CVE-2016-7434 NTP
Michelle Sullivan
michelle at sorbs.net
Tue Dec 13 02:19:00 UTC 2016
Dimitry Andric wrote:
> On 08 Dec 2016, at 06:08, Michelle Sullivan <michelle at sorbs.net> wrote:
>> Are we going to get a patch for CVE-2016-7434 on FreeBSD 9.3?
> On Nov 22, in r309009, Xin Li merged ntp 4.2.8p9, which fixes this
> issue, to stable/9:
>
> https://svnweb.freebsd.org/changeset/base/309009
>
> Unfortunately the commit message did not mention the CVE identifier. I
> can't find any corresponding security advisory either.
>
> -Dimitry
>
....
No updates needed to update system to 9.3-RELEASE-p52.
No updates are available to install.
Run '/usr/sbin/freebsd-update fetch' first.
[root at gauntlet /]# ntpd --version
ntpd 4.2.8p8-a (1)
So no then...
9.3 is still so-say supported so I'm not talking about -STABLE.
Michelle
More information about the freebsd-stable
mailing list