Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 7 Apr 2015 17:48:46 +0200
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: ntp security release today

Hi,

ntp.org has released ntp advisories today, CVE-2015-1798 and CVE-2015-1799, CERT VU#374268

http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

CVE-2015-1798 seems version limited to
Affects: All NTP4 releases starting with ntp-4.2.5p99 up to but not including ntp-4.2.8p2 where the installation uses symmetric keys to authenticate remote associations. .

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