Change logs for ntp source package in Sid

  • ntp (1:4.2.8p12+dfsg-3) unstable; urgency=low
    
      * Treat testsuite errors as non-fatal on some architectures
        Fixes FTBFS on ppc64el, ia64, powerpc, ppc64
    
     -- Bernhard Schmidt <email address hidden>  Fri, 14 Sep 2018 22:31:42 +0200
  • ntp (1:4.2.8p12+dfsg-2) unstable; urgency=low
    
      * Drop ntpdate ifupdown hooks (Closes: #908286)
        These have been a constant source of problems and one-shot syncs
        are not a proper solution for timekeeping. See ntpdate.NEWS for
        details
      * Do not install /var/lib/ntpdate, not used anymore
      * Drop maintscript snippets for upgrading from versions prior to Jessie
      * Reenable unittest
        - disable always failing test-decodenetnum with a patch
      * Set Rules-Requires-Root: no
    
     -- Bernhard Schmidt <email address hidden>  Thu, 13 Sep 2018 23:16:11 +0200
  • ntp (1:4.2.8p12+dfsg-1) unstable; urgency=medium
    
      [ Bernhard Schmidt ]
      * New upstream version 4.2.8p12
      * Update Maintainer address to <email address hidden> (Closes: #899940)
      * Update ntpdate.8 from ntpdate.html (Closes: #476491, #515246)
    
      [ Peter Eisentraut ]
      * Remove Peter Eisentraut from Uploaders
    
     -- Bernhard Schmidt <email address hidden>  Thu, 16 Aug 2018 22:20:29 +0200
  • ntp (1:4.2.8p11+dfsg-1) unstable; urgency=medium
    
      * New upstream version 4.2.8p11+dfsg (Closes: #851096)
        - Refresh patches
        - Drop ntpd-increase-stack-size included upstream
        - CVE-2018-7185: Unauthenticated packet can reset authenticated
          interleaved association (LOW/MED)
        - CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state
          (LOW/MED)
        - CVE-2018-7170 / CVE-2016-1549: Provide a way to prevent authenticated
          symmetric passive peering (LOW)
        - CVE-2018-7183: decodearr() can write beyond its 'buf' limits (Medium)
        - CVE-2018-7182: ctl_getitem(): buffer read overrun leads to undefined
          behavior and information leak (Info/Medium)
        - CVE-2016-1549: Sybil vulnerability: ephemeral association attack
          (mitigated in 4.2.8p7)
      * convert dfsg.sh into mk-origtargz script
      * Run wrap-and-sort
      * Sync AppArmor profile changes from Ubuntu, including a fix for a
        harmless AppArmor denial in /usr/local (Closes: #883022)
      * Don't chown in postinst recursively.
        Thanks to Daniel Kahn Gillmor (Closes: #889488)
      * Build sntp against system libevent
      * Drop versioned build-deps already fulfilled by oldoldstable
    
     -- Bernhard Schmidt <email address hidden>  Sun, 25 Mar 2018 23:52:51 +0200
  • ntp (1:4.2.8p10+dfsg-6) unstable; urgency=medium
    
      * Make sntp KoD path FHS-compliant.
        Thanks to Aaron Smith (Closes: #863873)
      * Drop historic Breaks/Pre-Depends
      * Drop historic conffile handling from pre-jessie
      * Adjust ntpdate description stating that it is deprecated
      * Move Vcs-* to salsa
      * Bump Standards-Version to 4.1.3.0, no changes necessary
      * Cherry-pick patch from upstream to increase stack size.
        Thanks to Frederic Endner-Dühr for testing (Closes: #887385)
      * Temporarily add ntpdate lock for systemd wrapper.
        Thanks to Christian Ehrhardt (Closes: #874540)
      * Add note about AppArmor tunable in README.Debian (Closes: #883949)
    
