20 2012 colin <colin> 4.2.6p5-6.mga3 + Revision: 272730 - Fix systemd units and add ntp service list definition for high level auto-activation. * Thu May 03 2012 colin <colin> 4.2.6p5-5.mga2 + Revision: 234622 - Bind to the generic systemd-timedated-ntp target (future proofing) - Keep ntpd in the root cpu control group to allow it to set it's schedulling priority (rhbz#810801) * Sat Apr 28 2012 tmb <tmb> 4.2.6p5-4.mga2 + Revision: 233824 - Require rpm-helper >= 0.24.8-1 for systemd support * Wed Mar 28 2012 luigiwalser <luigiwalser> 4.2.6p5-3.mga2 + Revision: 227388 - better fix for mga #4944 suggested by Colin Guthrie * Sun Mar 25 2012 luigiwalser <luigiwalser> 4.2.6p5-2.mga2 + Revision: 226420 - call _post_service for ntpdate (mga #4944) - switch service type to forking (from fedora) * Sun Feb 12 2012 luigiwalser <luigiwalser> 4.2.6p5-1.mga2 + Revision: 207614 - 4.2.6p5 (updated patches from fedora by way of mdv) - enable PrivateTmp in ntpd service (rh #782520) * Fri Sep 09 2011 guillomovitch <guillomovitch> 4.2.6p3-7.mga2 + Revision: 141790 - ensure variable in sysconfig/ntp are consistant for both sysinit and systemd * Fri Sep 09 2011 guillomovitch <guillomovitch> 4.2.6p3-6.mga2 + Revision: 141730 - ship ntpdate wrapper configuration file too * Thu Sep 08 2011 guillomovitch <guillomovitch> 4.2.6p3-5.mga2 + Revision: 141412 - don't forget to ship the ntpdate wrapper for systemd * Tue Sep 06 2011 guillomovitch <guillomovitch> 4.2.6p3-4.mga2 + Revision: 139781 - add missing LSB header - spec cleanup - drop apparmor config files - add systemd service files - rebuild for latest net-snmp * Tue Feb 08 2011 ennael <ennael> 4.2.6p3-2.mga1 + Revision: 49055 - imported package ntp * Wed Jan 19 2011 Oden Eriksson <oeriksson@mandriva.com> 4.2.6p3-2mdv2011.0 + Revision: 631673 - fix #62115 (ntpd throws some errors about syntax in /var/log/messages) * Tue Jan 04 2011 Oden Eriksson <oeriksson@mandriva.com> 4.2.6p3-1mdv2011.0 + Revision: 628622 - 4.2.6p3 - bring back the "p" in the %%version... - rediff/drop/add patches * Sun Jan 02 2011 Oden Eriksson <oeriksson@mandriva.com> 4.2.6-2mdv2011.0 + Revision: 627658 - fix the darn filelists... - fix build (damn %%exclude removal!) - don't force the usage of automake1.7 * Sun Oct 24 2010 Oden Eriksson <oeriksson@mandriva.com> 4.2.6-1mdv2011.0 + Revision: 588710 - more fixes... - fix deps - enable ntpsnmpd - 4.2.6p2 - sync patches with fedora - rediffed the format string patch * Fri Feb 26 2010 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-29mdv2010.1 + Revision: 511598 - rebuilt against openssl-0.9.8m * Wed Dec 09 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-28mdv2010.1 + Revision: 475199 - 4.2.4p8 (fixes CVE-2009-3563) * Mon Oct 12 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-27mdv2010.0 + Revision: 456718 - revert the hack to fix #50815 due to regressions * Fri Oct 02 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-26mdv2010.0 + Revision: 452749 - fix #50815 (ntp initialization being blocked by shorewall initialization) * Wed Jun 03 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-25mdv2010.0 + Revision: 382399 - bump release - P115: fix build (gentoo) - enable ntpdate to read configurable variables from the /etc/sysconfig/ntpd file (#51393) * Tue May 19 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-23mdv2010.0 + Revision: 377685 - fix build - 4.2.4p7 (fixes CVE-2009-0159, CVE-2009-1252) - nuke redundant patches * Mon Apr 13 2009 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-22mdv2009.1 + Revision: 366819 - P115: security fix for CVE-2009-0159 - fix autopoo * Thu Jan 08 2009 Frederik Himpe <fhimpe@mandriva.org> 4.2.4-21mdv2009.1 + Revision: 327218 - Update to new version 4.2.4p6 (fixes CVE-2009-0021) * Wed Dec 17 2008 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-20mdv2009.1 + Revision: 315242 - rediffed fuzzy patches - added P114 to fix build with -Werror=format-security * Thu Oct 16 2008 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-19mdv2009.1 + Revision: 294183 - rebuild * Mon Aug 18 2008 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-18mdv2009.0 + Revision: 273166 - 4.2.4p5 - drop P104, it won't apply anymore - restore the init script * Mon Jul 07 2008 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-17mdv2009.0 + Revision: 232369 - rebuilt against new libcap + Pixel <pixel@mandriva.com> - adapt to %%_localstatedir now being /var instead of /var/lib (#22312) * Fri May 30 2008 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-16mdv2009.0 + Revision: 213440 - added P8 to stop it from working with minor openssl version changes (after looking at the openssh patch) * Fri Mar 14 2008 Gustavo De Nardin <gustavodn@mandriva.com> 4.2.4-15mdv2008.1 + Revision: 187777 - fixed the initial sync loop running ntpdate to properly set RETVAL * Fri Mar 14 2008 Gustavo De Nardin <gustavodn@mandriva.com> 4.2.4-14mdv2008.1 + Revision: 187763 - made the initscript try more than once to do the initial clock sync with ntpdate, to account for slow systems or slow network initialization, even though this shouldn't happen.... * Thu Mar 06 2008 Guillaume Rousse <guillomovitch@mandriva.org> 4.2.4-13mdv2008.1 + Revision: 180874 - FHS compliance: move drift file under %%{_localstatedir}/ntp drop useless file ownership change in %%post file section cleanup + Olivier Blin <oblin@mandriva.com> - restore BuildRoot + Thierry Vignaud <tv@mandriva.org> - kill re-definition of %%buildroot on Pixel's request * Fri Dec 07 2007 David Walluck <walluck@mandriva.org> 4.2.4-12mdv2008.1 + Revision: 116373 - rebuild for new openssl * Sat Oct 20 2007 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-11mdv2008.1 + Revision: 100563 - rebuilt against latest openssl (OpenSSL version mismatch. Built against 90805f, you have 908070) * Tue Sep 25 2007 Oden Eriksson <oeriksson@mandriva.com> 4.2.4-10mdv2008.0 + Revision: 92784 - 4.2.4p4 - added rediffed P113 from debian to use capabilities at runtime if found - don't load the capabilities kernel module in the initscript * Wed Sep 19 2007 Andreas Hasenack <andreas@mandriva.com> 4.2.4-9mdv2008.0 + Revision: 91196 - ship apparmor profile and use it if apparmor is in effect * Mon Jul 02 2007 David Walluck <walluck@mandriva.org> 4.2.4-8mdv2008.0 + Revision: 46885 - 4.2.4p3 * Wed Jun 27 2007 Andreas Hasenack <andreas@mandriva.com> 4.2.4-7mdv2008.0 + Revision: 45128 - fix serverbuild usage * Wed Jun 27 2007 Guillaume Rousse <guillomovitch@mandriva.org> 4.2.4-6mdv2008.0 + Revision: 44896 - drop bash completion scriplet, as already included in main bash completion script * Thu Jun 21 2007 David Walluck <walluck@mandriva.org> 4.2.4-5mdv2008.0 + Revision: 42153 - bump release - rediff and apply droproot patch - remove loopfilter patch (not needed) - fix release - 4.2.4p2 - fix doc perms * Thu Mar 08 2007 Olivier Blin <oblin@mandriva.com> 4.2.4-4mdv2007.1 + Revision: 138392 - fix syntax error in initscript + Gustavo De Nardin <gustavodn@mandriva.com> - don't default to disabled authentication, it is unsafe, specially