[ntp:security] [Bug 1331] DoS with mode 7 packets (CVE-2009-3563)

Danny Mayer mayer at ntp.org
Fri Oct 23 02:28:16 UTC 2009

Harlan Stenn via the NTP Bugzilla wrote:
> I sent the patch to CERT and they are alerting the vendors.  We also have a VU
> number from them.
> CERT prefers to have at least 45 days' time for vendors to apply the patch and
> test it.  They have asked us if Tuesday 8 December is an acceptable "announce"
> date.  That seems fine with me, anybody disagree?

It's hard to know since you didn't send us a copy of what you sent them.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the security mailing list