[ntp:security] Talos Security Advisory for NTP (TALOS-2016-0260)

Sue Graves sgraves at nwtime.org
Mon Mar 27 19:57:09 UTC 2017


Hi Regina and Matt,

I apologize, we don't have either of you on our Advance Security List,
because there is no formal Agreement between Cisco and NTF. Since Matt
found this bug it should have been sent to you as a "one-off" for
testing.  Sorry that this wasn't accomplished.  We are just a couple of
people over here, with too many balls in the air, but I do apologize.

I need to schedule time to talk with Matt to get back on track with our
discussions for a more formal relationship.  Matt? do you have any time
later this week to do that?

Thanks,
Sue


On 3/27/17 11:01 AM, Harlan Stenn wrote:
> Hi,
>
> We posted a release date for ntp-4.2.8p10 of 21 March, before the 7th of
> March.  We alerted CERT around the 9th, and released on-schedule.
>
> Matt (at least) should have received a number of notices about this.
>
> Were none of these notices received?  Sue Graves is a good contact
> person for issues around this.
>
> H
>
> On 3/27/17 6:10 AM, Regina Wilson (regiwils) wrote:
>> Hello Harlan,
>>
>> As we approach the end of March, I am following up to see if this issue is still 
>> scheduled for March release date.  Please advise at your earliest convenience.
>>
>> Kind Regards,
>> *Regina Wilson*
>> Engineer. Research
>> regiwils at cisco.com <mailto:regiwils at cisco.com>
>>
>>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntp.org/private/security/attachments/20170327/e066ba65/attachment.sig>


More information about the security mailing list