lp:ubuntu/lucid/ntp

Branch merges

Propose for merging

1 branch proposed for merging into this one.

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

39. By Jamie Strandboge on 2010-04-08

debian/apparmor-profile: allow reading of /var/lib/ntp/ntp.conf.dhcp
(LP: #517701)

38. By Chuck Short on 2010-02-02

* Merge from debian testing, remaining changes:
  + debian/ntp.conf, debian/ntpdate.default: Change default server to
    ntp.ubuntu.com.
  + debian/ntpdate.ifup: Stop ntp before running ntpdate when an interface
    comes up, then start again afterwards.
  + debian/ntp.init, debian/rules: Only stop when entering single user mode.
  + Add enforcing AppArmor profile (LP: #382905):
    - debian/control: add Conflicts/Replaces on apparmor-profiles <
      2.3.1+1403-0ubuntu10 (since we are now shipping usr.sbin.ntpd) and
      apparmor < 2.3.1+1403-0ubuntu10 (since we are now shipping tunables/ntpd)
    - debian/control: add Suggests on apparmor
    - debian/ntp.dirs: add apparmor directories
    - debian/ntp.preinst: force complain on certain upgrades
    - debian/ntp.postinst: reload apparmor profile
    - debian/ntp.postrm: remove the force-complain file
    - add debian/apparmor-profile*
    - debian/rules: install apparmor-profile and apparmor-profile.tunable
    - debian/README.Debian: add note on AppArmor
  + debian/{control,rules}: add and enable hardened build for PIE
    (Debian bug 542721).
  + debian/apparmor-profile: adjust location of drift files (LP: #456308)
  + Dropped changes, merged in debian:
    - fix-nano.patch: Use mod_nano.patch from debian.
  + Dropped changes, superseded upstream/in Debian:
    - debian/patches/CVE-2009-1252.patch: No longer needed.
    - debian/patches/debian/patches/CVE-2009-0159.patch: No longer needed.

 [Chuck Short]
 + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport
   hook, apart of the server-lucid-apport-hooks specification.

37. By Kees Cook on 2009-12-15

debian/rules: install symlink for early loading of per-interface
triggered ntp AppArmor profile.

36. By Jamie Strandboge on 2009-12-08

* SECURITY UPDATE: fix DoS with mode 7 (MODE_PRIVATE) packets
  - debian/patches/CVE-2009-3563.patch: update ntpd/ntp_request.c to
    not send a response packet for and rate limit logging of invalid mode 7
    requests and responses
  - CVE-2009-3563

35. By Chuck Short on 2009-12-07

* debian/rules: enable debugging (LP: #47683)
* debian/ntpdate-if.up: Hide invoke-rc.d output. (LP: #489585)
* debian/man/ntptrace.1: Update man page removed ghost options. (LP: #351989)

34. By Chuck Short on 2009-11-06

* Merge from debian testing, remaining changes:
  + debian/ntp.conf, debian/ntpdate.default: Change default server to
    ntp.ubuntu.com.
  + debian/ntpdate.ifup: Stop ntp before running ntpdate when an interface
    comes up, then start again afterwards
  + debian/ntp.init, debian/rules: Only stop when entering single user mode.
  + Add enforcing AppArmor profile (LP: #382905)
    - debian/control: add Conflicts/Replaces on apparmor-profiles <
      2.3.1+1403-0ubuntu10 (since we are now shipping usr.sbin.ntpd) and
      apparmor < 2.3.1+1403-0ubuntu10 (since we are now shipping
      tunables/ntpd)
    - debian/control: add Suggests on apparmor
    - debian/ntp.dirs: add apparmor directories
    - debian/ntp.preinst: force complain on certain upgrades
    - debian/ntp.postinst: reload apparmor profile
    - debian/ntp.postrm: remove the force-complain file
    - add debian/apparmor-profile*
    - debian/rules: install apparmor-profile and apparmor-profile.tunable
    - debian/README.Debian: add note on AppArmor
  + debian/patches/fix-nano.patch: enable nanokernel support (LP: #412242)
  + debian/{control,rules}: add and enable hardened build for PIE
    (Debian bug 542721).
  + debian/apparmor-profile: adjust location of drift files (LP: #456308)
  + Dropped changes, merged in Debian:
    - debian/man/ntpdate.8 - fix debian shipped manpage; patch by
      Josh Holland <email address hidden>
  + Dropped changes, superseded upstream/in Debian:
    - debian/patches/CVE-2009-0159.patch: Use Debian's version of the patch.
    - debian/patches/CVE-2009-1252.patch: Use Debian's version of the patch.

33. By Jamie Strandboge on 2009-10-21

debian/apparmor-profile: adjust location of drift files (LP: #456308)

32. By Kees Cook on 2009-08-20

debian/{control,rules}: add and enable hardened build for PIE
(Debian bug 542721).

31. By Jamie Strandboge on 2009-08-11

* Add enforcing AppArmor profile (LP: #382905)
  - debian/control: add Conflicts/Replaces on apparmor-profiles <
    2.3.1+1403-0ubuntu10 (since we are now shipping usr.sbin.ntpd) and
    apparmor < 2.3.1+1403-0ubuntu10 (since we are now shipping
    tunables/ntpd)
  - debian/control: add Suggests on apparmor
  - debian/ntp.dirs: add apparmor directories
  - debian/ntp.preinst: force complain on certain upgrades
  - debian/ntp.postinst: reload apparmor profile
  - debian/ntp.postrm: remove the force-complain file
  - add debian/apparmor-profile*
  - debian/rules: install apparmor-profile and apparmor-profile.tunable
  - debian/README.Debian: add note on AppArmor
* debian/patches/fix-nano.patch: enable nanokernel support (LP: #412242)

30. By Jamie Strandboge on 2009-05-19

* SECURITY UPDATE: stack overflow in ntpd when autokey is enabled
  - debian/patches/CVE-2009-1252.patch: update ntpd/ntp_crypto.c to use
    snprintf() with NTP_MAXSTRLEN when writing to statstr. Also defensively
    adjust ntp_peer.c and ntp_timer.c to do the same.
  - CVE-2009-1252
* SECURITY UPDATE: stack overflow in ntpq when contacting malicious ntp
  server
  - debian/patches/CVE-2009-0159.patch: increase size of buffer in
    cookedprint() in ntpq/ntpq.c and adjust to use snprintf()
  - CVE-2009-0159