From owner-freebsd-security@FreeBSD.ORG Mon Jan 13 10:08:48 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D0E755F4; Mon, 13 Jan 2014 10:08:48 +0000 (UTC) Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com [IPv6:2a00:1450:400c:c05::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 41CED1B18; Mon, 13 Jan 2014 10:08:48 +0000 (UTC) Received: by mail-wi0-f181.google.com with SMTP id hq4so1941887wib.2 for ; Mon, 13 Jan 2014 02:08:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=tHadce/cvRs4FG7LAPHLRup2HliuGKsxmP1KL4YX7E8=; b=0xEQIBic/fERbSNZYirP+1s3BfDGLSvnGKkg8dST1boiCgCjBuF9PCukfkdhVPAKwa +kjjuFu205MeIiMuoloM9P9JMjb2ICkcgjqmAJcZctY/qUxpPLcBO8YyRjDz+BlRcBh6 qONiW3IaLwxZXhdV5Hf+IqzBbT9VLyYSzbEaXHSJux1giFTou5Ve2J0MNg1YitOVmok7 RyFJGJN5Aq/MF/BLG0ggDyZAV/MH+bqW3MEp/VHA8ZoaKw+DZdMZIe3QzzCvwHEQLXhp 8WhXPZNMZO3Nk6kpEhizvt/6uHnv8Kj6slUB+aM7RMXoZHPpP+SFJPNGTTXRDW50AJl4 jeIg== MIME-Version: 1.0 X-Received: by 10.180.76.42 with SMTP id h10mr14505799wiw.46.1389607726549; Mon, 13 Jan 2014 02:08:46 -0800 (PST) Received: by 10.194.81.8 with HTTP; Mon, 13 Jan 2014 02:08:46 -0800 (PST) In-Reply-To: <52CF82C0.9040708@delphij.net> References: <52CEAD69.6090000@grosbein.net> <81785015-5083-451C-AC0B-4333CE766618@FreeBSD.org> <52CF82C0.9040708@delphij.net> Date: Mon, 13 Jan 2014 11:08:46 +0100 Message-ID: Subject: Re: NTP security hole CVE-2013-5211? From: Cristiano Deana To: Xin LI Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: freebsd-security@freebsd.org, Palle Girgensohn X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jan 2014 10:08:49 -0000 On Fri, Jan 10, 2014 at 6:18 AM, Xin Li wrote: Hi, We will have an advisory next week. If a NTP server is properly > configured, it's likely that they are not affected > I had this problem in november, and ask to -current to integrate the new versione of ntpd in base (see my mail "[request] ntp upgrade" 11/27/13 http://lists.freebsd.org/pipermail/freebsd-current/2013-November/046822.html ). I tried several workaround with config and policy, and ended up you MUST have 4.2.7 to stop these kind of attacks. I think it's better to upgrade the version in base AND to write a security advisory. Thank you -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/