[ntp:security] Sec 3376 info

Sue Graves sgraves at nwtime.org
Mon Mar 27 23:01:14 UTC 2017


Hi Nancy,

Thanks for your report.


On 3/27/17 2:12 PM, Nancy Nichols wrote:
>
> Hi – I am attempting to navigate on the NTP page about security fixes
> in NTP-4.2.8p10
>
> Starting here:
>
>  
>
> http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
>
>  
>
> From this page, under “Recent Vulnerabilities”, I click on the SEC
> 3376 link – but it brings me to the write-up for SEC *3379* instead.
>

This is our error, the link is correct:
http://support.ntp.org/bin/view/Main/NtpBug3376, but the wrong data is
on the page, we'll get that fixed asap.
>
>  
>
> Also, clicking on the http://www.kb.cert.org/vuls/id/633847
> <http://www.kb.cert.org/vuls/id/633847>
>
> Link brings me to a page that details 4.2.8p9 vulnerabilities, but
> doesn’t mention those addressed
>
> in p10. The resulting page says it hasn’t been updated since Nov 2016.
>

This is the wrong link, we'll fix that as well.
>
>  
>
> If I click on this link http://www.kb.cert.org/vuls/id/325339
> <http://www.kb.cert.org/vuls/id/325339>
>
> I get an Error 404.
>

This is because Cert hasn't updated their page yet, I will check when
they can get that done.

Thanks again,
Sue
>
>  
>
> Sorry just looking for information and thought you might like to know
> that some links may need to
>
> Be fixed. Or maybe I’m doing something wrong L
>
>  
>
> Thanks in advance for your time –
>
> Nancy
>
> E-Banner
> <http://mrv.com/contact-mrv-communications/?interest=Subscribe%20to%20Newsletter>
>  
>
> MRV Communications is a global supplier of packet and optical
> solutions that power the world’s largest networks. Our products
> combine innovative hardware with intelligent software to make networks
> smarter, faster and more efficient.
>
>  
>
> The contents of this message, together with any attachments, are
> intended only for the use of the person(s) to whom they are addressed
> and may contain confidential and/or privileged information. If you are
> not the intended recipient, immediately advise the sender, delete this
> message and any attachments and note that any distribution, or copying
> of this message, or any attachment, is prohibited.
>
>
>
> _______________________________________________
> security mailing list
> security at lists.ntp.org
> http://lists.ntp.org/listinfo/security




More information about the security mailing list