[ntp:hackers] CVE-2015-5196 in 4.2.6

Kurt Roeckx kurt at roeckx.be
Wed Oct 21 18:38:03 UTC 2015


Hi,

Trying to backport the CVE-2015-5196 change, the changes to
ntp_parser.y seem to be using if (lex_from_file()).  But 4.2.6
doesn't seem to have any support for that.  Can someone provide
some information on how to do something like that in 4.2.6?


Kurt



More information about the hackers mailing list