[ntp:security] [Bug 3114] Broadcast Mode Replay Prevention DoS

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Tue Sep 13 23:40:13 UTC 2016


--- Comment #6 from Matthew Van Gundy <mvangund at cisco.com> 2016-09-13 23:40:13 UTC ---
(In reply to comment #4)
> Created attachment 1445 [details]
> changes from 4.2.8p8 / shot 1
> Matthew, Harlan, and all who care about this: This is the consolidated patch
> (v.1) for the Bug 3113 + Bug 3114. The patch is against the v4.2.8p8 release.
> Review and tests welcome.

At first glance, the patch looks good modulo my previous comment.  I'll try to
test it out tomorrow.

As an aside, I wasn't able to decrypt the disclosure archive that Regina sent
to security at ntp.org.  Did it happen to include the PoC scripts that we

Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list