CVS commit: src/doc

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/doc
From: "Takahiro Kambe" <taca%netbsd.org@localhost>
Date: Thu, 9 Jul 2015 15:58:51 +0000

Module Name:    src
Committed By:   taca
Date:           Thu Jul  9 15:58:51 UTC 2015

Modified Files:
        src/doc: 3RDPARTY

Log Message:
Latest ntp is 4.2.8p3 which contains security fix (low risk).

Security Fix:

* [Sec 2853] Crafted remote config packet can crash some versions of
  ntpd.  Aleksis Kauppinen, Juergen Perlinger, Harlan Stenn.

Under specific circumstances an attacker can send a crafted packet to
cause a vulnerable ntpd instance to crash. This requires each of the
following to be true:

1) ntpd set up to allow remote configuration (not allowed by default), and
2) knowledge of the configuration password, and
3) access to a computer entrusted to perform remote configuration.

This vulnerability is considered low-risk.


To generate a diff of this commit:
cvs rdiff -u -r1.1234 -r1.1235 src/doc/3RDPARTY

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/share/mk
Next by Date: CVS commit: src/distrib/sets
Previous by Thread: CVS commit: src/share/mk
Next by Thread: CVS commit: src/distrib/sets
Indexes:

Home | Main Index | Thread Index | Old Index