[ntp:security] CVE request for some NTP stuff

Kurt Seifried kseifried at redhat.com
Wed Feb 4 22:24:51 UTC 2015


I haven't seen any CVE's for these yet:

http://bugs.ntp.org/show_bug.cgi?id=2671
vallen is not validated, leading to potential info leak

http://bugs.ntp.org/show_bug.cgi?id=2655
Multiple vulnerabilities in ntpd

Thanks.

-- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntp.org/private/security/attachments/20150204/adb9bc7f/attachment.sig>


More information about the security mailing list