git: 001229bfed - main - Add EN-22:14.tzdata.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 22 Mar 2022 16:40:50 UTC
The branch main has been updated by gordon (src committer): URL: https://cgit.FreeBSD.org/doc/commit/?id=001229bfed6977ecab43ef343474813654c89aca commit 001229bfed6977ecab43ef343474813654c89aca Author: Gordon Tetlow <gordon@FreeBSD.org> AuthorDate: 2022-03-22 16:40:31 +0000 Commit: Gordon Tetlow <gordon@FreeBSD.org> CommitDate: 2022-03-22 16:40:31 +0000 Add EN-22:14.tzdata. Approved by: so --- website/data/security/errata.toml | 4 + .../advisories/FreeBSD-EN-22:14.tzdata.asc | 176 ++ .../security/patches/EN-22:14/tzdata-2022a.patch | 3142 ++++++++++++++++++++ .../patches/EN-22:14/tzdata-2022a.patch.asc | 16 + 4 files changed, 3338 insertions(+) diff --git a/website/data/security/errata.toml b/website/data/security/errata.toml index d409a0395c..069d06d5ea 100644 --- a/website/data/security/errata.toml +++ b/website/data/security/errata.toml @@ -1,6 +1,10 @@ # Sort errata notices by year, month and day # $FreeBSD$ +[[notices]] +name = "FreeBSD-EN-22:14.tzdata" +date = "2022-03-22" + [[notices]] name = "FreeBSD-EN-22:13.zfs" date = "2022-03-21" diff --git a/website/static/security/advisories/FreeBSD-EN-22:14.tzdata.asc b/website/static/security/advisories/FreeBSD-EN-22:14.tzdata.asc new file mode 100644 index 0000000000..3bbe74b91f --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-22:14.tzdata.asc @@ -0,0 +1,176 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-22:14.tzdata Errata Notice + The FreeBSD Project + +Topic: Timezone database information update + +Category: contrib +Module: zoneinfo +Announced: 2022-03-22 +Affects: All supported versions of FreeBSD. +Corrected: 2022-03-21 15:26:58 UTC (stable/13, 13.1-STABLE) + 2022-03-22 15:54:06 UTC (releng/13.1, 13.1-BETA2-p1) + 2022-03-22 15:54:07 UTC (releng/13.0, 13.0-RELEASE-p10) + 2022-03-21 15:29:26 UTC (stable/12, 12.3-STABLE) + 2022-03-22 15:56:37 UTC (releng/12.3, 12.3-RELEASE-p4) + 2022-03-22 15:57:12 UTC (releng/12.2, 12.2-RELEASE-p15) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +The IANA Time Zone Database (often called tz or zoneinfo) contains code and +data that represent the history of local time for many representative +locations around the globe. It is updated periodically to reflect changes +made by political bodies to time zone boundaries, UTC offsets, and +daylight-saving rules. + +FreeBSD releases install the IANA Time Zone Database in /usr/share/zoneinfo. +The tzsetup(8) utility allows the user to specify the default local time +zone. Based on the selected time zone, tzsetup(8) copies one of the files +from /usr/share/zoneinfo to /etc/localtime. A time zone may also be selected +for an individual process by setting its TZ environment variable to a desired +time zone name. + +II. Problem Description + +Several changes to future and past timestamps have been recorded in the IANA +Time Zone Database after previous FreeBSD releases were released. This +affects many users in different parts of the world. Because of these +changes, the data in the zoneinfo files need to be updated. If the local +timezone on the running system is affected, tzsetup(8) needs to be run to +update /etc/localtime. + +III. Impact + +An incorrect time will be displayed on a system configured to use one of the +affected time zones if the /usr/share/zoneinfo and /etc/localtime files are +not updated, and all applications on the system that rely on the system time, +such as cron(8) and syslog(8), will be affected. + +IV. Workaround + +The system administrator can install an updated version of the IANA Time Zone +Database from the misc/zoneinfo port and run tzsetup(8). + +Applications that store and display times in Coordinated Universal Time (UTC) +are not affected. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +Please note that some third party software, for instance PHP, Ruby, Java, +Perl and Python, may be using different zoneinfo data sources, in such cases +this software must be updated separately. Software packages that are +installed via binary packages can be upgraded by executing 'pkg upgrade'. + +Following the instructions in this Errata Notice will only update the IANA +Time Zone Database installed in /usr/share/zoneinfo. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +Restart all the affected applications and daemons, or reboot the system. + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-22:14/tzdata-2022a.patch +# fetch https://security.FreeBSD.org/patches/EN-22:14/tzdata-2022a.patch.asc +# gpg --verify tzdata-2022a.