[ntp:security] Security Vulnerability Notification in NTP daemon

Harlan Stenn stenn at ntp.org
Wed Feb 18 23:58:05 UTC 2009

Hi Fergal,

> Thanks for your response. The analysis is available in a secure location
> on Veracode's hosted platform. If each of you fill out the following
> details I can get both of you access:

First Name: Harlan
Last Name: Stenn
Phone: 650 423 1359
Email: stenn at ntp.org
Address: NTP Project
	 c/o Internet Systems Consortium, Inc.
	 950 Charter St
	 Redwood City CA 94063

> After we provision you I can also set up a call with my security lead
> who will review and discuss the results of Veracode's analysis with you.
> A Platform account also gives you access to Veracode's mitigation tools
> and any other analysis we perform on subsequent NTP builds. During the
> call I would also like to discuss scanning a pre-release of 4.2.6.

I'd like that very much.

> There is no charge for this. This service is being made available to the
> open source projects our customers have asked us to scan.

Thanks very much - if you are interested we'll be happy to acknowledge
your efforts on our website.


More information about the security mailing list