[pkg-ntp-maintainers] Bug#733940: Bug#733940: ntp: CVE-2013-5211
martin f krafft
madduck at debian.org
Mon Jan 27 14:53:32 UTC 2014
also sprach Moritz Mühlenhoff <jmm at inutil.org> [2014-01-16 22:46 +0100]:
> Ok, let's ignore it. Marked as such in the Debian Security Tracker.
Please reconsider this decision. Operators of most of the public NTP
servers (pool.ntp.org *was* founded by a DD!) don't just deploy
software aside from their distro and effectively, I think that by
ignoring the problem, Debian is actively being a part of the
vastly-increasing problem of dDoS-reflection/amplification attacks.
--
.''`. martin f. krafft <madduck at d.o> Related projects:
: :' : proud Debian developer http://debiansystem.info
`. `'` http://people.debian.org/~madduck http://vcs-pkg.org
`- Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1124 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.alioth.debian.org/pipermail/pkg-ntp-maintainers/attachments/20140127/3d786cf1/attachment.sig>
More information about the pkg-ntp-maintainers
mailing list