<div dir="ltr">(resending because of mail misconfiguration)<br>The NTPsec Project is pleased to announce the tagging of version 1.1.0<br> <br> <a href="https://blog.ntpsec.org/2018/03/15/version-1.1.0.html">https://blog.ntpsec.org/2018/03/15/version-1.1.0.html</a><br> <br> RIP Stephen William Hawking, CH CBE FRS FRSA. 1942-01-08 - 2018-03-14<br> You gave us a Brief History of Time. We will just count it.<br> <br> Enough user visible changes have been made that this is the 1.1.0 release instead of a 1.0.1.<br> <br> The code size is now 55KLOC in C, 15KLOC in Python.<br> <br> Digests longer then 20 bytes will be truncated.<br> <br> We have merged the NTP Classic fix for CVE-2018-7182.<br> <br> The following NTP Classic CVEs announced in February 2018 do not affect NTPsec:<br> <br> * CVE-2016-1549: Sybil vulnerability: ephemeral association attack<br> * CVE-2018-7170: Multiple authenticated ephemeral associations<br> * CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state<br> * CVE-2018-7185: Unauthenticated packet can reset authenticated interleaved association<br> * CVE-2018-7183: ntpq:decodearr() can write beyond its buffer limit<br> <br> We have dropped support for Broadcast servers. We had kept it for<br> older desktop operating systems listening on the local network<br> broadcast domain, a use case that is now no longer in use at sane<br> enviroments, and no longer necessary for modern desktop OSs.<br> <br> It is now possible to unpeer refclocks using a type/unit specification<br> rather than a magic IP address. This was the last obligatory use of<br> magic IP addresses in the configuration grammar.<br> <br> OpenBSD has been removed from the list of supported platforms for<br> ntpd. It will be restored if and when its clock API supports drift<br> adjustment via ntp_adjtime() or equivalent facility.<br> <br> Mac OS X support has been dropped pending the implementation of<br> ntp_adjtime(2).<br> <br> A bug that caused the rejection of 33% of packets from Amazon time<br> service has been fixed.<br> <br> As always, you can download the release tarballs with sums and signatures<br> from <a href="ftp://ftp.ntpsec.org/pub/releases/">ftp://ftp.ntpsec.org/pub/releases/</a><br> and can clone the git repo<br> from <a href="https://gitlab.com/NTPsec/ntpsec.git">https://gitlab.com/NTPsec/ntpsec.git</a><br> <br> The GPG signatures for the tarball, sum file, and signed git tag can<br> be checked with GPG key<br> <a href="https://sks-keyservers.net/pks/lookup?op=vindex&search=0x05D9B371477C7528">https://sks-keyservers.net/pks/lookup?op=vindex&search=0x05D9B371477C7528</a><br> <br> --<br> ..π πΈπ<br> Mark Atwood <<a href="mailto:mark.atwood@ntpsec.org">mark.atwood@ntpsec.org</a>><br> Project Manager of the NTPsec Project<br> <a href="tel:(206)%20604-2198">+1-206-604-2198</a></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><p dir="ltr">Mark Atwood<br>
<a href="http://about.me/markatwood">http://about.me/markatwood</a><br>
+1-206-604-2198</p>
</div></div>