ntp-4.2.8p17-bp160.1.14

- Drop initscripts-legacy support [jsc#PED264]
- Drop rc<service> symlinks [jsc#PED-264], [jsc#PED-266]

- Get-rid-of-EVP_MD_CTX_FLAG_NON_FIPS_ALLOW.patch:
  Allow certain usages of MD5 in FIPS mode. (bsc#1222865)

- Use %patch -P N instead of deprecated %patchN.

- Update to 4.2.8p17:
  * Fix some regressions of 4.2.8p16
- Update to 4.2.8p16:
  * [Sec 3808] Assertion failure in ntpq on malformed RT-11 date
  * [Sec 3807], bsc#1210390, CVE-2023-26555:
    praecis_parse() in the Palisade refclock driver has a
    hypothetical input buffer overflow.
  * [Sec 3767] An OOB KoD RATE value triggers an assertion when
    debug is enabled.
  * Obsoletes: ntp-CVE-2023-26551.patch, ntp-sntp-dst.patch,
    ntp-ENOBUFS.patch
  * Multiple bug fixes and improvements. For details, see:
    /usr/share/doc/packages/ntp/ChangeLog
    http://www.ntp.org/support/securitynotice/4_2_8-series-changelog/
- Follow upstream's suggestion to build with debugging disabled:
  https://www.ntp.org/support/securitynotice/ntpbug3767/

- bsc#1210386: out-of-bounds writes in mstolfp()
  * CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554
  * Add ntp-CVE-2023-26551.patch

- bsc#1208004: Make %post script SELinux aware

- run bash specific post with bash

- boo#1207577: set /var/lib/ntp/var/run/ntp to 775

- Modified ntp.NetworkManager: Update ntp servers on
  dhcp4-change and dhcp6-change, instead of up condition. This is
  because ntp options are available during dhcp renewed or rebound,
  and not available when the interface has been activated
  (bsc#1171547).

- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * conf.ntp-wait.service
  * conf.ntpd.service