[pkg-ntp-maintainers] Bug#733940: Bug#733940: ntp: CVE-2013-5211
martin f krafft
madduck at debian.org
Mon Jan 27 18:35:34 UTC 2014
also sprach Kurt Roeckx <kurt at roeckx.be> [2014-01-27 18:31 +0100]:
> I'm not sure what you're suggesting.
Neither, but ignoring the problem isn't okay either, I feel. At the
very least, Debian should pressure ntp.org to release a security
upgrade for 4.2.6… and then ideally there'd be a new keyword like
noquery except that actual NTP queries would be okay, but nothing
else.
--
.''`. martin f. krafft <madduck at d.o> Related projects:
: :' : proud Debian developer http://debiansystem.info
`. `'` http://people.debian.org/~madduck http://vcs-pkg.org
`- Debian - when you have better things to do than fixing systems
"when women love us, they forgive us everything, even our crimes;
when they do not love us, they give us credit for nothing,
not even our virtues."
-- honoré de balzac
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1124 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.alioth.debian.org/pipermail/pkg-ntp-maintainers/attachments/20140127/6b2f4089/attachment.sig>
More information about the pkg-ntp-maintainers
mailing list