Module Name: src
Committed By: taca
Date: Thu Jul 9 15:58:51 UTC 2015
Modified Files:
src/doc: 3RDPARTY
Log Message:
Latest ntp is 4.2.8p3 which contains security fix (low risk).
Security Fix:
* [Sec 2853] Crafted remote config packet can crash some versions of
ntpd. Aleksis Kauppinen, Juergen Perlinger, Harlan Stenn.
Under specific circumstances an attacker can send a crafted packet to
cause a vulnerable ntpd instance to crash. This requires each of the
following to be true:
1) ntpd set up to allow remote configuration (not allowed by default), and
2) knowledge of the configuration password, and
3) access to a computer entrusted to perform remote configuration.
This vulnerability is considered low-risk.
To generate a diff of this commit:
cvs rdiff -u -r1.1234 -r1.1235 src/doc/3RDPARTY
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
