head 1.6; access; symbols pkgsrc-2015Q1:1.5.0.14 pkgsrc-2015Q1-base:1.5 pkgsrc-2014Q4:1.5.0.12 pkgsrc-2014Q4-base:1.5 pkgsrc-2014Q3:1.5.0.10 pkgsrc-2014Q3-base:1.5 pkgsrc-2014Q2:1.5.0.8 pkgsrc-2014Q2-base:1.5 pkgsrc-2014Q1:1.5.0.6 pkgsrc-2014Q1-base:1.5 pkgsrc-2013Q4:1.5.0.4 pkgsrc-2013Q4-base:1.5 pkgsrc-2013Q3:1.5.0.2 pkgsrc-2013Q3-base:1.5 pkgsrc-2013Q2:1.4.0.28 pkgsrc-2013Q2-base:1.4 pkgsrc-2013Q1:1.4.0.26 pkgsrc-2013Q1-base:1.4 pkgsrc-2012Q4:1.4.0.24 pkgsrc-2012Q4-base:1.4 pkgsrc-2012Q3:1.4.0.22 pkgsrc-2012Q3-base:1.4 pkgsrc-2012Q2:1.4.0.20 pkgsrc-2012Q2-base:1.4 pkgsrc-2012Q1:1.4.0.18 pkgsrc-2012Q1-base:1.4 pkgsrc-2011Q4:1.4.0.16 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q3:1.4.0.14 pkgsrc-2011Q3-base:1.4 pkgsrc-2011Q2:1.4.0.12 pkgsrc-2011Q2-base:1.4 pkgsrc-2011Q1:1.4.0.10 pkgsrc-2011Q1-base:1.4 pkgsrc-2010Q4:1.4.0.8 pkgsrc-2010Q4-base:1.4 pkgsrc-2010Q3:1.4.0.6 pkgsrc-2010Q3-base:1.4 pkgsrc-2010Q2:1.4.0.4 pkgsrc-2010Q2-base:1.4 pkgsrc-2010Q1:1.4.0.2 pkgsrc-2010Q1-base:1.4 pkgsrc-2009Q4:1.3.0.36 pkgsrc-2009Q4-base:1.3 pkgsrc-2009Q3:1.3.0.34 pkgsrc-2009Q3-base:1.3 pkgsrc-2009Q2:1.3.0.32 pkgsrc-2009Q2-base:1.3 pkgsrc-2009Q1:1.3.0.30 pkgsrc-2009Q1-base:1.3 pkgsrc-2008Q4:1.3.0.28 pkgsrc-2008Q4-base:1.3 pkgsrc-2008Q3:1.3.0.26 pkgsrc-2008Q3-base:1.3 cube-native-xorg:1.3.0.24 cube-native-xorg-base:1.3 pkgsrc-2008Q2:1.3.0.22 pkgsrc-2008Q2-base:1.3 cwrapper:1.3.0.20 pkgsrc-2008Q1:1.3.0.18 pkgsrc-2008Q1-base:1.3 pkgsrc-2007Q4:1.3.0.16 pkgsrc-2007Q4-base:1.3 pkgsrc-2007Q3:1.3.0.14 pkgsrc-2007Q3-base:1.3 pkgsrc-2007Q2:1.3.0.12 pkgsrc-2007Q2-base:1.3 pkgsrc-2007Q1:1.3.0.10 pkgsrc-2007Q1-base:1.3 pkgsrc-2006Q4:1.3.0.8 pkgsrc-2006Q4-base:1.3 pkgsrc-2006Q3:1.3.0.6 pkgsrc-2006Q3-base:1.3 pkgsrc-2006Q2:1.3.0.4 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.3.0.2 pkgsrc-2006Q1-base:1.3 pkgsrc-2005Q4:1.2.0.10 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.8 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.6 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.4 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.2 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.1.1.1.0.16 pkgsrc-2004Q3-base:1.1.1.1 pkgsrc-2004Q2:1.1.1.1.0.14 pkgsrc-2004Q2-base:1.1.1.1 pkgsrc-2004Q1:1.1.1.1.0.12 pkgsrc-2004Q1-base:1.1.1.1 pkgsrc-2003Q4:1.1.1.1.0.10 pkgsrc-2003Q4-base:1.1.1.1 netbsd-1-6-1:1.1.1.1.0.6 netbsd-1-6-1-base:1.1.1.1 netbsd-1-6:1.1.1.1.0.8 netbsd-1-6-RELEASE-base:1.1.1.1 pkgviews:1.1.1.1.0.4 pkgviews-base:1.1.1.1 buildlink2:1.1.1.1.0.2 buildlink2-base:1.1.1.1 netbsd-1-5-PATCH003:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.6 date 2015.04.13.10.03.21; author hannken; state dead; branches; next 1.5; commitid IuL2k6RpvzO8Kphy; 1.5 date 2013.08.16.08.30.20; author hannken; state Exp; branches 1.5.14.1; next 1.4; commitid tgZhVYY2a0TKFE1x; 1.4 date 2010.02.26.09.27.43; author hannken; state Exp; branches 1.4.28.1; next 1.3; 1.3 date 2006.01.08.13.27.53; author joerg; state Exp; branches 1.3.36.1; next 1.2; 1.2 date 2004.11.30.11.26.59; author hannken; state Exp; branches; next 1.1; 1.1 date 2002.03.22.23.01.52; author tron; state Exp; branches 1.1.1.1; next ; 1.5.14.1 date 2015.04.15.21.13.51; author tron; state dead; branches; next ; commitid AW5RGtmDJRqroJhy; 1.4.28.1 date 2013.08.21.12.59.44; author tron; state Exp; branches; next ; commitid kWsWzSH6WV8F0k2x; 1.3.36.1 date 2010.03.07.00.10.17; author tron; state Exp; branches; next ; 1.1.1.1 date 2002.03.22.23.01.52; author tron; state Exp; branches; next ; desc @@ 1.6 log @Update chrony to version 1.31.1. For a full list of changes since 1.29 see file NEWS in the distfile. Security fixes since 1.29: * Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021) (incompatible with previous protocol version, chronyc supports both) * Protect authenticated symmetric NTP associations against DoS attacks (CVE-2015-1799) * Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821) * Fix initialization of reply slots for authenticated commands (CVE-2015-1822) @ text @$NetBSD: patch-ac,v 1.5 2013/08/16 08:30:20 hannken Exp $ Remove unused variable. --- sys_netbsd.c.orig 2013-08-08 13:58:07.000000000 +0000 +++ sys_netbsd.c @@@@ -281,7 +281,6 @@@@ SYS_NetBSD_Initialise(void) }; kvm_t *kt; - FILE *fp; kt = kvm_open(NULL, NULL, NULL, O_RDONLY, NULL); if (!kt) { @ 1.5 log @Update chrony to version 1.29. For a full list of changes since 1.24 see file NEWS in the distfile. Security fixes since 1.24: * Fix crash when processing crafted commands (CVE-2012-4502) (possible with IP addresses allowed by cmdallow and localhost) * Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES replies (CVE-2012-4503) (not used by chronyc) Reviewed by: Joerg Sonnenberger @ text @d1 1 a1 1 $NetBSD$ @ 1.5.14.1 log @Pullup ticket #4660 - requested by hannken net/chrony: security update Revisions pulled up: - net/chrony/Makefile 1.30 - net/chrony/distinfo 1.10 - net/chrony/patches/patch-Makefile.in 1.1 - net/chrony/patches/patch-aa deleted - net/chrony/patches/patch-ab deleted - net/chrony/patches/patch-ac deleted - net/chrony/patches/patch-ad deleted - net/chrony/patches/patch-ae deleted - net/chrony/patches/patch-af deleted - net/chrony/patches/patch-ag deleted - net/chrony/patches/patch-conf.c 1.1 - net/chrony/patches/patch-examples_chrony.conf.example 1.1 - net/chrony/patches/patch-examples_chrony.keys.example 1.1 - net/chrony/patches/patch-ntp__io.c 1.2 --- Module Name: pkgsrc Committed By: hannken Date: Mon Apr 13 10:03:21 UTC 2015 Modified Files: pkgsrc/net/chrony: Makefile distinfo pkgsrc/net/chrony/patches: patch-ntp__io.c Added Files: pkgsrc/net/chrony/patches: patch-Makefile.in patch-conf.c patch-examples_chrony.conf.example patch-examples_chrony.keys.example Removed Files: pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af patch-ag Log Message: Update chrony to version 1.31.1. For a full list of changes since 1.29 see file NEWS in the distfile. Security fixes since 1.29: * Modify chronyc protocol to prevent amplification attacks (CVE-2014-0021) (incompatible with previous protocol version, chronyc supports both) * Protect authenticated symmetric NTP associations against DoS attacks (CVE-2015-1799) * Fix access configuration with subnet size indivisible by 4 (CVE-2015-1821) * Fix initialization of reply slots for authenticated commands (CVE-2015-1822) @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.5 2013/08/16 08:30:20 hannken Exp $ @ 1.4 log @Update to 1.24. The changes in version 1.24 are Security fixes -------------- * Don't reply to invalid cmdmon packets (CVE-2010-0292) * Limit client log memory size (CVE-2010-0293) * Limit rate of syslog messages (CVE-2010-0294) Bug fixes/Enhancements ---------------------- * Support for reference clocks (SHM, SOCK, PPS drivers) * IPv6 support * Linux capabilities support (to drop root privileges) * Memory locking support on Linux * Real-time scheduler support on Linux * Leap second support on Linux * Support for editline library * Support for new Linux readonly adjtime * NTP client support for KoD RATE * Read kernel timestamps for received NTP packets * Reply to NTP requests with correct address on multihomed hosts * Retry name resolving after temporary failure * Fix makestep command, make it available on all systems * Add makestep directive for automatic clock stepping * Don't require _bigadj kernel symbol on NetBSD * Avoid blocking read in Linux RTC driver * Support for Linux on S/390 and PowerPC * Fix various bugs on 64-bit systems * Fix valgrind errors and compiler warnings * Improve configure to support common options and variables * Improve status checking and printing in chronyc * Return non-zero exit code on errors in chronyc * Reduce request timeout in chronyc * Print estimated offset in sourcestats * Changed chronyc protocol, incompatible with older versions Reviewed by: Joerg Sonnenberger @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.3 2006/01/08 13:27:53 joerg Exp $ d3 6 a8 21 --- chronyd.8.orig 2010-02-04 13:07:19.000000000 +0100 +++ chronyd.8 @@@@ -25,8 +25,8 @@@@ If \fBchronyd\fR has been installed to its default location -\fI/usr/local/sbin/chronyd\fR, starting it is simply a matter of entering the +\fI@@PREFIX@@/sbin/chronyd\fR, starting it is simply a matter of entering the command: -\fI/usr/local/sbin/chronyd\fR +\fI@@PREFIX@@/sbin/chronyd\fR Information messages and warnings will be logged to syslog. @@@@ -53,5 +53,5 @@@@ \fB\-f\fR \fIconf-file\fR This option can be used to specify an alternate location for the -configuration file (default \fI/etc/chrony.conf\fR). +configuration file (default \fI@@PKG_SYSCONFDIR@@/chrony.conf\fR). .TP .B \-r @@@@ -103,5 +103,5 @@@@ d10 2 a11 3 .SH FILES -\fI/etc/chrony.conf\fR +\fI@@PKG_SYSCONFDIR@@/chrony.conf\fR d13 2 a14 1 .SH VERSION @ 1.4.28.1 log @Pullup ticket #4215 - requested by hannken net/chrony: security update Revisions pulled up: - net/chrony/Makefile 1.29 - net/chrony/PLIST 1.5 - net/chrony/distinfo 1.8 - net/chrony/files/chronyd.sh 1.5 - net/chrony/patches/patch-aa 1.5 - net/chrony/patches/patch-ab 1.5 - net/chrony/patches/patch-ac 1.5 - net/chrony/patches/patch-ad 1.4 - net/chrony/patches/patch-ae 1.5 - net/chrony/patches/patch-af 1.4 - net/chrony/patches/patch-ag 1.4 --- Module Name: pkgsrc Committed By: hannken Date: Fri Aug 16 08:30:20 UTC 2013 Modified Files: pkgsrc/net/chrony: Makefile PLIST distinfo pkgsrc/net/chrony/files: chronyd.sh pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af Added Files: pkgsrc/net/chrony/patches: patch-ag Log Message: Update chrony to version 1.29. For a full list of changes since 1.24 see file NEWS in the distfile. Security fixes since 1.24: * Fix crash when processing crafted commands (CVE-2012-4502) (possible with IP addresses allowed by cmdallow and localhost) * Don't send uninitialized data in SUBNETS_ACCESSED and CLIENT_ACCESSES replies (CVE-2012-4503) (not used by chronyc) Reviewed by: Joerg Sonnenberger @ text @d1 1 a1 1 $NetBSD$ d3 21 a23 6 Remove unused variable. --- sys_netbsd.c.orig 2013-08-08 13:58:07.000000000 +0000 +++ sys_netbsd.c @@@@ -281,7 +281,6 @@@@ SYS_NetBSD_Initialise(void) }; d25 3 a27 2 kvm_t *kt; - FILE *fp; d29 1 a29 2 kt = kvm_open(NULL, NULL, NULL, O_RDONLY, NULL); if (!kt) { @ 1.3 log @Use SUBST framework, add man pages to the list of files in need of substituation. Use PKG_SYSCONFDIR instead of PREFIX/etc, it can be different. Bump revision. @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.2 2004/11/30 11:26:59 hannken Exp $ d3 1 a3 1 --- chronyd.8.orig 2002-11-04 00:32:10.000000000 +0100 d5 1 a5 2 @@@@ -24,10 +24,10 @@@@ gains or loses time, and compensates for priviliges. d16 1 a16 3 @@@@ -43,7 +43,7 @@@@ to syslog. .TP d23 1 a23 3 This option will reload sample histories for each of the servers being used. @@@@ -83,7 +83,7 @@@@ computer was on. This option displays \fBchronyd\fR's version number to the terminal and exits a29 1 Version 1.17 @ 1.3.36.1 log @Pullup ticket #3041 - requested by hannken chrony: security update Revisions pulled up: - net/chrony/Makefile 1.26 - net/chrony/distinfo 1.7 - net/chrony/patches/patch-aa 1.4 - net/chrony/patches/patch-ab 1.4 - net/chrony/patches/patch-ac 1.4 - net/chrony/patches/patch-ad 1.3 - net/chrony/patches/patch-ae 1.4 - net/chrony/patches/patch-ag delete --- Module Name: pkgsrc Committed By: hannken Date: Fri Feb 26 09:27:43 UTC 2010 Modified Files: pkgsrc/doc: TODO pkgsrc/net/chrony: Makefile distinfo pkgsrc/net/chrony/patches: patch-aa patch-ab patch-ac patch-ad patch-ae Removed Files: pkgsrc/net/chrony/patches: patch-ag Log Message: Update to 1.24. The changes in version 1.24 are Security fixes -------------- * Don't reply to invalid cmdmon packets (CVE-2010-0292) * Limit client log memory size (CVE-2010-0293) * Limit rate of syslog messages (CVE-2010-0294) Bug fixes/Enhancements ---------------------- * Support for reference clocks (SHM, SOCK, PPS drivers) * IPv6 support * Linux capabilities support (to drop root privileges) * Memory locking support on Linux * Real-time scheduler support on Linux * Leap second support on Linux * Support for editline library * Support for new Linux readonly adjtime * NTP client support for KoD RATE * Read kernel timestamps for received NTP packets * Reply to NTP requests with correct address on multihomed hosts * Retry name resolving after temporary failure * Fix makestep command, make it available on all systems * Add makestep directive for automatic clock stepping * Don't require _bigadj kernel symbol on NetBSD * Avoid blocking read in Linux RTC driver * Support for Linux on S/390 and PowerPC * Fix various bugs on 64-bit systems * Fix valgrind errors and compiler warnings * Improve configure to support common options and variables * Improve status checking and printing in chronyc * Return non-zero exit code on errors in chronyc * Reduce request timeout in chronyc * Print estimated offset in sourcestats * Changed chronyc protocol, incompatible with older versions Reviewed by: Joerg Sonnenberger @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- chronyd.8.orig 2010-02-04 13:07:19.000000000 +0100 d5 2 a6 1 @@@@ -25,8 +25,8 @@@@ d17 3 a19 1 @@@@ -53,5 +53,5 @@@@ d26 3 a28 1 @@@@ -103,5 +103,5 @@@@ d35 1 @ 1.2 log @Update to version 1.20 - Many small tidy-ups and security improvements. - Merge support for 64bit architectures. - Generate more informative syslog messages before exiting on failed assertions. - Fix bugs in clamping code for the tick value used when slewing a large offset. @ text @d1 1 a1 1 $NetBSD$ d23 1 a23 1 +configuration file (default \fI@@PREFIX@@/etc/chrony.conf\fR). d32 1 a32 1 +\fI@@PREFIX@@/etc/chrony.conf\fR @ 1.1 log @Initial revision @ text @d3 1 a3 1 --- chronyd.8.orig Sun Feb 17 23:23:14 2002 d5 1 a5 1 @@@@ -24,10 +24,10 @@@@ d18 1 a18 1 @@@@ -43,7 +43,7 @@@@ d27 1 a27 1 @@@@ -83,7 +83,7 @@@@ @ 1.1.1.1 log @Import new "chrony" package: Daemon for maintaining the accuracy of computer clocks This packages was supplied by Juergen Hannken-Illjes in PR pkg/15729. @ text @@