On Thu, Apr 05, 2001 at 12:26:42AM -0400, Noah L. Meyerhans wrote: > Yes. The fix has been made in the FreeBSD CVS repository. I'm going to > see about integrating it with our sources now. If I get a safe copy > built I'll make a signed .deb available. I'm not a member of the > official Debian security team, though, so you shouldn't necessarily > trust me... OK, I've made some patched files available for potato i386. I was not able to get ntpd to build on my sid system. The files are available at http://web.morgul.net/~frodo/ntp/ The actual patch is available there as well. It was taken from http://www.FreeBSD.org/cgi/cvsweb.cgi/src/contrib/ntp/ntpd/ntp_control.c.diff?r1=1.1.1.2&r2=1.1.1.2.2.1 There are gpg detached sigs for the key files, just in case. Regarding verification of my keys...that might be more tricky. My key ID is 11404EC3 and the fingerprint is D896 D80A C030 7F05 701E D535 62B5 4B8C 1140 4EC3 The key is available from the keyservers and has been signed by hugo@debian.org (among others). Remember that there's nothing official about this package. I made it to patch a security hole. It will be up to the debian security team to handle the creation of the official packages. noah -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
Attachment:
pgpxFbWU0zOeb.pgp
Description: PGP signature