From owner-freebsd-security@FreeBSD.ORG Mon Dec 22 10:16:36 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5916358F for ; Mon, 22 Dec 2014 10:16:36 +0000 (UTC) Received: from mail2.mbox.lu (mail.mbox.lu [85.93.212.24]) by mx1.freebsd.org (Postfix) with ESMTP id DBDD864BB6 for ; Mon, 22 Dec 2014 10:16:34 +0000 (UTC) Received: from mail2.mbox.lu (localhost [127.0.0.1]) by mail2.mbox.lu (Postfix) with ESMTP id 36A973248D; Mon, 22 Dec 2014 11:07:08 +0100 (CET) Received: from [172.16.100.79] (unknown [178.254.69.231]) by mail2.mbox.lu (Postfix) with ESMTPSA id 10C503248B; Mon, 22 Dec 2014 11:07:07 +0100 (CET) Subject: Re: ntpd vulnerabilities Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Content-Type: multipart/signed; boundary="Apple-Mail=_52A5F12D-142B-40A2-BC85-7A34103D94F9"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-Pgp-Agent: GPGMail 2.5b3 From: Steve Clement In-Reply-To: <252350272.1812596.1419241828431.JavaMail.zimbra@cleverbridge.com> Date: Mon, 22 Dec 2014 11:06:59 +0100 Message-Id: References: <252350272.1812596.1419241828431.JavaMail.zimbra@cleverbridge.com> To: Winfried Neessen X-Mailer: Apple Mail (2.1993) X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Dec 2014 10:16:36 -0000 --Apple-Mail=_52A5F12D-142B-40A2-BC85-7A34103D94F9 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hej, Currently on 10.0 I run: FreeBSD tart 10.0-RELEASE-p14 FreeBSD 10.0-RELEASE-p14 #2 r265783M: Thu = Dec 18 11:14:03 CET 2014 root@tart:/usr/obj/usr/src/sys/TART i386 (ntpd -? | head -1) ntpd - NTP daemon program - Ver. 4.2.4p8 If someone could share a diff between ntpd 4.2.7 and 4.2.8 would be a = good start. Some more technical info can be found here: http://circl.lu/pub/tr-29/ = As soon as there are FreeBSD relevant information we will include it. cheers, Steve > On 22 Dec 2014, at 10:50, Winfried Neessen = wrote: >=20 > Hi everyone, >=20 > there has been a security advisory for several vulnerabilities in = ntpd. Is FreeBSD > affected by this? According to http://www.kb.cert.org/vuls/id/852879 = OpenBSD is > not affected, but I guess that's due to the fact, that they have = OpenNTPd. The > status for FreeBSD on that page is still "unknown". --Apple-Mail=_52A5F12D-142B-40A2-BC85-7A34103D94F9 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJUl+1DAAoJEGmiD1Cb5K7pS4QP/0AodJJsDhpY+376j1/F1t80 //veC5sDIyeDf86JnDSLLSVpCHnKQe95Ohg/mM+4Mey3T/6lpakZPmaoM1Y+FXH8 BiPFD2nipsj+qMzmLOmAMtgbnW2ZUCTHKj0cVcWWbCHPpo22jK647ya6FfgmCOFA UdgOnianFyL+YLbUYo0LA6M7XSts0r62RcDmlg1s1r9zcsRua6FCKXoI59+SeVva myJwJEv30KczUiifxGrQLMlnl0jGXQJwMhIGTJYdfNMYwk2XpONX1oLk8fk/QIc3 Z0fQYEq/Zl16Hhd2vRDlJh8xcVeM9vrI7+b9HqZAshhOuu1T1VDbq8xIRTfpXfCI q09m03qGCGrjRq9UIxrDFa8dgrAngh1eYiVXSKDXCCLLXmufaB1I53WD8aOuG/qY JCuSFtrGoiIBb+thkfDISme2DTQTKpVz9nHHj7rxAvo6gK6v4QFYRNdhwEC4sFSM Myrsh7vwo5SrNqOy/oiDjfXy+N5IVj+Y0fhGbEnhmOZa51q/Hvu/ZUNrgy0mMIGr HOSejQX/oUPoBitq5t98zGaKNJsosLrKaHQxr1/IkgzYRBuwVu2wDsdbzrjGvj+4 qj7jHESHPI9UIKiR8BuQldZwqPPBmGiPyudjClQcs5efKCz0l+qL19PPc5i2lD7+ 6/9mxUahUQRx6q8fp3HZ =piOm -----END PGP SIGNATURE----- --Apple-Mail=_52A5F12D-142B-40A2-BC85-7A34103D94F9--