[ Christian Ehrhardt ]
* Merge from Debian testing. Remaining changes:
+ debian/rules: enable debugging. Asked debian to add this in bug #643954.
+ debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook.
+ debian/control: Add Suggests on apparmor.
+ debian/source_ntp.py: Add filter on AppArmor profile names to prevent
false positives from denials originating in other packages
+ debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before
running ntpdate when an interface comes up, then start again afterwards.
+ debian/ntp.init, debian/rules: Only stop when entering single user mode,
don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can
get stale. Patch by Simon Déziel.
+ debian/ntp.conf, debian/ntpdate.default: Change default server to
ntp.ubuntu.com.
+ debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y).
+ Extend PPS support
- debian/README.Debian: Add a PPS section to the README.Debian
- debian/ntp.conf: Add some configuration examples from the offical documentation.
+ SECURITY UPDATE: NTP statsdir cleanup cronjob insecure (LP: #1528050)
- debian/ntp.cron.daily: fix security issues, patch thanks to halfdog!
- CVE-2016-0727
+ Merge also contains an upstream fix that solves (LP: #1567540)
* Added changes
+ match Ubuntu packages now that Debian has ntp apparmor accepted in
d/control for Apparmor conflicts/replaces
+ d/apparmor-profile add samba winbindd pipe (LP: #1582767)
* Drop Changes:
+ Add enforcing AppArmor profile (accepted in Debian):
- debian/control: Add Conflicts/Replaces on apparmor-profiles.
- debian/control: Add Suggests on apparmor.
- debian/control: Build-Depends on dh-apparmor.
- add debian/apparmor-profile*.
- debian/ntp.dirs: Add apparmor directories.
- debian/rules: Install apparmor-profile and apparmor-profile.tunable.
- debian/source_ntp.py: Add filter on AppArmor profile names to prevent
false positives from denials originating in other packages.
- debian/README.Debian: Add note on AppArmor.
+ Add PPS support (accepted in Debian)
- debian/control: Add Build-Depends on pps-tools
+ debian/apparmor-profile: allow 'rw' access to /dev/pps[0-9]* devices.
+ d/p/fix_local_sync.patch: fix local clock sync (fixed upstream)
+ debian/patches/ntpdate-fix-lp1526264.patch (fixed upstream):
- Add Alfonso Sanchez-Beato's patch for fixing the cannot correct dates in
the future bug
+ debian/apparmor-profile: adjust to handle AF_UNSPEC with dgram and stream
+ dropping previous ubuntu security patches/fixes that have been upstreamed
in 4.2.8p6: CVE-2015-7973, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977,
CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158
+ dropping previous ubuntu security patches/fixes that have been upstreamed
in 4.2.8p7: CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518,
CVE-2015-7974, CVE-2016-1547
[ Robie Basak ]
* Restore AppArmor entries in debian/ntp.dirs.
ntp (1:4.2.8p8+dfsg-1) unstable; urgency=high
* New usptream version
- Fixes security issues
ntp (1:4.2.8p7+dfsg-4) unstable; urgency=high
* Update apparmor-profiles-extra again now we now in which version they
removed it.
* Call dh_apparmor. Add build-depends on dh-apparmor. (Closes: #824767)
ntp (1:4.2.8p7+dfsg-3) unstable; urgency=medium
[ Hideki Yamane ]
* Properly enable Apparmor profile from Ubuntu (Closes: #823024)
Patch from Hideki Yamane <email address hidden>
* Update replace/breaks versions of apparmor-profiles-extra
(Closes: #805183)
ntp (1:4.2.8p7+dfsg-2) unstable; urgency=medium
* Only build-depend on pps-tools on Linux
ntp (1:4.2.8p7+dfsg-1) unstable; urgency=medium
* New upstream version
This might fix a few CVEs.
* Drop CVE-2015-5300.patch and CVE-2015-7704.patch now claimed to
be fixed upstream.
* Remove Bdale from uploaders (Closes: #804377)
* Remove section about patching the kernel for PPS support, it's already
included in the kernel (Closes: #811171)
* Pass --build and --host to configure. (Closes: #315935)
Patch from Helmut Grohne <email address hidden>
* Missing Build-Depends libopts25-dev (which is not implicit in autogen,
because autogen is M-A:foreign).
Patch from Helmut Grohne <email address hidden>
* Fix ntp.dhcp to also check for pool and better handle spaces and tabs.
(Closes: #809344, #806676)
* Change watch file to use https (Closes: #793926)
* Hook into NetworkManager to update ntp servers from dhcp. (Closes:
#778415). Patch from Helmut Grohne <email address hidden>
* Build Depend on pps-tools (Closes: #691672)
* Don't run ntpdate when method is none. Patch from
Dmitry Borisyuk <q1werty@i.com.ua>
* Also use flock to in the ntp init script, and update the lock file
location. (Closes: #806556)
* Move apparmor profile from apparmor-profiles-extra. Add Breaks/Replaces.
(Closes: #805183)
This bug was fixed in the package ntp - 1:4.2.8p8+ dfsg-1ubuntu1
--------------- 8p8+dfsg- 1ubuntu1) yakkety; urgency=medium
ntp (1:4.2.
