[ntp:security] Crypto-Nak of death (Question regarding April NTP Vulnerabilities - PSIRT-0241128805)

Nicolas Edet nicedet at cisco.com
Thu May 5 11:09:29 UTC 2016


Hi Harlan,

Our PSIRT group coordinates vulnerability disclosures so I'm diverting 
the question to Sasa.

I'm aware of the security mailer but not of a public key. Googling "ntp 
security key" gives too many irrelevant results :)

I thought security bugs should not be filed in bugzilla? Anyway I have 
created an account nicoedet-ntp at yahoo.fr in case this is useful.

Thanks
Nicolas


On 05/05/2016 01:50, Harlan Stenn wrote:
> Hi Nicolas,
>
> Where did you look for how to submit security issues to NTP?
>
> Brad and Sue, we may need to make sure that we advertise this better.
>
> Is our security pubkey easy to find?
>
> I'm looking to see if this is a re-open of an existing bug or if we need
> a new bug report.
>
> If you'd like to be the one to follow up on this in our bugzilla, I'll
> need you to register at bugs.ntp.org.  If somebody else should be listed
> on this bug report please let me know.
>
> Thanks!
>



More information about the security mailing list