     -- Bernhard Schmidt <email address hidden>  Wed, 24 Jan 2018 22:42:13 +0100
  • ntp (1:4.2.8p10+dfsg-5) unstable; urgency=medium
    
      * Fix arch:all FTBFS due to improper moving of sntp manpage (Closes: #865227)
    
     -- Bernhard Schmidt <email address hidden>  Tue, 20 Jun 2017 09:01:07 +0200
  • ntp (1:4.2.8p10+dfsg-4) unstable; urgency=medium
    
      Upload changes tested in experimental to unstable
    
      * Build system/packaging changes
        - Update to debhelper sequencer, compat level 10
        - Bump Standards Version, no changes necessary
        - Build ntp reproducibly.
          Thanks to Reiner Herrmann (Closes: #828989)
        - Use 'debian' location file (Closes: #852946)
        - Install upstream manpages where available
          (Closes: #794182, #806645, #803709, #805325)
        - Re-enable Debugging (Closes: #643954)
      * Build sntp (Closes: #793837)
        - Split sntp into new binary package
      * Add systemd unit (Closes: #635752)
      + Documentation fixes
        - Fix spelling error in cron.daily/ntp (Closes: #739942)
        - Fix outdated path/package name in README.Debian (Closes: #806647)
      * Use tzdata leapfile in default configuration.
        Thanks to Edmund Grimley Evans (Closes: #858548)
        - add trigger to restart ntp on leapfile updates
      * Changes from Ubuntu, thanks to Christian Ehrhardt
        - apparmor: Allow access to winbindd pipe (Closes: #861727)
        - add apport hook (Closes: #861730)
      * Set --home in adduser to resolve lintian error
      * mark ntp-doc Multi-Arch: foreign
    
     -- Bernhard Schmidt <email address hidden>  Sat, 17 Jun 2017 21:51:57 +0200
  • ntp (1:4.2.8p10+dfsg-3) unstable; urgency=medium
    
      * No-change upload to supersede accidental upload of experimental
        to unstable
    
     -- Bernhard Schmidt <email address hidden>  Sun, 07 May 2017 23:04:52 +0200
  • ntp (1:4.2.8p10+dfsg-2) unstable; urgency=medium
    
      * Support pool statement in ntpdate-debian (Closes: #854432, #823120)
      * Point Vcs-* to pkg-ntp git repository
      * Add Bernhard Schmidt to Uploaders
    
     -- Bernhard Schmidt <email address hidden>  Sun, 07 May 2017 14:49:22 +0200
  • ntp (1:4.2.8p10+dfsg-1) unstable; urgency=high
    
      * New upstream version
        - Fix security issues
      * Update openssl-disable-check.patch
    
     -- Kurt Roeckx <email address hidden>  Wed, 22 Mar 2017 21:53:40 +0100
  • ntp (1:4.2.8p9+dfsg-2.1) unstable; urgency=medium
    
      * Non-maintainer upload.
      * Force program locations to use 'legacy' defaults (Closes: #851803)
    
     -- Daniel Silverstone <email address hidden>  Sat, 28 Jan 2017 11:58:18 +0000
  • ntp (1:4.2.8p9+dfsg-2) unstable; urgency=medium
    
      * CVE-2016-0727: NTP statsdir cleanup cronjob insecure (Closes: #839998)
        Patch by Salvatore Bonaccorso <email address hidden>. Patch was dropped
        in 1:4.2.8p9+dfsg-1.
    
