Bug#825087: jessie-pu: package chrony/1.30-2+deb8u2
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
Could you please accept chrony 1.30-2+deb8u2 in the next jessie point
release? It fixes three issues of different magnitudes.
The most important one is the fix for CVE-2016-1567 though it didn’t
warrant a DSA.
The next one might sound probably not important enough to be fixed in a
stable point release but it has some nasty consequences. We are
mistakenly deleting the content of /var/lib/chrony on package removal.
This directory contains the driftfile and the measurement history for
each time source. The former file has a particularly important role, it
stores the gain or loss rate of the system clock relative to the RTC
which could take some time to calculate depending of how crappy the RTC
is so it would be definitely better if we could avoid to delete it each
time chrony is upgraded or installed from Config-Files state.
To conclude, the last fix revises the postrotate script from the
logrotate configuration file. It suffers from two issues, the first one
is that it assumes the commandkey directive from chrony.conf takes ID 1,
that’s not necessarily true!
Also, as leading tabs aren’t ignored in the heredoc, the delimiting
identifier is passed to chronyc option causing some noise (Unrecognized
command) in logs. To fix that issue, I could have appended a minus sign
to “<<” but that wouldn’t have solved the other the other one,
consequently I decided to just make use of the dedicated option provided
by chronyc to fix both problems.
Voilà, hope that’s receivable!
Have a good day,
Vincent
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (990, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Reply to: