[MacPorts] #44874: NTP needs to be upgraded urgently

MacPorts noreply at macports.org
Thu Sep 4 06:22:14 PDT 2014


#44874: NTP needs to be upgraded urgently
---------------------+----------------------
  Reporter:  dave@…  |      Owner:  dluke@…
      Type:  update  |     Status:  reopened
  Priority:  High    |  Milestone:
 Component:  ports   |    Version:  2.3.1
Resolution:          |   Keywords:
      Port:  ntp     |
---------------------+----------------------
Changes (by dluke@…):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Macports policy is to ship the latest stable upstream version. The conf
 file we have always shipped with ntp includes settings to prevent ntp from
 being used as a DDoS amplifier (you will note that the specific command in
 the CVE linked to is blocked from anything other than localhost) see also
 http://openntpproject.org.

 Do you have evidence of a new attack or that the conf we ship isn't
 effective?

 If not, I'm going to revert cal's changes in r125063

-- 
Ticket URL: <https://trac.macports.org/ticket/44874#comment:5>
MacPorts <http://www.macports.org/>
Ports system for OS X


More information about the macports-tickets mailing list