     -- Kurt Roeckx <email address hidden>  Mon, 21 Nov 2016 20:09:17 +0100
  • ntp (1:4.2.8p9+dfsg-1) unstable; urgency=medium
    
      * New usptream version
        - Adds OpenSSL 1.1.0 support (Closes: #828461)
        - Fix CVE-2016-9311
        - Fix CVE-2016-9310
        - Fix CVE-2016-7427
        - Fix CVE-2016-7428
        - Fix CVE-2016-9312
        - Fix CVE-2016-7431
        - Fix CVE-2016-7434
        - Fix CVE-2016-7429
        - Fix CVE-2016-7426
        - Fix CVE-2016-7433
      * Update watch for new version specific URL. Patch from 
        Nicholas Luedtke <email address hidden> (Closes: #823269)
      * Make ntpdate-debian use the DHCP servers. Patch from 
        Christian Ehrhardt <email address hidden> (Closes: #617965)
      * Move dhcp temporary files from /var/lib to /run. (Closes: #600661)
      * Wait for ntp to die in the stop target. Patch from Christoph Biedl
        <email address hidden> (Closes: #802040)
    
     -- Kurt Roeckx <email address hidden>  Mon, 21 Nov 2016 19:30:02 +0100
  • ntp (1:4.2.8p8+dfsg-1.1) unstable; urgency=medium
    
      * Non-maintainer upload.
      * CVE-2016-0727: NTP statsdir cleanup cronjob insecure (Closes: #839998)
        (LP: #1528050)
    
     -- Salvatore Bonaccorso <email address hidden>  Sat, 08 Oct 2016 19:32:52 +0200
  • ntp (1:4.2.8p8+dfsg-1) unstable; urgency=high
    
      * New usptream version
        - Fixes security issues
    
     -- Kurt Roeckx <email address hidden>  Tue, 07 Jun 2016 22:29:17 +0200
  • ntp (1:4.2.8p7+dfsg-4) unstable; urgency=high
    
      * Update apparmor-profiles-extra again now we now in which version they
        removed it.
      * Call dh_apparmor.  Add build-depends on dh-apparmor.  (Closes: #824767)
    
     -- Kurt Roeckx <email address hidden>  Thu, 19 May 2016 20:44:08 +0200
  • ntp (1:4.2.8p7+dfsg-3) unstable; urgency=medium
    
      [ Hideki Yamane ]
      * Properly enable Apparmor profile from Ubuntu (Closes: #823024)
        Patch from Hideki Yamane <email address hidden>
      * Update replace/breaks versions of apparmor-profiles-extra
        (Closes: #805183)
    
     -- Kurt Roeckx <email address hidden>  Sat, 30 Apr 2016 12:14:14 +0200
  • ntp (1:4.2.8p7+dfsg-2) unstable; urgency=medium
    
      * Only build-depend on pps-tools on Linux
    
     -- Kurt Roeckx <email address hidden>  Fri, 29 Apr 2016 18:32:39 +0200
  • ntp (1:4.2.8p7+dfsg-1) unstable; urgency=medium
    
      * New upstream version
        This might fix a few CVEs.
      * Drop CVE-2015-5300.patch and CVE-2015-7704.patch now claimed to
        be fixed upstream.
      * Remove Bdale from uploaders (Closes: #804377)
      * Remove section about patching the kernel for PPS support, it's already
        included in the kernel (Closes: #811171)
      * Pass --build and --host to configure. (Closes: #315935)
        Patch from Helmut Grohne <email address hidden>
      * Missing Build-Depends libopts25-dev (which is not implicit in autogen,
        because autogen is M-A:foreign).
        Patch from Helmut Grohne <email address hidden>
      * Fix ntp.dhcp to also check for pool and better handle spaces and tabs.
        (Closes: #809344, #806676)
      * Change watch file to use https (Closes: #793926)
      * Hook into NetworkManager to update ntp servers from dhcp. (Closes:
        #778415).  Patch from Helmut Grohne <email address hidden>
      * Build Depend on pps-tools (Closes: #691672)
      * Don't run ntpdate when method is none.  Patch from
        Dmitry Borisyuk <q1werty@i.com.ua>
      * Also use flock to in the ntp init script, and update the lock file
        location.  (Closes: #806556)
      * Move apparmor profile from apparmor-profiles-extra. Add Breaks/Replaces.
        (Closes: #805183)
    
