[Bug 193303] [SECURITY]: net/ntp: Current port version (4.2.6p5_3) is vulnerable. Requesting update (or merge from net/ntp-devel)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Sep 4 05:27:18 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193303
Kubilay Kocak <koobs at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|--- |Normal
Status|Needs Triage |Open
CC| |koobs at FreeBSD.org
Assignee|freebsd-ports-bugs at FreeBSD. |cy at FreeBSD.org
|org |
Summary|NTP needs to be updated as |[SECURITY]: net/ntp:
|a matter of urgency |Current port version
| |(4.2.6p5_3) is vulnerable.
| |Requesting update (or merge
| |from net/ntp-devel)
--- Comment #1 from Kubilay Kocak <koobs at FreeBSD.org> ---
Thanks for your report Dave.
The net/ntp port is currently marked FORBIDDEN, with a reference to the CVE
(CVE-2013-5211) you referenced.
The net/ntp-devel port has version 4.2.7p470 which is not vulnerable. I'm not
sure if you knew this or not.
Until such time as the net/ntp port is updated, I would recommend upgrading
(replacing) net/ntp with net/ntp-devel.
Assigning to maintainer.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list