[ntp:security] [Bug 1331] DoS with mode 7 packets (CVE-2009-3563)

Danny Mayer via the NTP Bugzilla bugzilla at ntp.org
Wed Oct 7 03:13:54 UTC 2009


Additional Comments From mayer at ntp.org (Danny Mayer)
Submitted on 2009-10-07 03:13

The number one rule of security fixes is to keep the fixes simple so that
vendors, if necessary can backport the fix to earlier releases. There are
assumptions here in your proposed changes that are only valid for the latest
releases and should not be assumed to be valid for earlier releases. The
important part is to make clear what needs to be changed. This is not just for
4.2.4 but needs to be easy to do for earlier releases. Enhancements like you are
suggesting can happen later but should be done with additional thought to what
really needs to be logged and that has not been mapped out yet.


Danny Mayer <mayer at ntp.org>

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the security mailing list