     -- Kurt Roeckx <email address hidden>  Sun, 24 Jan 2016 22:57:40 +0100
  • ntp (1:4.2.8p4+dfsg-3) unstable; urgency=medium
    
      * Remove rlimit memlock from default config file, the default is now
        to no longer lock.  (Closes: #793745)
      * Really properly fix CVE-2015-7704, thanks to Miroslav Lichvar
        <email address hidden>
    
     -- Kurt Roeckx <email address hidden>  Thu, 22 Oct 2015 20:44:44 +0200
  • ntp (1:4.2.8p4+dfsg-2) unstable; urgency=medium
    
      * Change rlimit memlock default to -1.  (Closes: #802638)
      * Fix CVE-2015-5300
      * Properly fix CVE-2015-7704
    
     -- Kurt Roeckx <email address hidden>  Thu, 22 Oct 2015 19:06:16 +0200
  • ntp (1:4.2.8p4+dfsg-1) unstable; urgency=high
    
      * New upstream release.
        - Fixes CVE-2015-7850 CVE-2015-7704 CVE-2015-7701 CVE-2015-5196
          CVE-2015-7848 CVE-2015-7849 CVE-2015-7854 CVE-2015-7852 CVE-2015-7853
          CVE-2015-7851 CVE-2015-7705 CVE-2015-7855 CVE-2015-7871
        - Drop format-security.patch, applied upstream.
    
     -- Kurt Roeckx <email address hidden>  Wed, 21 Oct 2015 20:00:31 +0200
  • ntp (1:4.2.8p3+dfsg-1) unstable; urgency=medium
    
      * New upstream version
       - Patches applied upstream: ntpd-linux-caps-inheritable.patch,
         ntp-4.2.6p5-cve-2014-9293.patch, ntp-4.2.6p5-cve-2014-9294.patch,
         ntp-4.2.6p5-cve-2014-9295.patch, ntp-4.2.6p5-cve-2014-9296.patch,
         CVE-2014-9297.patch, CVE-2014-9298.patch, CVE-2015-1798.patch,
         CVE-2015-1799.patch, bug-2797.patch, ntpd-ni-maxhost.patch,
         format-security.patch, sntp-manpage.patch, openssl-headers.patch
      * Remove autotools.patch since we run dh_autoreconf
      * Fix a new issue reported by -Werror=format-security
      * Adjust location in source file for ntpsweep
      * Upstream doesn't ship ntpsnmpd.1 anymore, so don't remove it
      * Update the default config to use the new pool method:
        - Use pool instead of server
        - Add restrict source line so servers can be added and removed
        - Add an rlimit memlock so that ntpd actually starts
      * Change the default restrict line to have a rate limit
      * Remove empty directory /usr/libexec
      * Prevent rpaths being set for all binaries
      * Install files to debian/tmp and use dh_install instead of dh_movefiles
    
     -- Kurt Roeckx <email address hidden>  Sat, 25 Jul 2015 16:37:34 +0200
  • ntp (1:4.2.6.p5+dfsg-7) unstable; urgency=medium
    
    
      * Fix endless loop and non-random key generation using
        ntp-keygen on big endian machines.
    
     -- Kurt Roeckx <email address hidden>  Fri, 10 Apr 2015 21:01:32 +0200
  • ntp (1:4.2.6.p5+dfsg-6) unstable; urgency=high
    
    
      * Fix CVE-2015-1798 and CVE-2015-1799 (Closes: #782095)
    
     -- Kurt Roeckx <email address hidden>  Fri, 10 Apr 2015 20:08:24 +0200
  • ntp (1:4.2.6.p5+dfsg-5) unstable; urgency=high
    
    
      * Add missing fix for CVE-2014-9297
    
     -- Kurt Roeckx <email address hidden>  Sat, 07 Feb 2015 12:20:44 +0100
  • ntp (1:4.2.6.p5+dfsg-4) unstable; urgency=medium
    
