From owner-freebsd-security@FreeBSD.ORG Fri Nov 1 16:08:07 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3A5307B9 for ; Fri, 1 Nov 2013 16:08:07 +0000 (UTC) (envelope-from kpielorz_lst@tdx.co.uk) Received: from mail.tdx.com (mail.tdx.com [62.13.128.18]) by mx1.freebsd.org (Postfix) with ESMTP id 0402C26C0 for ; Fri, 1 Nov 2013 16:08:06 +0000 (UTC) Received: from Mail-PC.tdx.co.uk (storm.tdx.co.uk [62.13.130.251]) (authenticated bits=0) by mail.tdx.com (8.14.3/8.14.3/) with ESMTP id rA1G5pkM003304 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 1 Nov 2013 16:05:52 GMT Date: Fri, 01 Nov 2013 16:05:51 +0000 From: Karl Pielorz To: freebsd-security@freebsd.org Subject: ntpd 4.2.4p8 - up to date? Message-ID: <7403C046ABF387E5061BC441@Mail-PC.tdx.co.uk> X-Mailer: Mulberry/4.0.8 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Nov 2013 16:08:07 -0000 Hi, A friend who uses linux a lot happened to notice on a FreeBSD box I installed the other day and updated to 9.2-R that it's using ntpd 4.2.4p8. They reckon that's had a lot of issues (e.g. CVE reports) against it - and it should be newer. I'm sure the one it has been 'updated' with is secure - and just reports that version, but if someone can confirm that'd be great, Thanks, -Karl