--On 2 November 2013 01:18:24 +0100 Dimitry Andric <d...@freebsd.org> wrote:
[1] http://www.cvedetails.com/vulnerability-list/vendor_id-2153/NTP.htmlThat page lists a bunch of CVEs, and the relevant ones have already had FreeBSD security advisories: CVE-2009-3563 http://www.freebsd.org/security/advisories/FreeBSD-SA-10:02.ntpd.asc CVE-2009-1252 http://www.freebsd.org/security/advisories/FreeBSD-SA-09:11.ntpd.asc CVE-2009-0159 not relevant, NTP before 4.2.4p7-RC2 CVE-2009-0021 not relevant, NTP before 4.2.4p5 CVE-2004-0657 not relevant, NTP before 4.0
So as I'd kind of guessed - it's not really vanilla 4.2.4p8 that it's running, it's based on 4.2.4p8 with additional patches that have been applied by FreeBSD, to address the applicable notifications?
-Karl _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