    
      * Fix CVE-2014-9297
      * Fix CVE-2014-9298
    
     -- Kurt Roeckx <email address hidden>  Thu, 05 Feb 2015 00:27:36 +0100
  • ntp (1:4.2.6.p5+dfsg-3.2) unstable; urgency=medium
    
    
      * Non-maintainer upload.
      * Apply fixes for security updates (Closes: 773576)
        - cve-2014-9293
        - cve-2014-9294
        - cve-2014-9295
        - cve-2014-9296
    
     -- Noah Meyerhans <email address hidden>  Sun, 21 Dec 2014 12:01:50 -0800
  • ntp (1:4.2.6.p5+dfsg-3.1) unstable; urgency=low
    
    
      * Non-maintainer upload.
      * Use dh-autoreconf to ensure configurey is updated for new architectures
    
     -- Wookey <email address hidden>  Tue, 15 Jul 2014 11:54:21 +0800
  • ntp (1:4.2.6.p5+dfsg-3) unstable; urgency=low
    
    
      * Look for <openssl/opensslv.h> rather than <openssl/opensslconf.h>, which
        is due to move to a different location in order to support multiarch.
        Patch by Colin Watson <email address hidden> (Closes: #696390)
    
     -- Kurt Roeckx <email address hidden>  Mon, 20 May 2013 16:14:07 +0200
  • ntp (1:4.2.6.p5+dfsg-2) unstable; urgency=medium
    
    
      * Re-enable crypto support by pointing openssl libdir to multiarch dir.
        Also increase libssl-dev build dependency to the first multiarch
        version. (closes: #670662)
    
     -- Peter Eisentraut <email address hidden>  Sat, 12 May 2012 12:04:06 +0300
  • ntp (1:4.2.6.p5+dfsg-1) unstable; urgency=low
    
    
      * New upstream release (closes: #644673)
      * Updated instructions on generating autotools.patch
      * Updated standards version
    
     -- Peter Eisentraut <email address hidden>  Mon, 27 Feb 2012 13:55:56 +0200
  • ntp (1:4.2.6.p3+dfsg-3) unstable; urgency=medium
    
    
      * Update format-security.patch to include kfreebsd-specific fixes
        (closes: #653771)
    
     -- Peter Eisentraut <email address hidden>  Thu, 05 Jan 2012 19:37:28 +0200
  • ntp (1:4.2.6.p3+dfsg-2) unstable; urgency=low
    
    
      * Use architecture wildcard for libcap2-dev build dependency, removing
        type-handing dependency (closes: #528440, #587871)
      * Updated standards version
      * Get build flags from dpkg-buildflags, and fix the resulting
        -Wformat-security errors using patch from Colin Watson (closes:
        #542721, #627403)
      * Add -Wl,--as-needed to LDFLAGS, which drops the dependency of ntpdate
        on libcap2
      * Add sntp-manpage.patch to fix some errors in sntp man page pointed out
        by lintian
      * Re-remove tickadj.  The previous method of achieving this by tweaking
        configure cache variables apparently broke at some point, so this time
        do it more directly.
      * Explicitly disable building ntpsnmpd and remove man page (closes:
        #608542; see also #622819)
      * ntpdate-debian: Improve parsing of ntp.conf (closes: #606349)
      * Add descriptions of -4/-6 options to ntpd man page (closes: #613349)
      * Update options list on ntptrace man page to match reality (closes:
        #593417)
      * Add build-arch and build-indep debian/rules targets, per lintian
      * Create ntp user and group separately, to handle the case where the
        user already exists but not the group (closes: #624275)
      * Don't ignore errors from adduser.  If the system user or group already
        exist, this is ignored anyway.  Anything else we want to know about.
      * Generalize ntp.cron.daily to cover all possible filegen stats files
        (closes: #644120)
    
