chrony (4.5-3ubuntu4) plucky; urgency=medium

  Starting with version 4.5-3ubuntu4, chrony will ship with a default
  configuration set to use Ubuntu NTS servers by default.

  The two main changes are:

  a) NTS/KE uses a separate port (4460/tcp) to negotiate security parameters,
  which are then used via the normal NTP port (123/udp). This is a new
  deployment, running on different IP addresses than the service without NTS.

  b) A new CA is installed in /etc/chrony/nts-bootstrap-ubuntu.crt that is
  used specifically for the Ubuntu NTS bootstrap server, needed for when the
  clock is too far off. This is added to certificate set ID "1", and defined
  via /etc/chrony/conf.d/ubuntu-nts.conf. There is also a staging CA shipped
  with the package, but it's not referred to anywhere and is just there as a
  convenience for testing the staging servers.

  If your network does not allow access to the Ubuntu NTS servers and the
  required ports, and the new configuration is in place, chrony will not be
  able to adjust this system's clock. To revert to NTP, just edit the
  configuration file in /etc/chrony/sources.d/ubuntu-ntp-pools.sources and
  revert to using the listed NTP servers in favor of the NTS ones. Or revert
  to your previous copy of that configuration file.

 -- Andreas Hasenack <andreas@canonical.com>  Fri, 11 Oct 2024 13:31:00 -0300

chrony (4.5-3ubuntu2) oracular; urgency=medium

  Starting with chrony version 4.5-3ubuntu2 the default time sources are 
  configured by default in the /etc/chrony/sources.d/ubuntu-ntp-pools.sources
  file.
  Setting the chrony/configure_ubuntu_pools_in_sourcesd debconf key to "false",
  either via pre-seeding or dpkg-reconfigure, will result in the package being
  installed without any time sources configured. With this setting, in the case
  of an upgrade, if /etc/chrony/sources.d/ubuntu-ntp-pools.sources exists, it
  will be removed and subsequent upgrades will not recreate it.

 -- Ankush Pathak <ankush.pathak@canonical.com>  Tue, 16 Jul 2024 17:57:41 -0600

chrony (4.1~pre1-1) experimental; urgency=medium

  Starting with chrony 4.0, it is possible to specify NTP sources in files
  having the .sources suffix. In Debian, these files can be placed in
  /etc/chrony/sources.d/ or any other directories specified by the 'sourcedir'
  directive.
  I would like to draw your attention that with chrony 4.1, each line of a
  source file *must* be terminated by a trailing newline. Failing that, the NTP
  source(s) will be ignored.

 -- Vincent Blut <vincent.debian@free.fr>  Sun, 25 Apr 2021 12:44:09 +0200

chrony (3.4-2) unstable; urgency=medium

  To reduce the range of operations available to chronyd, and thereby decrease
  the kernel attack surface, a system call filter is now active by default
  wherever¹ possible.
  Please, take into account that this change prevents the use of the
  “mailonchange” directive in chrony.conf as the chronyd process will not be
  allowed to fork and execute the sendmail binary. Therefore, it is fundamental
  to disable the system call filter to continue using this directive!

  To do so, edit the /etc/default/chrony file and substitute the “-F -1”
  parameter with “-F 0”. Restart chrony afterward.

  ¹Are currently excluded alpha, ia64, m68k, riscv64, sh4 and sparc64
   architectures due to lack of support in “libseccomp” and/or the Linux kernel.

 -- Vincent Blut <vincent.debian@free.fr>  Sun, 10 Feb 2019 18:44:22 +0100

chrony (2.2.1-1) unstable; urgency=medium

  In chrony versions before 2.2, the 'chrony.keys' file contained a command
  key used for run-time configuration via the 'chronyc' command-line tool.
  Starting from this version, support for this authentication method has been
  dropped in favor of a Unix domain socket accessible only *locally* by root or
  the _chrony system user. Consequently, if you refuse to use the 'chrony.keys'
  file template provided by the maintainers when upgrading, please don’t forget
  to manually remove the obsolete command key (ID 1) in the aforementioned file.

 -- Vincent Blut <vincent.debian@free.fr>  Sun, 07 Feb 2016 17:02:30 +0100

chrony (2.1.1-1) unstable; urgency=medium

  From this version, 'chronyd' will strictly act as an NTP client by default. If
  you want it to serve time to other systems, please do so by configuring the
  'allow' directive.

 -- Vincent Blut <vincent.debian@free.fr>  Mon, 12 Oct 2015 19:12:39 +0200

chrony (1.31.1-1) unstable; urgency=medium

  From now on, we use the "hwclockfile" directive in /etc/chrony/chrony.conf.
  Basically, it makes the detection of the standard (Local or UTC time) set
  in /etc/adjtime — and used by the hardware clock — clearer compared to the
  text processing method we used to use in the post install script to complete
  the same task. Note that it overrides the "rtconutc" directive.

  Also, we now create the _chrony system user to which chronyd will drop root
  privileges. For users already allowing chronyd to drop root privileges in
  favor of the user configured by the "user" directive in
  /etc/chrony/chrony.conf, your configuration will remain unchanged and will
  still work as intended.
  However, some users might use a custom init script to accomplish the same
  task by invoking chronyd with the '-u' option. We advise you to drop this
  option from your init script before upgrading, otherwise you’ll have to
  readjust the owner of the /var/l{ib,og}/chrony directories (recursively) to
  the user you configured in your init script.

 -- Vincent Blut <vincent.debian@free.fr>  Sun, 6 Sep 2015 22:14:54 +0200
