Leapsecond file expired

UCS - Univention Corporate Server
1

We are receiving warnings from the ntp (ntpsec) service for days know about a expired leap-second file:

Jun 28 01:19:43 ntpd[1514]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): will expire in less than one day
Jun 28 09:19:43 ntpd[1514]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): expired less than 1 day ago
Jun 29 09:19:43 ntpd[1514]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): expired less than 2 days ago
Jun 30 08:43:49 ntpd[1646367]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): loaded, expire=2025-06-28T00:00Z last=2017-01-01T00:00Z ofs=37
Jun 30 08:43:49 ntpd[1646367]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): expird less than 3 days ago
Jun 30 08:47:57 ntpd[1646858]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): loaded, expire=2025-06-28T00:00Z last=2017-01-01T00:00Z ofs=37
Jun 30 08:47:57 ntpd[1646858]: CLOCK: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): expird less than 3 days ago

Looking at the file, the expire date is set to 28.06.2025:

❯ grep "File expires" /usr/share/zoneinfo/leap-seconds.list
#       File expires on 28 June 2025

Looking at another Debian 12 (non Univention) machine, the expiry date is set to 28 December 2025.

So, somewhere the leap-seconds.list won’t get updated? AFAIK it’s getting pulled from the tzdata package?

Does anybody else have this issue? or is this a misconfiguration from our part?

❯ cat /etc/ntpsec/ntp.conf
# Warning: This file is auto-generated and might be overwritten by
#          univention-config-registry.
#          Please edit the following file(s) instead:
# Warnung: Diese Datei wurde automatisch generiert und kann durch
#          univention-config-registry ueberschrieben werden.
#          Bitte bearbeiten Sie an Stelle dessen die folgende(n) Datei(en):
#
#       /etc/univention/templates/files/etc/ntpsec/ntp.conf
#

# /etc/ntpsec/ntp.conf, configuration for ntpd; see ntp.conf(5) for help

driftfile /var/lib/ntpsec/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list

# To enable Network Time Security support as a server, obtain a certificate
# (e.g. with Let's Encrypt), configure the paths below, and uncomment:
# nts cert CERT_FILE
# nts key KEY_FILE
# nts enable

# You must create /var/log/ntpsec (owned by ntpsec:ntpsec) to enable logging.
statsdir /var/log/ntpsec
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

server 192.168.0.10
ntpsigndsocket /var/lib/samba/ntp_signd
restrict default mssntp noquery
restrict 127.0.0.1
restrict ::1
tinker panic 0


### Synchronize with local server, if no other
### could be reached

server 127.127.1.0
fudge 127.127.1.0 stratum 5