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. + +Restart all the affected applications and daemons, or reboot the system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 5dbd160076c0 stable/13-n250054 +releng/13.1/ b7e7657b02f2 releng/13.1-n250005 +releng/13.0/ 42f2f9f09cf1 releng/13.0-n244790 +stable/12/ r371759 +releng/12.3/ r371763 +releng/12.2/ r371764 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://github.com/eggert/tz/blob/2022a/NEWS> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:14.tzdata.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmI5+6AACgkQ05eS9J6n +5cIwzhAAg91JwdZdUTzBofSoem2T4JzpdHQOdC+I6J8oH72PgAkyZo17FWVI9u/w +t34euMJE+dPA48V3hO12fSXO9lgvxWJWTZF/tTiAibvdL9LqxLrGmWvZle7Bx+ne +rdEXH+KmiWZhPB6cN9t7ZU35zM5UGbTc332xI7GnyeYS3tAnGnvKNYRwuiw1SBdc +kpcOgpqg5F6jadzycZMwd/ovWY8+gRlj7JXhF+bbmK7GuH504uIzABZAGpoaiw2o +56YqK9qyW42nxc16QlxgSLIzVhl9XHBuQyHXIeLe/BPcIdqLCw73siumnKCo0ccJ +AWCxCUjdb3fPuM5J+CwcmVJO1Qr2H+0KE+ntNqsyZg1iqDZkKcyW366bDIEU7qw8 +Db4N7iaMkyG/uOjQHgpJX6YO8HjX1+2Bw2KRUF8sueYsVNHTsXs+8yp8093CMOY8 +gvYFKACTziNiEkDN9PFmTTC+r7KzHXlFU9DK+C3nP0hZwd7jN1g5n6uJHfBX0gMx +LN3VdKiu/dxukYJF1srSflq24G8sl0XxMCJ0LFgXSzofP45iG9qSJjvWwRAcxQ3k +/FYwzY+sET+KcjeN3+F1PU/jAf6piWxjr+3FFvQWIOgGb3cgmjM/nlu0x/er7F1W +3e1iO8TB1Y6Gf7qYuvdMQmsn5jjCLpOShtYJrwYNLdSVa9K5Vx8= +=Voiz +-----END PGP SIGNATURE----- diff --git a/website/static/security/patches/EN-22:14/tzdata-2022a.patch b/website/static/security/patches/EN-22:14/tzdata-2022a.patch new file mode 100644 index 0000000000..b7a6f868e7 --- /dev/null +++ b/website/static/security/patches/EN-22:14/tzdata-2022a.patch @@ -0,0 +1,3142 @@ +--- contrib/tzdata/CONTRIBUTING.orig ++++ contrib/tzdata/CONTRIBUTING +@@ -1,50 +1,58 @@ +-Contributing to the tz code and data ++# Contributing to the tz code and data ++ ++Please do not create issues or pull requests on GitHub, as the ++proper procedure for proposing and distributing patches is via ++email as described below. + + The time zone database is by no means authoritative: governments + change timekeeping rules erratically and sometimes with little + warning, the data entries do not cover all of civil time before + 1970, and undoubtedly errors remain in the code and data. Feel + free to fill gaps or fix mistakes, and please email improvements +-to tz@iana.org for use in the future. In your email, please give ++to <tz@iana.org> for use in the future. In your email, please give + reliable sources that reviewers can check. + +------ +- +-Developers can contribute technical changes to the source code and +-data as follows. ++## Contributing technical changes + + To email small changes, please run a POSIX shell command like + 'diff -u old/europe new/europe >myfix.patch', and attach +-myfix.patch to the email. ++'myfix.patch' to the email. + + For more-elaborate or possibly-controversial changes, + such as renaming, adding or removing zones, please read +-<https://www.iana.org/time-zones/repository/theory.html> or the file +-theory.html. It is also good to browse the mailing list archives ++"Theory and pragmatics of the tz code and data" ++<https://www.iana.org/time-zones/repository/theory.html>. ++It is also good to browse the mailing list archives + <https://mm.icann.org/pipermail/tz/> for examples of patches that tend + to work well. Additions to data should contain commentary citing +-reliable sources as justification. Citations should use https: URLs ++reliable sources as justification. Citations should use "https:" URLs + if available. + +-Please submit changes against either the latest release in +-<https://www.iana.org/time-zones> or the master branch of the development +-repository. The latter is preferred. If you use Git the following +-workflow may be helpful: ++For changes that fix sensitive security-related bugs, please see the ++distribution's 'SECURITY' file. ++ ++Please submit changes against either the latest release ++<https://www.iana.org/time-zones> or the main branch of the development ++repository. The latter is preferred. ++ ++## Sample Git workflow for developing contributions ++ ++If you use Git the following workflow may be helpful: + + * Copy the development repository. + +- git clone https://github.com/eggert/tz.git +- cd tz ++ git clone https://github.com/eggert/tz.git ++ cd tz + +- * Get current with the master branch. ++ * Get current with the main branch. + +- git checkout master +- git pull ++ git checkout main ++ git pull + + * Switch to a new branch for the changes. Choose a different + branch name for each change set. + +- git checkout -b mybranch ++ git checkout -b mybranch + + * Sleuth by using 'git blame'. For example, when fixing data for + Africa/Sao_Tome, if the command 'git blame africa' outputs a line +@@ -57,36 +65,33 @@ + + * Debug the changes, e.g.: + +- make check +- make install +- ./zdump -v America/Los_Angeles ++ make check ++ make install ++ ./zdump -v America/Los_Angeles + + * For each separable change, commit it in the new branch, e.g.: + +- git add northamerica +- git commit ++ git add northamerica ++ git commit + + See recent 'git log' output for the commit-message style. + +- * Create patch files 0001-*, 0002-*, ... ++ * Create patch files 0001-..., 0002-..., ... + +- git format-patch master ++ git format-patch main + +- * After reviewing the patch files, send the patches to tz@iana.org ++ * After reviewing the patch files, send the patches to <tz@iana.org> + for others to review. + +- git send-email master ++ git send-email main + + For an archived example of such an email, see ++ "[PROPOSED] Fix off-by-1 error for Jamaica and T&C before 1913" + <https://mm.icann.org/pipermail/tz/2018-February/026122.html>. + +- * Start anew by getting current with the master branch again ++ * Start anew by getting current with the main branch again + (the second step above). + +-Please do not create issues or pull requests on GitHub, as the +-proper procedure for proposing and distributing patches is via +-email as illustrated above. +- + ----- + + This file is in the public domain. +--- contrib/tzdata/Makefile.orig ++++ contrib/tzdata/Makefile +@@ -45,9 +45,9 @@ + # + # Any other value for POSIXRULES is obsolete and should not be relied on, as: + # * It does not work correctly in popular implementations such as GNU/Linux. +-# * It does not work in the tzdb implementation for timestamps after 2037. +-# * It is incompatible with 'zic -b slim' if POSIXRULES specifies transitions +-# at standard time or UT rather than at local time. ++# * It does not work even in tzcode, except for historical timestamps ++# that precede the last explicit transition in the POSIXRULES file. ++# Hence it typically does not work for current and future timestamps. + # In short, software should avoid ruleless settings like TZ='EET-2EEST' + # and so should not depend on the value of POSIXRULES. + # +@@ -122,8 +122,8 @@ + + # Types to try, as an alternative to time_t. + TIME_T_ALTERNATIVES = $(TIME_T_ALTERNATIVES_HEAD) $(TIME_T_ALTERNATIVES_TAIL) +-TIME_T_ALTERNATIVES_HEAD = int64_t +-TIME_T_ALTERNATIVES_TAIL = int32_t uint32_t uint64_t ++TIME_T_ALTERNATIVES_HEAD = int_least64_t ++TIME_T_ALTERNATIVES_TAIL = int_least32_t uint_least32_t uint_least64_t + + # What kind of TZif data files to generate. (TZif is the binary time + # zone data format that zic generates; see Internet RFC 8536.) +@@ -152,8 +152,10 @@ + # The EXPIRES_LINE value matters only if REDO's value contains "right". + # If you change EXPIRES_LINE, remove the leapseconds file before running "make". + # zic's support for the Expires line was introduced in tzdb 2020a, +-# and EXPIRES_LINE defaults to 0 for now so that the leapseconds file +-# can be given to older zic implementations. ++# and was modified in tzdb 2021b to generate version 4 TZif files. ++# EXPIRES_LINE defaults to 0 for now so that the leapseconds file ++# can be given to pre-2020a zic implementations and so that TZif files ++# built by newer zic implementations can be read by pre-2021b libraries. + EXPIRES_LINE= 0 + + # To install data in text form that has all the information of the TZif data, +@@ -210,6 +212,7 @@ + # -DHAVE_LOCALTIME_R=0 if your system lacks a localtime_r function + # -DHAVE_LOCALTIME_RZ=0 if you do not want zdump to use localtime_rz + # localtime_rz can make zdump significantly faster, but is nonstandard. ++# -DHAVE_MALLOC_ERRNO=0 if malloc etc. do not set errno on failure. + # -DHAVE_POSIX_DECLS=0 if your system's include files do not declare + # functions like 'link' or variables like 'tzname' required by POSIX + # -DHAVE_SNPRINTF=0 if your system lacks the snprintf function +@@ -220,7 +223,6 @@ + # -DHAVE_STRTOLL=0 if your system lacks the strtoll function + # -DHAVE_SYMLINK=0 if your system lacks the symlink function + # -DHAVE_SYS_STAT_H=0 if your compiler lacks a <sys/stat.h> +-# -DHAVE_SYS_WAIT_H=0 if your compiler lacks a <sys/wait.h> + # -DHAVE_TZSET=0 if your system lacks a tzset function + # -DHAVE_UNISTD_H=0 if your compiler lacks a <unistd.h> + # -Dlocale_t=XXX if your system uses XXX instead of locale_t +@@ -257,22 +259,26 @@ + GCC_INSTRUMENT = \ + -fsanitize=undefined -fsanitize-address-use-after-scope \ + -fsanitize-undefined-trap-on-error -fstack-protector ++# Omit -fanalyzer from GCC_DEBUG_FLAGS, as it makes GCC too slow. + GCC_DEBUG_FLAGS = -DGCC_LINT -g3 -O3 -fno-common \ + $(GCC_INSTRUMENT) \ + -Wall -Wextra \ + -Walloc-size-larger-than=100000 -Warray-bounds=2 \ + -Wbad-function-cast -Wcast-align=strict -Wdate-time \ + -Wdeclaration-after-statement -Wdouble-promotion \ ++ -Wduplicated-branches -Wduplicated-cond \ + -Wformat=2 -Wformat-overflow=2 -Wformat-signedness -Wformat-truncation \ +- -Winit-self -Wjump-misses-init -Wlogical-op \ ++ -Winit-self -Wlogical-op \ + -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ ++ -Wnull-dereference \ + -Wold-style-definition -Woverlength-strings -Wpointer-arith \ +- -Wshadow -Wshift-overflow=2 -Wstrict-prototypes -Wstringop-overflow=4 \ ++ -Wshadow -Wshift-overflow=2 -Wstrict-overflow \ ++ -Wstrict-prototypes -Wstringop-overflow=4 \ + -Wstringop-truncation -Wsuggest-attribute=cold \ + -Wsuggest-attribute=const -Wsuggest-attribute=format \ + -Wsuggest-attribute=malloc \ + -Wsuggest-attribute=noreturn -Wsuggest-attribute=pure \ +- -Wtrampolines -Wundef -Wuninitialized -Wunused \ ++ -Wtrampolines -Wundef -Wuninitialized -Wunused-macros \ + -Wvariadic-macros -Wvla -Wwrite-strings \ + -Wno-address -Wno-format-nonliteral -Wno-sign-compare \ + -Wno-type-limits -Wno-unused-parameter +@@ -393,9 +399,10 @@ + ZIC_INSTALL= $(ZIC) -d '$(DESTDIR)$(TZDIR)' $(LEAPSECONDS) + + # The name of a Posix-compliant 'awk' on your system. +-# Older 'mawk' versions, such as the 'mawk' in Ubuntu 16.04, might dump core; +-# on Ubuntu you can work around this with +-# AWK= gawk ++# mawk 1.3.3 and Solaris 10 /usr/bin/awk do not work. ++# Also, it is better (though not essential) if 'awk' supports UTF-8, ++# and unfortunately mawk and busybox awk do not support UTF-8. ++# Try AWK=gawk or AWK=nawk if your awk has the abovementioned problems. + AWK= awk + + # The full path name of a Posix-compliant shell, preferably one that supports +@@ -460,7 +467,9 @@ + + # Flags to give 'tar' when making a distribution. + # Try to use flags appropriate for GNU tar. +-GNUTARFLAGS= --numeric-owner --owner=0 --group=0 --mode=go+u,go-w --sort=name ++GNUTARFLAGS= --format=pax --pax-option='delete=atime,delete=ctime' \ ++ --numeric-owner --owner=0 --group=0 \ ++ --mode=go+u,go-w --sort=name + TARFLAGS= `if tar $(GNUTARFLAGS) --version >/dev/null 2>&1; \ + then echo $(GNUTARFLAGS); \ + else :; \ +@@ -498,7 +507,7 @@ + tzfile.5.txt tzselect.8.txt zic.8.txt zdump.8.txt \ + date.1.txt + COMMON= calendars CONTRIBUTING LICENSE Makefile \ +- NEWS README theory.html version ++ NEWS README SECURITY theory.html version + WEB_PAGES= tz-art.html tz-how-to.html tz-link.html + CHECK_WEB_PAGES=check_theory.html check_tz-art.html \ + check_tz-how-to.html check_tz-link.html +@@ -523,7 +532,7 @@ + TZS_CUTOFF_FLAG= -c $(TZS_YEAR) + TZS= to$(TZS_YEAR).tzs + TZS_NEW= to$(TZS_YEAR)new.tzs +-TZS_DEPS= $(PRIMARY_YDATA) asctime.c localtime.c \ ++TZS_DEPS= $(YDATA) asctime.c localtime.c \ + private.h tzfile.h zdump.c zic.c + # EIGHT_YARDS is just a yard short of the whole ENCHILADA. + EIGHT_YARDS = $(COMMON) $(DOCS) $(SOURCES) $(DATA) $(MISC) tzdata.zi +@@ -533,7 +542,7 @@ + # This list is not the same as the output of 'git ls-files', since + # .gitignore is not distributed. + VERSION_DEPS= \ +- calendars CONTRIBUTING LICENSE Makefile NEWS README \ ++ calendars CONTRIBUTING LICENSE Makefile NEWS README SECURITY \ + africa antarctica asctime.c asia australasia \ + backward backzone \ + checklinks.awk checktab.awk \ +@@ -736,7 +745,7 @@ + tzselect: tzselect.ksh version + VERSION=`cat version` && sed \ + -e 's|#!/bin/bash|#!$(KSHELL)|g' \ +- -e 's|AWK=[^}]*|AWK=$(AWK)|g' \ ++ -e 's|AWK=[^}]*|AWK='\''$(AWK)'\''|g' \ + -e 's|\(PKGVERSION\)=.*|\1='\''($(PACKAGE)) '\''|' \ + -e 's|\(REPORT_BUGS_TO\)=.*|\1=$(BUGEMAIL)|' \ + -e 's|TZDIR=[^}]*|TZDIR=$(TZDIR)|' \ +@@ -757,7 +766,7 @@ + sharp='#' && \ + ! grep -Env $(SAFE_LINE) $(MANS) date.1 $(MANTXTS) \ + $(MISC) $(SOURCES) $(WEB_PAGES) \ +- CONTRIBUTING LICENSE README \ ++ CONTRIBUTING LICENSE README SECURITY \ + version tzdata.zi && \ + ! grep -Env $(SAFE_LINE)'|^UNUSUAL_OK_'$(OK_CHAR)'*$$' \ + Makefile && \ +@@ -796,9 +805,10 @@ + $(AWK) -f checklinks.awk tzdata.zi + touch $@ + +-check_tables: checktab.awk $(PRIMARY_YDATA) $(ZONETABLES) ++check_tables: checktab.awk $(YDATA) backward $(ZONETABLES) + for tab in $(ZONETABLES); do \ +- $(AWK) -f checktab.awk -v zone_table=$$tab $(PRIMARY_YDATA) \ ++ test "$$tab" = zone.tab && links='$(BACKWARD)' || links=''; \ ++ $(AWK) -f checktab.awk -v zone_table=$$tab $(YDATA) $$links \ + || exit; \ + done + touch $@ +@@ -952,6 +962,12 @@ + public.dir/zic -v -d public.dir/zoneinfo $$i 2>&1 || exit; \ + done + public.dir/zic -v -d public.dir/zoneinfo-all $(TDATA_TO_CHECK) ++ : ++ : Also check 'backzone' syntax. ++ rm public.dir/main.zi ++ cd public.dir && $(MAKE) PACKRATDATA=backzone main.zi ++ public.dir/zic -d public.dir/zoneinfo main.zi ++ : + rm -fr public.dir + touch $@ + +@@ -964,7 +980,7 @@ + mkdir $@.dir + ln $(VERSION_DEPS) $@.dir + case $@ in \ +- int32_t) range=-2147483648,2147483648;; \ ++ int*32_t) range=-2147483648,2147483648;; \ + u*) range=0,4294967296;; \ + *) range=-4294967296,4294967296;; \ + esac && \ +--- contrib/tzdata/NEWS.orig ++++ contrib/tzdata/NEWS +@@ -1,5 +1,351 @@ + News for the tz database + ++Release 2022a - 2022-03-15 23:02:01 -0700 ++ ++ Briefly: ++ Palestine will spring forward on 2022-03-27, not -03-26. ++ zdump -v now outputs better failure indications. ++ Bug fixes for code that reads corrupted TZif data. ++ ++ Changes to future timestamps ++ ++ Palestine will spring forward on 2022-03-27, not 2022-03-26. ++ (Thanks to Heba Hamad.) Predict future transitions for first ++ Sunday >= March 25. Additionally, predict fallbacks to be the first ++ Friday on or after October 23, not October's last Friday, to be more ++ consistent with recent practice. The first differing fallback ++ prediction is on 2025-10-24, not 2025-10-31. ++ ++ Changes to past timestamps ++ ++ From 1992 through spring 1996, Ukraine's DST transitions were at ++ 02:00 standard time, not at 01:00 UTC. (Thanks to Alois Treindl.) ++ ++ Chile's Santiago Mean Time and its LMT precursor have been adjusted ++ eastward by 1 second to align with past and present law. ++ ++ Changes to commentary ++ ++ Add several references for Chile's 1946/1947 transitions, some of ++ which only affected portions of the country. ++ ++ Changes to code ++ ++ Fix bug when mktime gets confused by truncated TZif files with ++ unspecified local time. (Problem reported by Almaz Mingaleev.) ++ ++ Fix bug when 32-bit time_t code reads malformed 64-bit TZif data. ++ (Problem reported by Christos Zoulas.) ++ ++ When reading a version 2 or later TZif file, the TZif reader now ++ validates the version 1 header and data block only enough to skip ++ over them, as recommended by RFC 8536 section 4. Also, the TZif ++ reader no longer mistakenly attempts to parse a version 1 TZIf ++ file header as a TZ string. ++ ++ zdump -v now outputs "(localtime failed)" and "(gmtime failed)" ++ when local time and UT cannot be determined for a timestamp. ++ ++ Changes to build procedure ++ ++ Distribution tarballs now use standard POSIX.1-1988 ustar format ++ instead of GNU format. Although the formats are almost identical ++ for these tarballs, ustar headers' magic fields contain "ustar" ++ instead of "ustar ", and their version fields contain "00" instead ++ of " ". The two formats are planned to diverge more significantly ++ for tzdb releases after 2242-03-16 12:56:31 UTC, when the ustar ++ format becomes obsolete and the tarballs switch to pax format, an ++ extension of ustar. For details about these formats, please see ++ "pax - portable archive interchange", IEEE Std 1003.1-2017, ++ <https://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html#tag_20_92_13>. ++ ++ ++Release 2021e - 2021-10-21 18:41:00 -0700 ++ ++ Changes to future timestamps ++ ++ Palestine will fall back 10-29 (not 10-30) at 01:00. ++ (Thanks to P Chan and Heba Hemad.) ++ ++ ++Release 2021d - 2021-10-15 13:48:18 -0700 ++ ++ Briefly: ++ Fiji suspends DST for the 2021/2022 season. ++ 'zic -r' marks unspecified timestamps with "-00". ++ ++ Changes to future timestamps ++ ++ Fiji will suspend observance of DST for the 2021/2022 season. ++ Assume for now that it will return next year. (Thanks to Jashneel ++ Kumar and P Chan.) ++ ++ Changes to code ++ ++ 'zic -r' now uses "-00" time zone abbreviations for intervals ++ with UT offsets that are unspecified due to -r truncation. ++ This implements a change in draft Internet RFC 8536bis. ++ ++ ++Release 2021c - 2021-10-01 14:21:49 -0700 ++ ++ Briefly: ++ Revert most 2021b changes to 'backward'. ++ Fix 'zic -b fat' bug in pre-1970 32-bit data. ++ Fix two Link line typos. ++ Distribute SECURITY file. ++ ++ This release is intended as a bugfix release, to fix compatibility ++ problems and typos reported since 2021b was released. ++ ++ Changes to Link directives ++ ++ Revert almost all of 2021b's changes to the 'backward' file, ++ by moving Link directives back to where they were in 2021a. ++ Although 'zic' doesn't care which source file contains a Link ++ directive, some downstream uses ran into trouble with the move. ++ (Problem reported by Stephen Colebourne for Joda-Time.) ++ ++ Fix typo that linked Atlantic/Jan_Mayen to the wrong location ++ (problem reported by Chris Walton). ++ ++ Fix 'backzone' typo that linked America/Virgin to the wrong ++ location (problem reported by Michael Deckers). ++ ++ Changes to code ++ ++ Fix a bug in 'zic -b fat' that caused old timestamps to be ++ mishandled in 32-bit-only readers (problem reported by Daniel ++ Fischer). ++ ++ Changes to documentation ++ ++ Distribute the SECURITY file (problem reported by Andreas Radke). ++ ++ ++Release 2021b - 2021-09-24 16:23:00 -0700 ++ ++ Briefly: ++ Jordan now starts DST on February's last Thursday. ++ Samoa no longer observes DST. ++ Merge more location-based Zones whose timestamps agree since 1970. ++ Move some backward-compatibility links to 'backward'. ++ Rename Pacific/Enderbury to Pacific/Kanton. ++ Correct many pre-1993 transitions in Malawi, Portugal, etc. ++ zic now creates each output file or link atomically. ++ zic -L no longer omits the POSIX TZ string in its output. ++ zic fixes for truncation and leap second table expiration. ++ zic now follows POSIX for TZ strings using all-year DST. ++ Fix some localtime crashes and bugs in obscure cases. ++ zdump -v now outputs more-useful boundary cases. ++ tzfile.5 better matches a draft successor to RFC 8536. ++ A new file SECURITY. ++ ++ This release is prompted by recent announcements by Jordan and Samoa. ++ It incorporates many other changes that had accumulated since 2021a. ++ However, it omits most proposed changes that merged all Zones ++ agreeing since 1970, as concerns were raised about doing too many of ++ these changes at once. It does keeps some of these changes in the ++ interest of making tzdb more equitable one step at a time; see ++ "Merge more location-based Zones" below. ++ ++ Changes to future timestamps ++ ++ Jordan now starts DST on February's last Thursday. ++ (Thanks to Steffen Thorsen.) ++ ++ Samoa no longer observes DST. (Thanks to Geoffrey D. Bennett.) ++ ++ Changes to zone name ++ ++ Rename Pacific/Enderbury to Pacific/Kanton. When we added ++ Enderbury in 1993, we did not know that it is uninhabited and that ++ Kanton (population two dozen) is the only inhabited location in ++ that timezone. The old name is now a backward-compatility link. ++ ++ Changes to past timestamps ++ ++ Correct many pre-1993 transitions, fixing entries originally ++ derived from Shanks, Whitman, and Mundell. The fixes include: ++ - Barbados: standard time was introduced in 1911, not 1932; and ++ DST was observed in 1942-1944 ++ - Cook Islands: In 1899 they switched from east to west of GMT, ++ celebrating Christmas for two days. They (and Niue) switched ++ to standard time in 1952, not 1901. ++ - Guyana: corrected LMT for Georgetown; the introduction of ++ standard time in 1911, not 1915; and corrections to 1975 and ++ 1992 transitions ++ - Kanton: uninhabited before 1937-08-31 ++ - Niue: only observed -11:20 from 1952 through 1964, then went to ++ -11 instead of -11:30 ++ - Portugal: DST was observed in 1950 ++ - Tonga: corrected LMT; the introduction of standard time in 1945, ++ not 1901; and corrections to the transition from +12:20 to +13 ++ in 1961, not 1941 ++ Additional fixes to entries in the 'backzone' file include: ++ - Enderbury: inhabited only 1860/1885 and 1938-03-06/1942-02-09 ++ - The Gambia: 1933 and 1942 transitions ++ - Malawi: several 1911 through 1925 transitions ++ - Sierra Leone: several 1913 through 1941 transitions, and DST ++ was NOT observed in 1957 through 1962 ++ (Thanks to P Chan, Michael Deckers, Alexander Krivenyshev and ++ Alois Treindl.) ++ ++ Merge more location-based Zones whose timestamps agree since 1970, ++ as pre-1970 timestamps are out of scope. This is part of a ++ process that has been ongoing since 2013. This does not affect ++ post-1970 timestamps, and timezone historians who build with 'make ++ PACKRATDATA=backzone' should see no changes to pre-1970 timestamps. ++ When merging, keep the most-populous location's data, and move ++ data for other locations to 'backzone' with a backward ++ link in 'backward'. For example, move America/Creston data to ++ 'backzone' with a link in 'backward' from America/Phoenix because ++ the two timezones' timestamps agree since 1970; this change ++ affects some pre-1968 timestamps in America/Creston because ++ Creston and Phoenix disagreed before 1968. The affected Zones ++ are Africa/Accra, America/Atikokan, America/Blanc-Sablon, ++ America/Creston, America/Curacao, America/Nassau, ++ America/Port_of_Spain, Antarctica/DumontDUrville, and ++ Antarctica/Syowa. ++ ++ Changes to maintenance procedure ++ ++ The new file SECURITY covers how to report security-related bugs. ++ ++ Several backward-compatibility links have been moved to the ++ 'backward' file. These links, which range from Africa/Addis_Ababa ++ to Pacific/Saipan, are only for compatibility with now-obsolete ++ guidelines suggesting an entry for every ISO 3166 code. ++ The intercontinental convenience links Asia/Istanbul and ++ Europe/Nicosia have also been moved to 'backward'. ++ ++ Changes to code ++ ++ zic now creates each output file or link atomically, ++ possibly by creating a temporary file and then renaming it. ++ This avoids races where a TZ setting would temporarily stop ++ working while zic was installing a replacement file or link. ++ ++ zic -L no longer omits the POSIX TZ string in its output. ++ Starting with 2020a, zic -L truncated its output according to the ++ "Expires" directive or "#expires" comment in the leapseconds file. ++ The resulting TZif files omitted daylight saving transitions after ++ the leap second table expired, which led to far less-accurate ++ predictions of times after the expiry. Although future timestamps ++ cannot be converted accurately in the presence of leap seconds, it ++ is more accurate to convert near-future timestamps with a few ++ seconds error than with an hour error, so zic -L no longer ++ truncates output in this way. ++ ++ Instead, when zic -L is given the "Expires" directive, it now ++ outputs the expiration by appending a no-change entry to the leap ++ second table. Although this should work well with most TZif ++ readers, it does not conform to Internet RFC 8536 and some pickier ++ clients (including tzdb 2017c through 2021a) reject it, so ++ "Expires" directives are currently disabled by default. To enable ++ them, set the EXPIRES_LINE Makefile variable. If a TZif file uses ++ this new feature it is marked with a new TZif version number 4, ++ a format intended to be documented in a successor to RFC 8536. ++ ++ zic -L LEAPFILE -r @LO no longer generates an invalid TZif file ++ that omits leap second information for the range LO..B when LO ++ falls between two leap seconds A and B. Instead, it generates a ++ TZif version 4 file that represents the previously-missing ++ information. ++ ++ The TZif reader now allows the leap second table to begin with a ++ correction other than -1 or +1, and to contain adjacent ++ transitions with equal corrections. This supports TZif version 4. ++ ++ The TZif reader now lets leap seconds occur less than 28 days ++ apart. This supports possible future TZif extensions. ++ ++ Fix bug that caused 'localtime' etc. to crash when TZ was ++ set to a all-year DST string like "EST5EDT4,0/0,J365/25" that does ++ not conform to POSIX but does conform to Internet RFC 8536. ++ ++ Fix another bug that caused 'localtime' etc. to crash when TZ was ++ set to a POSIX-conforming but unusual TZ string like ++ "EST5EDT4,0/0,J365/0", where almost all the year is DST. ++ ++ Fix yet another bug that caused 'localtime' etc. to mishandle slim ++ TZif files containing leap seconds after the last explicit ++ transition in the table, or when handling far-future timestamps ++ in slim TZif files lacking leap seconds. ++ ++ Fix localtime misbehavior involving positive leap seconds. ++ This change affects only behavior for "right" system time, ++ which contains leap seconds, and only if the UT offset is ++ not a multiple of 60 seconds when a positive leap second occurs. ++ (No such timezone exists in tzdb, luckily.) Without the fix, ++ the timestamp was ambiguous during a positive leap second. ++ With the fix, any seconds occurring after a positive leap second ++ and within the same localtime minute are counted through 60, not ++ through 59; their UT offset (tm_gmtoff) is the same as before. ++ Here is how the fix affects timestamps in a timezone with UT ++ offset +01:23:45 (5025 seconds) and with a positive leap second at ++ 1972-06-30 23:59:60 UTC (78796800): ++ ++ time_t without the fix with the fix ++ 78796800 1972-07-01 01:23:45 1972-07-01 01:23:45 (leap second) ++ 78796801 1972-07-01 01:23:45 1972-07-01 01:23:46 ++ ... ++ 78796815 1972-07-01 01:23:59 1972-07-01 01:23:60 ++ 78796816 1972-07-01 01:24:00 1972-07-01 01:24:00 ++ ++ Fix an unlikely bug that caused 'localtime' etc. to misbehave if ++ civil time changes a few seconds before time_t wraps around, when ++ leap seconds are enabled. ++ ++ Fix bug in zic -r; in some cases, the dummy time type after the ++ last time transition disagreed with the TZ string, contrary to ++ Internet RFC 8563 section 3.3. ++ ++ Fix a bug with 'zic -r @X' when X is a negative leap second that ++ has a nonnegative correction. Without the fix, the output file ++ was truncated so that X appeared to be a positive leap second. ++ Fix a similar, even-less-likely bug when truncating at a positive ++ leap second that has a nonpositive correction. ++ ++ zic -r now reports an error if given rolling leap seconds, as this ++ usage has never generally worked and is evidently unused. ++ ++ zic now generates a POSIX-conforming TZ string for TZif files ++ where all-year DST is predicted for the indefinite future. ++ For example, for all-year Eastern Daylight Time, zic now generates ++ "XXX3EDT4,0/0,J365/23" where it previously generated ++ "EST5EDT,0/0,J365/25" or "". (Thanks to Michael Deckers for ++ noting the possibility of POSIX conformance.) ++ ++ zic.c no longer requires sys/wait.h (thanks to spazmodius for ++ noting it wasn't needed). ++ ++ When reading slim TZif files, zdump no longer mishandles leap ++ seconds on the rare platforms where time_t counts leap seconds, ++ fixing a bug introduced in 2014g. ++ ++ zdump -v now outputs