because our current default configuration has multicastclient enabled; (#27079) - changed patch ntp-4.2.4-html2man-adjusts, adding generation and packaging of ntp_auto(5), for the autoconfiguration modes manpage - added README and COPYRIGHT for sntp to docs - added example configurations to docs - small note about ntp-doc package in ntp package description - renamed patch ntp-4.2.4-html2man-tickadj to ntp-4.2.4-html2man-adjusts - made it add references to ntp_*(5) configuration manpages from ntp.conf(5) - made the generated SEE ALSO manpages sections note about ntp-doc package instead of filesystem location * Fri Jan 26 2007 Gustavo De Nardin <gustavodn@mandriva.com> 4.2.4-3mdv2007.1 + Revision: 114164 - make proper use of pool.ntp.org in default ntp.conf - split HTML docs into a separate package ntp-doc - added COPYRIGHT notice to all (sub)packages documentation - updated manpages: . stopped using old manpages from Redhat (ntp-4.1.2-rh-manpages.tar.bz2) . added patch ntp-4.2.4-html2man from Fedora ntp-4.2.4-3.fc7 to fix html2man manpages generation from HTML docs . generate manpages from the more uptodate HTML docs, with html2man - manpages of ntpdate, ntpd, ntpdc, ntpdsim, ntpq, ntp-keygen, ntptime, ntptrace, moved from man1 to man8 section - removed pointless patch ntp-4.2.2-mlockall.patch: it is applied OK to 'configure', but then 'configure' is regenerated by %%{__autoconf} ... - removed ntp-4.2.0-genkey3.patch: already fixed (correctly) upstream - replaced patch ntp-4.2.4-sprintf with the one from actual Fedora package, as ours contained an error (call to sprintf instead of snprintf), and to keep them really the same, and so avoid "WTF?" situations * Sat Jan 20 2007 Olivier Blin <oblin@mandriva.com> 4.2.4-2mdv2007.1 + Revision: 111122 - start services providing the named system facility if any is enabled (#25935) * Sun Jan 07 2007 David Walluck <walluck@mandriva.org> 4.2.4-1mdv2007.1 + Revision: 105137 - new version 4.2.4 - remove Patch0, Patch5, Patch8 (no longer needed) - remove Patch9 (merged upstream) - replace Patch7 with Patch102 (from Fedora) - add patches from Fedora (102-112) * Sun Oct 01 2006 Stew Benedict <sbenedict@mandriva.com> 4.2.0-31.2mdv2007.0 - rebuild against updated openssl-static-devel (0.9.8b-2.2mdv2007) * Fri Sep 29 2006 Stew Benedict <sbenedict@mandriva.com> 4.2.0-31.1mdv2007.0 - rebuild against updated openssl-static-devel (0.9.8b-2.1mdv2007) * Wed Sep 20 2006 Per Ãyvind Karlsen <pkarlsen@mandriva.com> 4.2.0-31mdv2007.0 - rebuild * Fri Aug 25 2006 Per Ãyvind Karlsen <pkarlsen@mandriva.com> 4.2.0-30mdv2007.0 - sync initscript with fedora's and adapt it (a more proper fix to #23673 without causing hang when failing to reach ntp server #24508), puts back dependency on ntp-client again - add sysconfig conf file for ntpd arguments - comment out example keys in key file - fix macro-in-%%changelog - fix non-conffile-in-etc - bunzip2 stuff * Wed Jul 19 2006 Emmanuel Blindauer <blindauer@mandriva.org> 4.2.0-29mdv2007.0 - Fix typo. * Sun Jul 16 2006 Emmanuel Blindauer <blindauer@mandriva.org> 4.2.0-28mdv2007.0 - Fix init startup and drop ntpdate requirement. (#23673) * Thu Feb 09 2006 Andreas Hasenack <andreas@mandriva.com> 4.2.0-27mdk - fixed capability module issue (#21043) * Mon Jan 09 2006 Olivier Blin <oblin@mandriva.com> 4.2.0-26mdk - fix typo in initscript * Mon Jan 09 2006 Olivier Blin <oblin@mandriva.com> 4.2.0-25mdk - convert parallel init to LSB - mkrel * Mon Jan 02 2006 Olivier Blin <oblin@mandriva.com> 4.2.0-24mdk - parallel init