On Wed, Apr 04, 2001 at 11:14:31PM -0500, Bud Rogers wrote:
> On Wednesday 04 April 2001 22:24, Noah L. Meyerhans wrote:
> > It would appear that every supported Debian version is currently
> > vulnerable... Note that I've not tested this myself, but our version of
> > ntp is definitely supposed to be vulnerable.
>
> And unfortunately, 4.0.99k seems to be the latest version available unless
> you go to CVS.
Yes. The fix has been made in the FreeBSD CVS repository. I'm going to
see about integrating it with our sources now. If I get a safe copy
built I'll make a signed .deb available. I'm not a member of the
official Debian security team, though, so you shouldn't necessarily
trust me...
noah
--
_______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html
PGP signature
