ntpd vulnerabilities
Steve Clement
steve at localhost.lu
Mon Dec 22 10:16:36 UTC 2014
Hej,
Currently on 10.0 I run:
FreeBSD tart 10.0-RELEASE-p14 FreeBSD 10.0-RELEASE-p14 #2 r265783M: Thu Dec 18 11:14:03 CET 2014 root at tart:/usr/obj/usr/src/sys/TART i386
(ntpd -? | head -1) ntpd - NTP daemon program - Ver. 4.2.4p8
If someone could share a diff between ntpd 4.2.7 and 4.2.8 would be a good start.
Some more technical info can be found here: http://circl.lu/pub/tr-29/ <http://circl.lu/pub/tr-29/>
As soon as there are FreeBSD relevant information we will include it.
cheers,
Steve
> On 22 Dec 2014, at 10:50, Winfried Neessen <neessen at cleverbridge.com> wrote:
>
> Hi everyone,
>
> there has been a security advisory for several vulnerabilities in ntpd. Is FreeBSD
> affected by this? According to http://www.kb.cert.org/vuls/id/852879 <http://www.kb.cert.org/vuls/id/852879> OpenBSD is
> not affected, but I guess that's due to the fact, that they have OpenNTPd. The
> status for FreeBSD on that page is still "unknown".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20141222/110ec0e6/attachment.sig>
More information about the freebsd-security
mailing list