[ntp:security] Security Vulnerability Notification in NTP daemon

Harlan Stenn stenn at ntp.org
Thu Feb 26 06:13:49 UTC 2009


Hi Fergal,

> I'm glad you accessed the results. Can we try and do a quick call later
> in the week? I'd like to get your input on our analysis and discuss
> scanning a newer build. In terms of acknowledging Veracode's efforts, we
> would like to get your rating up to an A and then do a joint statement.
> 
> Does Friday at 3 work?  That would be 12 noon your time?

Yes, that will be fine.  Is there a chance the scan of 4.2.4p5 will be
finished by then?

I'm hoping to release 4.2.6 soon, and that will come from the latest
ntp-dev code.  How difficult would it be to get that code scanned?

Thanks...

H


More information about the security mailing list