[ntp:security] Talos VulnDev Follow up - NTP Vulnerability

Harlan Stenn stenn at nwtime.org
Fri Mar 25 02:25:52 UTC 2016



On 3/24/16 6:17 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at
Cisco) wrote:
> Hello Harlan,
> 
> Can you also confirm if the following vuln will be addressed in the release?
> 
> TALOS-CAN-0132 - CVE-2016-1551

Yes, 018-refclock-peering (TALOS-CAN-0132) is fixed and will be part of
4.2.8p7.

H
---

> I’ve attached encrypted zip file with advisory for your review.
> 
> 
> 
> 
> *Regina Wilson*
> Project Coordinator, Open Source and Threat Intelligence
> regiwils at cisco.com <mailto:regiwils at cisco.com>
> 
> 
> 
> 
> 
>> On Mar 23, 2016, at 8:40 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at 
>> Cisco) <regiwils at cisco.com <mailto:regiwils at cisco.com>> wrote:
>>
>> Hello Harlan,
>>
>> Thank you for the update.
>>
>> Kind Regards,
>>
>> *Regina Wilson*
>> Project Coordinator, Open Source and Threat Intelligence
>> regiwils at cisco.com <mailto:regiwils at cisco.com>
>>
>>
>> <talos_sig[4].png>
>>
>>> On Mar 22, 2016, at 4:58 PM, Harlan Stenn <stenn at nwtime.org 
>>> <mailto:stenn at nwtime.org>> wrote:
>>>
>>> Hi,
>>>
>>> These are all scheduled for the 4.2.8p7 release, which we now think will
>>> be released to the public on 12 April.
>>>
>>> On 3/22/16 7:10 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at
>>> Cisco) wrote:
>>>> Hello,
>>>>
>>>> I am following up on any updates for disclosure release schedules for the
>>>> following vulnerabilities:
>>>>
>>>> TALOS-CAN-0081 - CVE-2016-1547
>>>> TALOS-CAN-0082 - CVE-2016-1548
>>>> TALOS-CAN-0083 - CVE 2016-1549
>>>> TALOS-CAN-0084 - CVE 2016-1550
>>>>
>>>> For further information about our disclosure process and PGP key for the
>>>> vulnerability team, please see
>>>> http://www.cisco.com/web/about/security/psirt/vendor_vulnerability_policy.html
>>>>
>>>> *Regina Wilson*
>>>> Project Coordinator, Open Source and Threat Intelligence
>>>> regiwils at cisco.com <mailto:regiwils at cisco.com><mailto:regiwils at cisco.com>
>>>
>>> --
>>> Harlan Stenn <stenn at nwtime.org <mailto:stenn at nwtime.org>>
>>> http://networktimefoundation.org <http://networktimefoundation.org/>- be a 
>>> member!
>>
> 

-- 
Harlan Stenn <stenn at nwtime.org>
http://networktimefoundation.org - be a member!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 670 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntp.org/private/security/attachments/20160324/d2bc4001/attachment.sig>


More information about the security mailing list