[pkg-ntp-maintainers] Bug#733940: Bug#733940: ntp: CVE-2013-5211

Moritz Muehlenhoff jmm at inutil.org
Mon Jan 27 18:42:46 UTC 2014


On Mon, Jan 27, 2014 at 07:35:34PM +0100, martin f krafft wrote:
> also sprach Kurt Roeckx <kurt at roeckx.be> [2014-01-27 18:31 +0100]:
> > I'm not sure what you're suggesting.
> 
> Neither, but ignoring the problem isn't okay either, I feel. At the
> very least, Debian should pressure ntp.org to release a security
> upgrade for 4.2.6… and then ideally there'd be a new keyword like
> noquery except that actual NTP queries would be okay, but nothing
> else.

You're prefer to propose a patch, otherwise talk is cheap.

Cheers,
        Moritz



More information about the pkg-ntp-maintainers mailing list