[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ntp security update

I've looked through the upstream repository for the patches that fix he
recently announced issues.  Quite a few of them turned out not to apply
to squeeze, or the newer stable releases, and I've updated the security
tracker accordingly.

I backported the remaining fixes as best I can, and uploaded the source
package to:

Would you be willing to review this package?

I noticed that you entirely reverted the upstream patch that was
supposed to fix CVE-2015-7704 and -7705, and then applied a different
fix for -7704.  I think this means -7705 isn't fixed in sid, though the
security tracker currently says it is.  Who's right?


Ben Hutchings
Beware of bugs in the above code;
I have only proved it correct, not tried it. - Donald Knuth

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: