On Wed, Nov 27, 2013 at 3:29 PM, Cristiano Deana
> is it possible to include in base system of the upcoming 10.0 the new
> version of ntp (4.2.7 instead of 4.2.4)?
> There is a bug in older versions (< 4.2.7) who allows attacker use an ntp
> server to DDoS. This has been corrected in new version:
> This attack seems to be increasing in the last few weeks.
> net/ntp-devel is Ok.
> Thank you, sorry for my basic english.
ntp 4.2.4p8 isn't vulnerable.
The reflection attack is the first in the list, 4.2.4p7 and below are affected.
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"