     -- Peter Eisentraut <email address hidden>  Sat, 17 Dec 2011 19:00:10 +0200
  • ntp (1:4.2.6.p3+dfsg-1) unstable; urgency=low
      * New upstream version    - Require newer autogen version  * Include sntp in source, it got rewritting and licensed changed.  * Re-add neoclock4x driver, license got changed.  * Drop nanokernel-status.patch.  2.6.26 was part of lenny, so everybody    really should have nanokernel support now.  The patch also didn't    actually enable the nano kernel.  * Drop mod_nano.patch, libc now provides the proper defines.  * We now build against a libc that has NTP_API 4 support, which means    that we get TAI offset support. -- Kurt Roeckx <email address hidden>  Fri, 03 Jun 2011 16:39:02 +0200
  • ntp (1:4.2.6.p2+dfsg-1) unstable; urgency=low
    
    
      [ Peter Eisentraut ]
      * Update command options section in ntp.conf(5) man page, drop "dynamic"
        option (closes: #553976, #439734)
      * Document ntpd -I option and ntp.conf interface command (closes: #506389)
      * Fix type in ntpdate man page (closes: #566621)
      * Added explanation of options to ntptrace man page (closes: #558289)
      * Removed no longer needed build conflict against libreadline-dev
    
      [ Kurt Roeckx ]
      * New upstream version.
        - Fixes problem with ipv6 multicast (Closes: #584927)
      * Move dhcp exit hooks from /etc/dhcp3/dhclient-enter-hooks.d to
        /etc/dhcp/dhclient-enter-hooks.d.  Add dpkg-maintscript-helper
        to maintainer scripts to move them, and add a Breaks on
        dhcp3-client (<< 4.1.0-1) (Closes: #585054, #585055)
      * Remove ntp's Replaces on logcheck-database, we don't ship log
        logcheck entries anymore for ntp.
    
     -- Kurt Roeckx <email address hidden>  Tue, 13 Jul 2010 20:33:47 +0200
  • ntp (1:4.2.6.p1+dfsg-1) unstable; urgency=low
    
    
      * New upstream version
        - They no longer ship arlib, adjust dfsg.patch.
        - Drop kfreebsd.patch, applied upstream
        - Update patches for upstream changes.
      * Remove the obsolete config files:
    
        for ntp:
        - /etc/logcheck/ignore.d.server/ntp, removed in 1:4.2.6+dfsg-1
        - /etc/dhcp3/dhclient-enter-hooks.d/ntp, replaced by exit hooks in
          1:4.2.4p4+dfsg-3
        - /etc/network/if-up.d/ntp, removed in 1:4.2.4p0+dfsg-1
    
        for ntpdate:
        - /etc/dhcp3/dhclient-enter-hooks.d/ntpdate, replaced by exit hooks in
          1:4.2.4p4+dfsg-3
    
        Use dpkg 1.15.7.2's dpkg-maintscript-helper.  This needs
        a Pre-Depends to work, else it's never going to be removed.
        (Closes: #569530)
      * Add "Depends: ${misc:Depends}" to ntp-doc.
    
     -- Kurt Roeckx <email address hidden>  Mon, 24 May 2010 11:09:51 +0200
  • ntp (1:4.2.6+dfsg-1) unstable; urgency=low
    
