Date: Thu, 04 Sep 2014 04:26:17 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 193303] New: NTP needs to be updated as a matter of urgency Message-ID: <bug-193303-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193303 Bug ID: 193303 Summary: NTP needs to be updated as a matter of urgency Product: Ports Tree Version: Latest Hardware: Any OS: Any Status: Needs Triage Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: dave@horsfall.org As I type this, my NTPD server is under a DoS attack from a botnet, using a vulnerability known since late 2013. The ports tree urgently needs to be upgraded to NTP 4.2.7.p26; it currently has 4.2.6p2, which is vulnerable. I have since firewalled inbound ntp/udp, as I am not peering. More information at http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using Please address. Thanks. -- Dave -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-193303-13>