support * Fri Dec 02 2005 Olivier Blin <oblin@mandriva.com> 4.2.0-23mdk - don't require modutils, it's deprecated (and module tools are required by basesystem and kernel packages) * Sun Nov 13 2005 Oden Eriksson <oeriksson@mandriva.com> 4.2.0-22mdk - rebuilt against openssl-0.9.8a * Thu Sep 08 2005 Warly <warly@mandriva.com> 4.2.0-21mdk - Security update for CAN-2005-2496 (P9) * Sat Jul 23 2005 Couriousous <couriousous@mandriva.org> 4.2.0-20mdk - fix gcc4 patch ( #16954 ) * Fri Jul 22 2005 Guillaume Rousse <guillomovitch@mandriva.org> 4.2.0-19mdk - ntpdate bash-completion - fix gcc 4 build (<couriousous@mandriva.org>) * Mon Mar 21 2005 Andreas Hasenack <andreas@mandrakesoft.com> 4.2.0-18mdk - check for stale subsystem lock in the init script (we now check for the lock file and if there are any ntpd processes running). If we still have problems with this, then the last option would be to make ntpd create a pid file and use that. - just a safe guard: check if we need to load the capability kernel module. MDK has this builtin, but some user might rebuild the kernel and use it as a module - Prereq -> Requires(bla) * Thu Mar 17 2005 Andreas Hasenack <andreas@mandrakesoft.com> 4.2.0-17mdk - argh, a typo in the init script was preventing step-tickers from ever being used * Thu Mar 17 2005 Andreas Hasenack <andreas@mandrakesoft.com> 4.2.0-16mdk - using rpm macros for user add/delete - test for drift file existance before chowning it in %%post - only use step-tickers if it has some content * Mon Mar 07 2005 Andreas Hasenack <andreas@mandrakesoft.com> 4.2.0-15mdk - added drop-root patch from http://bugzilla.ntp.org/show_bug.cgi?id=251 (#14333) (it's already applied in the -stable branch) - deal with upgrades from versions before this patch was applied - avoid multiple starts in the init script - return appropriate error codes for start/stop/status - ntpdate's output was messing the screen. TODO: fix ntpdate's -s option * Sat Feb 19 2005 Christiaan Welvaart <cjw@daneel.dyndns.org> 4.2.0-14mdk - add BuildRequires: dos2unix * Thu Feb 17 2005 Warly <warly@mandrakesoft.com> 4.2.0-13mdk - fix bad touch of the step-tickers file * Wed Feb 16 2005 Warly <warly@mandrakesoft.com> 4.2.0-12mdk - change chkconfig level from 55 to 56 to fix bug 9045 * Thu Jan 20 2005 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 4.2.0-11mdk - rebuild for new readline - fix summary-ended-with-dot * Fri Oct 01 2004 Gwenole Beauchesne <gbeauchesne@mandrakesoft.com> 4.2.0-10mdk - lib64 fixes * Tue Sep 14 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 4.2.0-9mdk - fix S1 (#8844) * Tue Aug 10 2004 Warly <warly@mandrakesoft.com> 4.2.0-8mdk - Add more pool.ntp.org entry in ntpd.conf * Wed Jul 07 2004 Frederic Crozat <fcrozat@mandrakesoft.com> 4.2.0-7mdk - Add Conflicts to ease upgrade (Mdk bug #10208) * Wed Jun 30 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 4.2.0-6mdk - fix buildrequires * Mon Jun 28 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 4.2.0-5mdk - added P3 & P4 (fedora) fix #10159 - added P5 - fix deps * Sun Jun 27 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 4.2.0-4mdk - new url * Sun Jun 27 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 4.2.0-3mdk - broke out ntpdate as that's the only one needed if using an external clock source (description stolen from debian) - added P2 (stolen from gentoo, but tweaked some; usage "ntpdate -Q" and it won't spit out "host found : ..." anymore) - change group - added S4 and S5 from fedora - fix deps - misc spec file fixes