[ntp:security] NTP Security Vulnerabilities issue CVE-2015-5300 :

ashish jaiswal ashu.cs178 at gmail.com
Wed Jan 6 06:13:16 UTC 2016

Hi All,

This is regarding patch submitted for NTP Security Vulnerabilities issue
mentioned in

As per the comments, CVE-2015-5300  patch is applicable for 4.2.6 and will
be available in NTP 4.2.8. But
4.2.8p4's change log does not mention about merge history of this patch or
issue fix .

Could someone clarify more about this ? Is the patch not applicable in this
case or is it planned for
future release ?

Issue tiltle :  CVE-2015-5300 ntp: MITM attacker can force ntpd to make a
step larger than the panic threshold

References for more information  :


Thanks and Regards

Ashish Jaiswal

---------- Forwarded message ----------
From: TWiki Administrator <webmaster at ntp.org>
Date: Wed, Jan 6, 2016 at 11:29 AM
Subject: TWiki password reset for Ashish Jaiswal
To: AshishJaiswal <ashu.cs178 at gmail.com>

Dear Ashish Jaiswal

Login name "AshishJaiswal"
Your password has been changed to "b7gU8roE".

If you have any questions, please contact webmaster at ntp.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20160106/73417eba/attachment.html>

More information about the security mailing list