Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 Apr 2001 17:08:50 -0700
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To:        Chris Faulhaber <jedgar@fxp.org>
Cc:        "Philip J. Koenig" <pjklist@ekahuna.com>, FreeBSD Security List <security@FreeBSD.ORG>
Subject:   Re: ntpd version not updated? 
Message-ID:  <200104200008.f3K08sA07253@cwsys.cwsent.com>
In-Reply-To: Your message of "Thu, 19 Apr 2001 19:58:13 EDT." <20010419195813.A79537@peitho.fxp.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
In message <20010419195813.A79537@peitho.fxp.org>, Chris Faulhaber 
writes:
> 
> --jRHKVT23PllUwdXP
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
> 
> On Thu, Apr 19, 2001 at 04:32:08PM -0700, Philip J. Koenig wrote:
> > Re: the recent security advisory on ntpd.  It says in part that versions =
> of ntpd=20
> > prior to "ntp-4.0.99k_2" are vulnerable, and that 4.2 STABLE as of 4/6 wa=
> s=20
> > corrected.
> >=20
> > I just CVSup'd 4.2-STABLE (RELENG_4) as of 4/15, did make world etc., and=
> =20
> > based on the "version" command in ntpq and ntpdc, and the syslog message,=
> =20
> > I'm still running version 4.0.99b.  Here's the syslog message:
> >=20
> > Apr 19 16:14:56 server ntpd[168]: ntpd 4.0.99b Sun Apr 15 09:10:45 PDT 20=
> 01 (1)
> >=20
> >=20
> > Is there something I'm missing here?
> >=20
> 
> If you are using ntpd in the base system and you updated your system
> after 4/6, you are not vulnerable.
> 
> If you are using ntpd from the ports system, ensure that it's
> version is ntp-4.0.99k_2 or greater.  The following command should
> display the version of the port you have installed:
> # pkg_version | grep ntp

ntp-4.0.99k23 is the most recent version of ntp.  It includes the fix 
for the recently discovered exploit.


-- 
Regards,                         Phone:  (250)387-8437
Cy Schubert                        Fax:  (250)387-5766
Team Leader, Sun/Alpha Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC            




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104200008.f3K08sA07253>