[ntp:security] Talos Security Advisory for NTP (TALOS-2016-0203, TALOS-2016-0204)
Regina Wilson -T (regiwils - ETTAIN GROUP INC at Cisco)
regiwils at cisco.com
Fri Oct 14 14:27:45 UTC 2016
Hello Harlan,
I am following up on any updates/developments for the reported issues. Is there a scheduled release timeline (actual or tentative)?
Kind Regards,
Regina Wilson
Project Coordinator
regiwils at cisco.com <mailto:regiwils at cisco.com>
> On Sep 24, 2016, at 3:55 AM, Harlan Stenn <stenn at nwtime.org> wrote:
>
> Got it, thanks!
>
> H
>
> On 9/23/16 10:47 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at
> Cisco) wrote:
>> Hello Harlan,
>>
>> Please confirm receipt of the encrypted reports below which include advisory and
>> trigger inputs.
>>
>>
>>
>>
>> *Regina Wilson*
>> Project Coordinator
>> regiwils at cisco.com <mailto:regiwils at cisco.com>
>>
>>
>>
>>
>>
>>> On Sep 23, 2016, at 8:08 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at
>>> Cisco) <regiwils at cisco.com <mailto:regiwils at cisco.com>> wrote:
>>>
>>> Hello Harlan,
>>>
>>> I’ve checked with our research team and confirmed there are no other bugs in
>>> progress as of now.
>>>
>>> Kind Regards,
>>> *Regina Wilson*
>>> Project Coordinator
>>> regiwils at cisco.com <mailto:regiwils at cisco.com>
>>>
>>>
>>> <image001.png>
>>>
>>>> On Sep 20, 2016, at 6:05 PM, Harlan Stenn <stenn at nwtime.org
>>>> <mailto:stenn at nwtime.org>> wrote:
>>>>
>>>> Regina and Matt,
>>>>
>>>> Do you have anything else in-progress?
>>>>
>>>> It can really mess up our delivery schedules when we only hear about
>>>> these things when you have them in "finished form".
>>>>
>>>> Thanks!
>>>>
>>>> H
>>>>
>>>> On 9/20/16 9:30 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at
>>>> Cisco) wrote:
>>>>> Hello Danny,
>>>>>
>>>>> The Cisco Talos team has found a security vulnerability impacting NTP
>>>>> customers.
>>>>> Please review the attached file encrypted with your PGP for the following
>>>>> issues:
>>>>>
>>>>> TALOS-2016-0203
>>>>> TALOS-2016-0204
>>>>>
>>>>>
>>>>>
>>>>> For further information about the Cisco Vendor Vulnerability Reporting and
>>>>> Disclosure Policy please refer to this document which also links to our public
>>>>> PGP key.
>>>>> http://www.cisco.com/web/about/security/psirt/vendor_vulnerability_policy.html
>>>>>
>>>>>
>>>>> Please CC vulndev at cisco.com <mailto:vulndev at cisco.com>
>>>>> <mailto:vulndev at cisco.com> on all correspondence
>>>>> related to this issue.
>>>>>
>>>>> *Regina Wilson*
>>>>> Project Coordinator
>>>>> regiwils at cisco.com <mailto:regiwils at cisco.com> <mailto:regiwils at cisco.com>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --
>>>> Harlan Stenn <stenn at nwtime.org <mailto:stenn at nwtime.org>>
>>>> http://networktimefoundation.org <http://networktimefoundation.org/> - be a
>>>> member!
>>>>
>>>
>>
>>
>>
>> _______________________________________________
>> security mailing list
>> security at lists.ntp.org
>> http://lists.ntp.org/listinfo/security
>>
>
> --
> Harlan Stenn <stenn at nwtime.org>
> http://networktimefoundation.org - be a member!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20161014/c689ada0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 8573 bytes
Desc: not available
URL: <http://lists.ntp.org/private/security/attachments/20161014/c689ada0/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.ntp.org/private/security/attachments/20161014/c689ada0/attachment.sig>
More information about the security
mailing list