From owner-cvs-all Sun Apr 8 17: 7:14 2001 Delivered-To: cvs-all@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 464F737B422; Sun, 8 Apr 2001 17:07:06 -0700 (PDT) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f39076g01595; Sun, 8 Apr 2001 17:07:06 -0700 (PDT) Date: Sun, 8 Apr 2001 17:07:06 -0700 From: Alfred Perlstein To: Nate Williams Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/xntpd/xntpd ntp_control.c Message-ID: <20010408170706.I15938@fw.wintelcom.net> References: <200104081643.f38Gh5u88339@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200104081643.f38Gh5u88339@freefall.freebsd.org>; from nate@FreeBSD.org on Sun, Apr 08, 2001 at 09:43:05AM -0700 X-all-your-base: are belong to us. Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Nate Williams [010408 09:43] wrote: > nate 2001/04/08 09:43:05 PDT > > Modified files: (Branch: RELENG_2_2) > usr.sbin/xntpd/xntpd ntp_control.c > Log: > - Applied PHK's NTPDX remote-exploit fix. > > { Tested on my 2.2.8 box using the sample exploit code } > > Revision Changes Path > 1.6.6.1 +15 -1 src/usr.sbin/xntpd/xntpd/Attic/ntp_control.c pkh's fix was broken, please see the revision done to the 3.x branch for the correct fix. please back this out and apply the correct fix: http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/ntp/ntpd/ntp_control.c.diff?r1=1.1.1.2.2.1&r2=1.1.1.2.2.2 -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message