From 009f1a5ae86ae316b8d1829d708fa6b35ea3033d Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 25 Aug 2020 10:58:31 +0200 Subject: [PATCH] doc: update NEWS --- NEWS | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 31608cd..aab0295 100644 --- a/NEWS +++ b/NEWS @@ -5,20 +5,33 @@ Enhancements ------------ * Add support for Network Time Security (NTS) authentication * Add support for AES-CMAC keys (AES128, AES256) with Nettle -* Add support for maxsamples of 1 for faster update with -q/-Q option +* Add authselectmode directive to control selection of unauthenticated sources +* Add binddevice, bindacqdevice, bindcmddevice directives +* Add confdir directive to better support fragmented configuration +* Add sourcedir directive and "reload sources" command to support + dynamic NTP sources specified in files +* Add dscp directive to set Differentiated Services Code Point (DSCP) * Add -L option to limit log messages by severity +* Add -p option to print whole configuration with included files +* Allow maxsamples to be set to 1 for faster update with -q/-Q option * Avoid replacing NTP sources with sources that have unreachable address * Improve pools to repeat name resolution to get "maxsources" sources +* Improve source selection with trusted sources * Improve NTP loop test to prevent synchronisation to itself +* Repeat iburst when NTP source is switched from offline state to online * Update clock synchronisation status and leap status more frequently * Update seccomp filter * Add "add pool" command +* Add "reset sources" command to drop all measurements +* Add authdata command to print details about NTP authentication +* Add selectdata command to print details about source selection * Add -N option and sourcename command to print original names of sources -* Add -a option to sources/sourcestats command to print unresolved sources -* Add reset command to drop all measurements +* Add -a option to some commands to print also unresolved sources +* Add -k, -p, -r options to clients command to select, limit, reset data Bug fixes --------- +* Don't set interface for NTP responses to allow asymmetric routing * Handle RTCs that don't support interrupts * Respond to command requests with correct address on multihomed hosts @@ -26,6 +39,13 @@ Removed features ---------------- * Drop support for RIPEMD keys (RMD128, RMD160, RMD256, RMD320) +New in version 3.5.1 +==================== + +Security fixes +-------------- +* Create new file when writing pidfile (CVE-2020-14367) + New in version 3.5 ==================