Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 22 Dec 2014 13:52:38 -0500
From:      Chris Nehren <cnehren+freebsd-security@pobox.com>
To:        freebsd-security@freebsd.org
Subject:   Re: ntpd vulnerabilities
Message-ID:  <20141222185238.GA3308@behemoth.lan>
In-Reply-To: <201412221745.KAA28186@mail.lariat.net>
References:  <252350272.1812596.1419241828431.JavaMail.zimbra@cleverbridge.com> <B6AF154A-FE22-4357-9031-91D661FD7E57@localhost.lu> <F7FACD2F-3AFE-4717-B4B9-B54A6FC70458@localhost.lu> <201412221745.KAA28186@mail.lariat.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--liOOAslEiF7prFVr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Dec 22, 2014 at 10:39:54 -0700, Brett Glass wrote:
> I'd like to propose that FreeBSD move to OpenNTPD, which appears to=20
> have none of the
> fixed or unfixed (!) vulnerabilities that are present in ntpd.=20
> There's already a port.

Heartbleed, more than any other vulnerability in recent memory,
showed us users on the outside of the Project just how much
effort is involved in patching the base system (thank you, again,
DES, for being patient and explaining all the details!). Because
of this, I am reticent to support more software going into the
base system. It should be small enough to build itself and
bootstrap the ports tree, with very little else. The more things
are in base, the more things the developers need to worry about
patching across all the different supported versions of FreeBSD.
It's a lot faster to update a port to use a different version. If
you want fast security updates, use ports. Or hire developers to
patch software for you.

--=20
Chris Nehren

--liOOAslEiF7prFVr
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJdBAABCABHBQJUmGhXQBSAAAAAABUAInBrYS1hZGRyZXNzQGdudXBnLm9yZ2Nu
ZWhyZW4rZnJlZWJzZC1zZWN1cml0eUBwb2JveC5jb20ACgkQEcD4YkAzS8/tKQ//
aRjd8hJfVyKbkRHPh2tpAT5d1YFQunoe6MhS/xi5IX83WdHXTDbxekFZ8stgi29W
JKeYtuwtHWJs4+83SC5rzdw4jRueyohFyioBrgT5LOAEk+4C1sKlC3MdZYDyZqpB
u7pQE19mzT7lfWDJikzYsprem2ggeE5cuuGvBvZDkzQXECEaG1NuIXkPxMR0wrmf
ilMqtvPtvKKTT90V2xs9pfKU4Sm/LDbXjWXW3fdS4HI3WBOtWBqsaJccJWZmU5qu
407YdhCoAdkzt8SNI+ZkXigW/ciBMVE4OZoB+esPm4WeyF6hXW91rl/zGLuYs8gm
rTQt6iu/t+hT3dBX37+EzwnVuodPD+8kaiifBRkHC/nFf7SPbwe9LAKCpAaXSqc7
LQfFbmuCFngOlJoDfTZHoZs8q9v1fII1cPI2KBVZJlaPLG1RAtmZU2InBTniJmJI
pSIFhnuR0CEfkDvo9SWEJg8feZTRnmY4f2S1zB3JJ+ao1OsF2MSkyWo864mGC+Pn
8pKuXCRCOfrNWNQeuqYYidEWJlj/lEXmR5DNUn1iwd3mYoswstkCQK11xmI7uj2U
XQQZ0d6f2/77kEtBph3KDsXD2oYfbkIauWoC5dUg3uMicu53Bg+vvs27MinH6iNL
DQYh1OhGGBd2w89KfKAkvIMUw0YZ5dchY9fztAHDPfU=
=Efq5
-----END PGP SIGNATURE-----

--liOOAslEiF7prFVr--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141222185238.GA3308>