[ntp:security] High severity vulnerability in ntpd-4.2.8p8
stenn at nwtime.org
Wed Jun 29 11:00:02 UTC 2016
On 6/29/16 3:56 AM, Magnus Stubman wrote:
> I have two questions:
> 1. Can you request a CVE for this vulnerability?
Yes. Sue, might I bother you to handle this?
> 2. When will the patch be released to the public?
In 4.2.8p9, which will probably happen in about 3 weeks' time.
We have other things to fix in p9 as well, and those *should* be
finished in a week, if all goes well. Then the OS distribution folks
like to have 2 weeks' to prepare their releases.
Harlan Stenn <stenn at nwtime.org>
http://networktimefoundation.org - be a member!
More information about the security