[ Christian Ehrhardt ] source_ ntp.py: Add apport hook. source_ ntp.py: Add filter on AppArmor profile names to prevent ntpdate. if-up: Fix interaction with openntpd. Stop ntp before ntp/ntp. conf.dhcp if /etc/ntp.conf is newer - it can ntpdate. default: Change default server to ubuntu. com. README. Debian: Add a PPS section to the README.Debian
documentation. ntp.cron. daily: fix security issues, patch thanks to halfdog! apparmor- profile* . profile. tunable. source_ ntp.py: Add filter on AppArmor profile names to prevent README. Debian: Add note on AppArmor. apparmor- profile: allow 'rw' access to /dev/pps[0-9]* devices. local_sync. patch: fix local clock sync (fixed upstream) patches/ ntpdate- fix-lp1526264. patch (fixed upstream): apparmor- profile: adjust to handle AF_UNSPEC with dgram and stream 2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158 2015-7974, CVE-2016-1547
* Merge from Debian testing. Remaining changes:
+ debian/rules: enable debugging. Asked debian to add this in bug #643954.
+ debian/rules, debian/ntp.dirs, debian/
+ debian/control: Add Suggests on apparmor.
+ debian/
false positives from denials originating in other packages
+ debian/
running ntpdate when an interface comes up, then start again afterwards.
+ debian/ntp.init, debian/rules: Only stop when entering single user mode,
don't use /var/lib/
get stale. Patch by Simon Déziel.
+ debian/ntp.conf, debian/
ntp.
+ debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y).
+ Extend PPS support
- debian/
- debian/ntp.conf: Add some configuration examples from the offical
+ SECURITY UPDATE: NTP statsdir cleanup cronjob insecure (LP: #1528050)
- debian/
- CVE-2016-0727
+ Merge also contains an upstream fix that solves (LP: #1567540)
* Added changes
+ match Ubuntu packages now that Debian has ntp apparmor accepted in
d/control for Apparmor conflicts/replaces
+ d/apparmor-profile add samba winbindd pipe (LP: #1582767)
* Drop Changes:
+ Add enforcing AppArmor profile (accepted in Debian):
- debian/control: Add Conflicts/Replaces on apparmor-profiles.
- debian/control: Add Suggests on apparmor.
- debian/control: Build-Depends on dh-apparmor.
- add debian/
- debian/ntp.dirs: Add apparmor directories.
- debian/rules: Install apparmor-profile and apparmor-
- debian/
false positives from denials originating in other packages.
- debian/
+ Add PPS support (accepted in Debian)
- debian/control: Add Build-Depends on pps-tools
+ debian/
+ d/p/fix_
+ debian/
- Add Alfonso Sanchez-Beato's patch for fixing the cannot correct dates in
the future bug
+ debian/
+ dropping previous ubuntu security patches/fixes that have been upstreamed
in 4.2.8p6: CVE-2015-7973, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977,
CVE-
+ dropping previous ubuntu security patches/fixes that have been upstreamed
in 4.2.8p7: CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518,
CVE-
[ Robie Basak ]
* Restore AppArmor entries in debian/ntp.dirs.
ntp (1:4.2.8p8+dfsg-1) unstable; urgency=high
* New usptream version
- Fixes security issues
ntp (1:4.2.8p7+dfsg-4) unstable; urgency=high
* Update apparmor- profiles- extra again now we now in which version they
removed it.
* Call dh_apparmor. Add build-depends on dh-apparmor. (Closes: #824767)
ntp (1:4.2.8p7+dfsg-3) unstable; urgency=medium
[ Hideki Yamane ] profiles- extra
* Properly enable Apparmor profile from Ubuntu (Closes: #823024)
Patch from Hideki Yamane <email address hidden>
* Update replace/breaks versions of apparmor-
(Closes: #805183)
ntp (1:4.2.8p7+dfsg-2) unstable; urgency=medium
* Only build-depend on pps-tools on Linux
ntp (1:4.2.8p7+dfsg-1) unstable; urgency=medium
* New upstream version profiles- extra. Add Breaks/Replaces.
This might fix a few CVEs.
* Drop CVE-2015-5300.patch and CVE-2015-7704.patch now claimed to
be fixed upstream.
* Remove Bdale from uploaders (Closes: #804377)
* Remove section about patching the kernel for PPS support, it's already
included in the kernel (Closes: #811171)
* Pass --build and --host to configure. (Closes: #315935)
Patch from Helmut Grohne <email address hidden>
* Missing Build-Depends libopts25-dev (which is not implicit in autogen,
because autogen is M-A:foreign).
Patch from Helmut Grohne <email address hidden>
* Fix ntp.dhcp to also check for pool and better handle spaces and tabs.
(Closes: #809344, #806676)
* Change watch file to use https (Closes: #793926)
* Hook into NetworkManager to update ntp servers from dhcp. (Closes:
#778415). Patch from Helmut Grohne <email address hidden>
* Build Depend on pps-tools (Closes: #691672)
* Don't run ntpdate when method is none. Patch from
Dmitry Borisyuk <q1werty@i.com.ua>
* Also use flock to in the ntp init script, and update the lock file
location. (Closes: #806556)
* Move apparmor profile from apparmor-
(Closes: #805183)
-- Christian Ehrhardt <email address hidden> Fri, 29 Jul 2016 12:42:43 +0200