ntp: Vendor import of ntp-4.2.8p18

MFC: 3 days

Merge commit '1f833b3fc9968c3dd7ed79ccf0525ebf16c891ad' into main

ntp: import ntp-4.2.8p16

Security: NtpBUg3767, NtpBug3808, NtpBug3807 (CVE-2023-26555)
MFC after: immediately

MFV r358616:

Update ntp-4.2.8p13 --> 4.2.8p14.

The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele

No CVEs have been documented yet.

MFC after: now
Security: http://support.ntp.org/bin/view/Main/NtpBug3610
http://support.ntp.org/bin/view/Main/NtpBug3596
http://support.ntp.org/bin/view/Main/NtpBug3592

MFV r338092: ntp 4.2.8p12.

Relnotes: yes

MFV r330102: ntp 4.2.8p11

MFV r308954:

ntp 4.2.8p9.

Approved by: so

MFV r301238:

ntp 4.2.8p8.

Security: CVE-2016-4957, CVE-2016-4953, CVE-2016-4954
Security: CVE-2016-4955, CVE-2016-4956
Security: FreeBSD-SA-16:24.ntp
With hat: so

MFV r298691:

ntp 4.2.8p7.

Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security: CVE-2016-2519
Security: FreeBSD-SA-16:16.ntp
With hat: so

MFV r294491: ntp 4.2.8p6.

Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975
Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978
Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139
Security: CVE-2015-8140, CVE-2015-8158
With hat: so

MFV ntp-4.2.8p4 (r289715)

Security: VuXML: c4a18a12-77fc-11e5-a687-206a8a720317
Security: CVE-2015-7871
Security: CVE-2015-7855
Security: CVE-2015-7854
Security: CVE-2015-7853
Security: CVE-2015-7852
Security: CVE-2015-7851
Security: CVE-2015-7850
Security: CVE-2015-7849
Security: CVE-2015-7848
Security: CVE-2015-7701
Security: CVE-2015-7703
Security: CVE-2015-7704, CVE-2015-7705
Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702
Security: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
Sponsored by: Nginx, Inc.

MFV ntp-4.2.8p3 (r284990).

Approved by: roberto, delphij
Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0
Security: http://bugs.ntp.org/show_bug.cgi?id=2853
Security: https://www.kb.cert.org/vuls/id/668167
Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi

MFV ntp 4.2.8p2 (r281348)

Reviewed by: delphij (suggested MFC)
Approved by: roberto
Security: CVE-2015-1798, CVE-2015-1799
Security: VuXML ebd84c96-dd7e-11e4-854e-3c970e169bc2
MFC after: 1 month

MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284)

Thanks to roberto for providing pointers to wedge this into HEAD.

Approved by: roberto

ntp: import ntp-4.2.8p16

Security: NtpBUg3767, NtpBug3808, NtpBug3807 (CVE-2023-26555)
MFC after: immediately

MFV r358616:

Update ntp-4.2.8p13 --> 4.2.8p14.

The advisory can be found at:
http://support.ntp.org/bin/view/Main/SecurityNotice#\
March_2020_ntp_4_2_8p14_NTP_Rele

No CVEs have been documented yet.

MFC after: now
Security: http://support.ntp.org/bin/view/Main/NtpBug3610
http://support.ntp.org/bin/view/Main/NtpBug3596
http://support.ntp.org/bin/view/Main/NtpBug3592

MFV r338092: ntp 4.2.8p12.

Relnotes: yes

MFV r330102: ntp 4.2.8p11

MFV r308954:

ntp 4.2.8p9.

Approved by: so

MFV r301238:

ntp 4.2.8p8.

Security: CVE-2016-4957, CVE-2016-4953, CVE-2016-4954
Security: CVE-2016-4955, CVE-2016-4956
Security: FreeBSD-SA-16:24.ntp
With hat: so

MFV r298691:

ntp 4.2.8p7.

Security: CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security: CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security: CVE-2016-2519
Security: FreeBSD-SA-16:16.ntp
With hat: so

MFV r294491: ntp 4.2.8p6.

Security: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975
Security: CVE-2015-7976, CVE-2015-7977, CVE-2015-7978
Security: CVE-2015-7979, CVE-2015-8138, CVE-2015-8139
Security: CVE-2015-8140, CVE-2015-8158
With hat: so

MFV ntp-4.2.8p4 (r289715)

Security: VuXML: c4a18a12-77fc-11e5-a687-206a8a720317
Security: CVE-2015-7871
Security: CVE-2015-7855
Security: CVE-2015-7854
Security: CVE-2015-7853
Security: CVE-2015-7852
Security: CVE-2015-7851
Security: CVE-2015-7850
Security: CVE-2015-7849
Security: CVE-2015-7848
Security: CVE-2015-7701
Security: CVE-2015-7703
Security: CVE-2015-7704, CVE-2015-7705
Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702
Security: http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
Sponsored by: Nginx, Inc.

MFV ntp-4.2.8p3 (r284990).

Approved by: roberto, delphij
Security: VuXML: 0d0f3050-1f69-11e5-9ba9-d050996490d0
Security: http://bugs.ntp.org/show_bug.cgi?id=2853
Security: https://www.kb.cert.org/vuls/id/668167
Security: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi

MFV ntp 4.2.8p2 (r281348)

Reviewed by: delphij (suggested MFC)
Approved by: roberto
Security: CVE-2015-1798, CVE-2015-1799
Security: VuXML ebd84c96-dd7e-11e4-854e-3c970e169bc2
MFC after: 1 month

MFV ntp 4.2.8p1 (r258945, r275970, r276091, r276092, r276093, r278284)

Thanks to roberto for providing pointers to wedge this into HEAD.

Approved by: roberto