Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 Apr 2001 19:58:13 -0400
From:      Chris Faulhaber <jedgar@fxp.org>
To:        "Philip J. Koenig" <pjklist@ekahuna.com>
Cc:        FreeBSD Security List <security@freebsd.org>
Subject:   Re: ntpd version not updated?
Message-ID:  <20010419195813.A79537@peitho.fxp.org>
In-Reply-To: <3ADF1308.3067.BD4A84@localhost>; from pjklist@ekahuna.com on Thu, Apr 19, 2001 at 04:32:08PM -0700
References:  <3ADF1308.3067.BD4A84@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help 

--jRHKVT23PllUwdXP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Apr 19, 2001 at 04:32:08PM -0700, Philip J. Koenig wrote:
> Re: the recent security advisory on ntpd.  It says in part that versions =
of ntpd=20
> prior to "ntp-4.0.99k_2" are vulnerable, and that 4.2 STABLE as of 4/6 wa=
s=20
> corrected.
>=20
> I just CVSup'd 4.2-STABLE (RELENG_4) as of 4/15, did make world etc., and=
=20
> based on the "version" command in ntpq and ntpdc, and the syslog message,=
=20
> I'm still running version 4.0.99b.  Here's the syslog message:
>=20
> Apr 19 16:14:56 server ntpd[168]: ntpd 4.0.99b Sun Apr 15 09:10:45 PDT 20=
01 (1)
>=20
>=20
> Is there something I'm missing here?
>=20

If you are using ntpd in the base system and you updated your system
after 4/6, you are not vulnerable.

If you are using ntpd from the ports system, ensure that it's
version is ntp-4.0.99k_2 or greater.  The following command should
display the version of the port you have installed:
# pkg_version | grep ntp

--=20
Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
--------------------------------------------------------
FreeBSD: The Power To Serve   -   http://www.FreeBSD.org

--jRHKVT23PllUwdXP
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: FreeBSD: The Power To Serve

iEYEARECAAYFAjrfe5UACgkQObaG4P6BelBXSACgg8eloV2CP4BQaHgP08W5tFnO
XIAAn1goz/Uy7RaUGHHwEQ/RXFh0C7d5
=qQXw
-----END PGP SIGNATURE-----

--jRHKVT23PllUwdXP--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010419195813.A79537>