[pkg-ntp-maintainers] Bug#733940: ntp: CVE-2013-5211
Xin Li
delphij at delphij.net
Wed Feb 19 01:28:15 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
Just FYI, we (FreeBSD) have disabled 'monlist' feature by default in
our ntpd for now (so one have to explicitly enable it to be vulnerable).
Given the fact that this issue is worsening over time, I would
recommend you to consider similar mitigation measure until NTP 4.2.8
is out.
Patch can be found at:
http://security.freebsd.org/patches/SA-14:02/ntpd.patch
(Patch can be verified against our PGP signature, see original
security advisory):
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:02.ntpd.asc
Cheers,
- --
Xin LI <delphij at delphij.net> https://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)
iQIcBAEBCgAGBQJTBAivAAoJEJW2GBstM+ns5KwP/iET2GUTBVIC313/ZABegJ/Z
klqvtGLM3bGSaOIPPV3S2S+pRC/0mDF8omGvc4gOpXNb3Yn23EIN4yaqmQ/6E+v7
ixjlBiaaEllzRrkCOD/ueXlDLFUHhESneE/ZbYw97SkiQH/ZgNltWRa/hrmkgyqN
DUp7f+aTiMSBFld8wXLzG+4vG8O6rs50vC8UNW5LWzqak+RzReZRdT8sRFXMLOMv
246x0nwMyJ/PvR/WOWIzGzxeQyqP7ByIdIvVeMm/dQlDVelWyBTnS8Hwa2534Vdd
CjbRtAvCecOklVhZ843iKqsObhf+FA496WKEv7mC2w6ATuCgvPERAtRlb7gcrzbH
5Ga6u4yK0PkMiAssdAWCtKR1ohkst/ariJD0xEFu6/IuLwWcHZDop7J6vECqjBVl
kiE6P/5PoIiywauYWP/xngx726RZhfWbXJ9eEa5Kpsg4LIhtxu18jYwTsItiOcUa
5cB5uVfTGjFXm7Z3uAWJIbJ/ZK1O+yl/dHiHqY6FaBTMu/HmlE9uRdg/yv9kuT4i
SoDu8GgXQ9dj+XGslxdBk2ysyDHzhU90i4ww5QiZVw6rrEv/Eoc0cZdOVLjc5opY
OveBIjLcr6Cv87dKeAVHgQfPxp9yBGPeqo0d6TUZQdL+lsA+/Nh+qthJre4KfgsD
xJcjQQR+gVR7Dk0hQZB1
=TC6r
-----END PGP SIGNATURE-----
More information about the pkg-ntp-maintainers
mailing list