    
      * New upstream version
        - They no longer use the built in md5 with unclear license: adjust
          dfsg.sh and dfsg.patch.
        - Location of the html pages has changed location: adjust dfsg.sh
        - Remove ntptimeval.patch and ntptrace-getopt.patch, applied upstream.
        - Change libedit.patch and call configure with
          --with-lineeditlibs=edit instead.
        - Update nanokernel-status.patch to also do it for the new
          direct_freq() function.
        - includes.diff: Stop including ntp_refclock.h, since it breaks things.
        - Upstream no longer provides an ntpdsim.1 manpage, so don't try to
          to remove it.
      * Use the system libopts instead of the internal copy: add build-dependency
        on autogen, call configure with --disable-local-libopts.  There is also
        no need anymore to remove the usr/lib dir.
      * Remove ntp_gettime.patch, it wasn't used, and we have libc calls that
        wrap adjtimex now anyway.
      * Remove the doc.patch, it's either just wrong or more confusing than the
        original text.
      * Merge the ntpd-char-fix.patch into ntpd-ni-maxhost.patch
      * Fix kfreebsd.patch's comment to be about the right patch.
      * Add comment to dfsg.patch
      * Update autotools.patch's comment on how to recreate it.
      * Split ntpd-linux-caps.patch in ntpd-linux-caps-runtime.patch and
        ntpd-linux-caps-inheritable.patch and add comments
      * Don't run init script to stop ntpd, just let sendsigs/killprocs deal
        with it.  (Closes: #540694)
      * Compile with --enable-ntp-signd to enable mssntp for use with samba
        (Closes: #562065)
      * Remove ntp.logcheck.ignore.server, none of those messages are
        send to syslog now.  (Closes: #498992)
    
     -- Kurt Roeckx <email address hidden>  Sat, 26 Dec 2009 14:12:22 +0100
  • ntp (1:4.2.4p8+dfsg-1) unstable; urgency=high
    
    
      * New upstream release.
        - Fixes DoS with mode 7 packets (CVE-2009-3563) (Closes: #560074)
    
     -- Kurt Roeckx <email address hidden>  Tue, 08 Dec 2009 21:41:51 +0100
  • ntp (1:4.2.4p6+dfsg-2) unstable; urgency=medium
    
    
      * Fixed typo in ntpdate man page (closes: #526086)
      * Updated standards version
      * Moved .dhcp version of configuration files to /var/lib/ntp and 
        /var/lib/ntpdate (closes: #524035)
      * Cleaned up man pages to satisfy lintian's hyphen-used-as-minus-sign
        complaint
      * Fixed limited buffer overflow in ntpq (CVE-2009-0159) (closes: #525373)
      * Fixed stack buffer overflow in ntpd (CVE-2009-1252) (closes: #525373)
      * Use new status_of_proc function to report status in ntp init script
      * Updated the config.guess/sub handling as recommended by autotools-dev to
        not clutter the diff, added autotools-dev to build dependencies
    
     -- Peter Eisentraut <email address hidden>  Fri, 12 Jun 2009 17:24:22 +0300
  • ntp (1:4.2.4p6+dfsg-1) unstable; urgency=low
    
    
      * New upstream release
        - Updated ntpdate-ipv6.patch, autotools.patch
        - Obsoletes no-ipv6-fix.patch, CVE-2009-0021.patch
      * Switched build dependency from libcap-dev to libcap2-dev (closes: #474639)
      * Added -D_GNU_SOURCE to CPPFLAGS, to support glibc 2.8 (closes: #507806)
      * Recognize "adjust" in ntpdate logcheck rules (closes: #493907)
      * Removed "dynamic" key word from default ntp.conf, because this is now 
        obsolete and the default
    
     -- Peter Eisentraut <email address hidden>  Wed, 18 Feb 2009 20:24:14 +0200
  • ntp (1:4.2.4p4+dfsg-8) unstable; urgency=low
    
    
      * It did not properly check the return value of EVP_VerifyFinal
        which results in an malformed DSA signature being treated as
        a good signature rather than as an error.  (CVE-2009-0021)
    
     -- Kurt Roeckx <email address hidden>  Mon, 05 Jan 2009 21:10:03 +0100
  • ntp (1:4.2.4p4+dfsg-7) unstable; urgency=low
    
    
      * Added support for numeric IPv6 address in ntpdate-debian (closes: #489712)
      * Updated standards version
      * Added PATH to ntpdate.if-up (closes: #490061)
    
     -- Peter Eisentraut <email address hidden>  Wed, 16 Jul 2008 14:09:41 +0200