timestamps at boundaries of what localtime ++ and gmtime can represent, instead of the less-useful timestamps ++ one day after the minimum and one day before the maximum. ++ (Thanks to Arthur David Olson for prototype code, and to Manuela ++ Friedrich for debugging help.) ++ ++ zdump's -c and -t options are now consistently inclusive for the ++ lower time bound and exclusive for the upper. Formerly they were ++ inconsistent. (Confusion noted by Martin Burnicki.) ++ ++ Changes to build procedure ++ ++ You can now compile with -DHAVE_MALLOC_ERRNO=0 to port to ++ non-POSIX hosts where malloc doesn't set errno. ++ (Problem reported by Jan Engelhardt.) ++ ++ Changes to documentation ++ ++ tzfile.5 better matches a draft successor to RFC 8536 ++ <https://datatracker.ietf.org/doc/draft-murchison-rfc8536bis/01/>. ++ ++ + Release 2021a - 2021-01-24 10:54:57 -0800 + + Changes to future timestamps +@@ -31,7 +377,7 @@ + Correct many pre-1986 transitions, fixing entries originally + derived from Shanks. The fixes include: + - Australia: several 1917 through 1971 transitions +- - Bahamas: several 1941 through 1945 transitions ++ - The Bahamas: several 1941 through 1945 transitions + - Bermuda: several 1917 through 1956 transitions + - Belize: several 1942 through 1968 transitions + - Ghana: several 1915 through 1956 transitions +@@ -287,13 +633,13 @@ + probably wrong.) + + Fix several errors in pre-1970 transitions in Perry County, IN. +- (Thanks to Alois Triendl for pointing out the 1967/9 errors.) ++ (Thanks to Alois Treindl for pointing out the 1967/9 errors.) + + Edmonton did not observe DST in 1967 or 1969. In 1946 Vancouver + ended DST on 09-29 not 10-13, and Vienna ended DST on 10-07 not + 10-06. In 1945 Königsberg (now Kaliningrad) switched from +01/+02 + to +02/+03 on 04-10 not 01-01, and its +02/+03 is abbreviated +- EET/EEST, not CET/CEST. (Thanks to Alois Triendl.) In 1946 ++ EET/EEST, not CET/CEST. (Thanks to Alois Treindl.) In 1946 + Königsberg switched to +03 on 04-07 not 01-01. + + In 1946 Louisville switched from CST to CDT on 04-28 at 00:01, not +@@ -825,8 +1171,8 @@ + Institute in Montevideo. + (Thanks to Jeremie Bonjour, Tim Parenti, and Michael Deckers.) + +- Enderbury and Kiritimati skipped New Year's Eve 1994, not +- New Year's Day 1995. (Thanks to Kerry Shetline.) ++ East Kiribati skipped New Year's Eve 1994, not New Year's Day 1995. ++ (Thanks to Kerry Shetline.) + + Fix the 1912-01-01 transition for Portugal and its colonies. + This transition was at 00:00 according to the new UT offset, not +--- /dev/null ++++ contrib/tzdata/SECURITY +@@ -0,0 +1,15 @@ ++Please report any sensitive security-related bugs via email to the ++tzdb designated coordinators, currently Paul Eggert ++<eggert@cs.ucla.edu> and Tim Parenti <tim@timtimeonline.com>. ++Put "tzdb security" at the start of your email's subject line. ++We prefer communications to be in English. ++ ++You should receive a response within a week. If not, please follow up ++via email to make sure we received your original message. ++ ++If we confirm the bug, we plan to notify affected third-party services ++or software that we know about, prepare an advisory, commit fixes to ++the main development branch as quickly as is practical, and finally ++publish the advisory on tz@iana.org. As with all tzdb contributions, ++we give credit to security contributors unless they wish to remain ++anonymous. +--- contrib/tzdata/africa.orig ++++ contrib/tzdata/africa +@@ -30,9 +30,6 @@ + # Milne J. Civil time. Geogr J. 1899 Feb;13(2):173-94. + # https://www.jstor.org/stable/1774359 + # +-# A reliable and entertaining source about time zones is +-# Derek Howse, Greenwich time and longitude, Philip Wilson Publishers (1997). +-# + # European-style abbreviations are commonly used along the Mediterranean. + # For sub-Saharan Africa abbreviations were less standardized. + # Previous editions of this database used WAT, CAT, SAT, and EAT +@@ -153,8 +150,9 @@ + # Zone NAME STDOFF RULES FORMAT [UNTIL] + Zone Africa/Abidjan -0:16:08 - LMT 1912 + 0:00 - GMT ++Link Africa/Abidjan Africa/Accra # Ghana + Link Africa/Abidjan Africa/Bamako # Mali +-Link Africa/Abidjan Africa/Banjul # Gambia ++Link Africa/Abidjan Africa/Banjul # The Gambia + Link Africa/Abidjan Africa/Conakry # Guinea + Link Africa/Abidjan Africa/Dakar # Senegal + Link Africa/Abidjan Africa/Freetown # Sierra Leone +@@ -381,93 +379,8 @@ + # Gabon + # See Africa/Lagos. + +-# Gambia +-# See Africa/Abidjan. +- ++# The Gambia + # Ghana +- +-# From P Chan (2020-11-20): +-# Interpretation Amendment Ordinance, 1915 (No.24 of 1915) [1915-11-02] +-# Ordinances of the Gold Coast, Ashanti, Northern Territories 1915, p 69-71 +-# https://books.google.com/books?id=ErA-AQAAIAAJ&pg=PA70 *** 2400 LINES SKIPPED ***