[ntp:security] [Bug 3072] Attack on interface selection

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Mon Sep 12 09:09:50 UTC 2016


https://bugs.ntp.org/show_bug.cgi?id=3072

--- Comment #4 from Miroslav Lichvar <mlichvar at redhat.com> 2016-09-12 09:09:50 UTC ---
As for the security bug, with the patch I'm no longer able to reproduce it.
That looks good.

But I'm not sure about the change in set_peerdstadr(), I think dstadr needs to
be NULL is some cases, for example with refclocks or NTP sources for which
there is no suitable interface yet.

-- 
Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list