[ntp:security] oCERT Security Advisoriy for OpenSSL concerning NTP

Laatz, Erek laatz at consist.de
Thu Jan 8 12:02:03 UTC 2009


Steve,

the oCert Advisory #2008-16 about a security leak in OpenSSL is also
concerning NTP (4.2.4p5 and 4.2.5p150). See

   http://www.ocert.org/advisories/ocert-2008-016.html

about the details. It seems the autokey functions will be affected.

I wonder to find no hint on http://www.ntp.isc.org/

Would you please add the informations on
http://www.ntp.isc.org/bin/view/Main/SecurityNotice (if possible and wanted)

Thank you very much, yours

Erek


-- 
+-----------------------------------+--------------------------------+
I Erek Laatz                        I                                I
I Senior Consultant                 I Tel.:     +49.(0)431.3993-556  I
I Professionals & Projects          I FAX:      +49.(0)431.3993-999  I
I --                                I                                I
I Consist Software Solutions GmbH   I                                I
I A Consist World Group Company     I Mobile:   +49.(0)160.90627851  I
I Falklandstr. 1-3, D-24159 Kiel    I E-Mail:   Laatz at consist.de     I
I Postfach 93 28,   D-24152 Kiel    I                                I
+-----------------------------------+--------------------------------+
I HRB Kiel Nr. 3983, UST-ID: DE811697637                             I
I Geschäftsführer: Dipl.-Kfm. Daniel Ries                            I
I                  Dipl.-Math. Martin Lochte-Holtgreven              I
I                  Ines von Jagemann                                 I
+--------------------------------------------------------------------+
I Pushing IT forward!                                                I
I Ihr IT-Spezialist für Integrations- und Individuallösungen         I
I Your IT specialist for integration and tailor-made solutions       I
+--------------------------------------------------------------------+

<!--
            Nichts auf der Welt ist so mächtig wie eine Idee,
                                     deren Zeit gekommen ist!
                                                  Victor Hugo
!>


More information about the security mailing list