r25 - 2014-12-20 - 05:24:33 - HarlanStennYou are here: NTP >  Dev Web > ReleaseIssues > ReleaseSteps
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p10 was released on 21 March 2017. It addresses 6 medium- and 5 low-severity security issues, 4 informational security topics, 15 bugfixes, and contains other improvements over 4.2.8p9.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Release Steps

Here are notes on what to do to create a release.

Related Items: ChangeLogMaintenance, SnapshotRollProblems

Stable Point RC

  • make distcheck just to be sure it works
  • Update packageinfo.sh (read the comments in the file) and checkin/commit
  • If "stable has new changes!" email has been sent, /backroom/snaps/.mksnap-$REPO-pull must be removed.
  • touch /backroom/snaps/.stable-ok-to-roll

It's often easier to let the 'snap' process handle the autogen stuff...

Stable Point Release

  • Handle the NewsFileMaintenance and have somebody to review those changes. Check-in/commit the file.
  • The ChangeLogMaintenance is no longer needed, as we do that as part of the normal checkin process now.
  • in packageinfo.sh set:
    • rcpoint=GO
    • If there will be no RC, then the only thing to do is bump the point value.
  • check-in and commit NEWS, ChangeLog and packageinfo.sh
  • make to get the generated file timestamps sync'd (the change to packageinfo.sh triggers version number updates, which triggers autogen)
  • make distcheck just to be sure it works
    • The tarball will be named foo-RCGO
    • Remember to bk unedit `cat .point-changed-filelist`
    • bk status -v should be clean
  • touch /backroom/snaps/.stable-ok-to-roll

Stable Major Release

Also see the section below on Dev RC Releases.

These are kinda nasty.

It involves:

  • visit http://bugs.ntp.org/editversions.cgi and create the new version choice for bugzilla.
  • Handle the NewsFileMaintenance and have somebody to review those changes. Check-in/commit the file into -dev.
  • pulling from -dev to -stable
  • Probably doing ChangeLogMaintenance, making sure the top of the ChangeLog file is the --- marker.
  • wiggling versions in packageinfo.sh in both -stable and -dev, and committing these changes.
    • for -stable:
      • repotype=stable
      • ++minor
      • prerelease=
      • point=NEW
      • rcpoint=
      • commit packageinfo.sh
    • for -dev:
      • bump minor by 2
      • prerelease=
      • point=NEW
      • rcpoint=GRONK
      • commit packageinfo.sh
  • pulling -stable into -dev, using the -dev version of the packageinfo.sh file.
  • After the -stable roll, pull into -dev again, keeping the -dev versions of all of the AutoGen files. Talk to Dave Hart about this!
  • Go in to the snap directory and clean out the A.* files and the old tarballs, etc.

Dev Releases

These pretty much happen automatically - I don't have to do anything special for these.

There are "normal" and RC -dev releases.

Dev RC Releases

These are easy in and of themselves, but consider things like UpdatingLibopts if we are certain we won't be issuing any more -stable releases before the next major -stable release.

Spool area nitty-gritty

The public spool area contains, for example:

drwxrwxr-x   6 mills    ntp           21 Nov  6 23:26 .
drwxrwsr-x   9 ntp      ntp           12 Jun  5  2007 ..
-rw-r--r--   1 ntp      ntp            0 Jun 16  2007 .changes-dev
-rw-r--r--   1 ntp      ntp        10257 Jun 20  2007 .changes-stable
-rw-r--r--   1 ntp      ntp           76 Nov  6 22:32 .ignoreme-dev
-rw-r--r--   1 ntp      ntp           66 Sep 12 00:24 .ignoreme-stable
-rw-r--r--   1 ntp      ntp           74 Oct 29 04:41 .ignoreme-stable-rc
-rw-r--r--   1 ntp      ntp       103178 Nov  6 22:32 ChangeLog-dev
-rw-r--r--   1 ntp      ntp        60698 Oct  9  2009 ChangeLog-dev-rc
-rw-r--r--   1 ntp      ntp        77294 Oct 29 04:41 ChangeLog-stable
-rw-r--r--   1 ntp      ntp           45 Sep 11 16:29 ChangeLog-stable-rc
-rw-r--r--   2 ntp      ntp         6825 Sep 11 16:29 NEWS
-rw-r--r--   1 ntp      ntp          817 Apr 12  2006 README.versions
drwxrwxr-x   2 ntp      ntp           43 Dec 31  2004 ntp-4.0
drwxrwxr-x   2 ntp      ntp            6 Oct  8  2006 ntp-4.1
drwxrwxr-x   2 ntp      ntp          136 Oct 29 04:41 ntp-4.2
-rw-r--r--   2 ntp      ntp      4338873 Jul  8 22:39 ntp-4.2.6p2.tar.gz
-rw-r--r--   2 ntp      ntp           50 Jul  8 22:39 ntp-4.2.6p2.tar.gz.md5
-rw-r--r--   2 ntp      ntp      4361657 Oct 29 04:41 ntp-4.2.6p3-RC8.tar.gz
-rw-r--r--   2 ntp      ntp           50 Oct 29 04:41 ntp-4.2.6p3-RC8.tar.gz.md5
drwxrwxr-x   2 ntp      ntp          785 Nov  6 22:32 ntp-dev

The snapshot roll process updates the .ignoreme-* files and the ChangeLog* files. A script that runs on the UDel FTP server handles updating the links to the latest files.

  • It looks like the .changes* files are no longer needed - Steve, do you agree?

.ignoreme* files

stable updates .ignoreme-$NAME, while dev updates .ignoreme-$REPO. $REPO is either stable or dev (as appropriate). $NAME is $REPO for any (dev or stable) releases, and is $REPO-rc for any RC or beta (dev or stable) releases.

This is handled by the .mksnap-${REPO}-spool target in the Snapshot Makefile.

Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r25 < r24 < r23 < r22 < r21 | More topic actions
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback