On 13 Dec 2016, at 03:18, Michelle Sullivan <miche...@sorbs.net> wrote:
> 
> Dimitry Andric wrote:
>> On 08 Dec 2016, at 06:08, Michelle Sullivan <miche...@sorbs.net> wrote:
>>> Are we going to get a patch for CVE-2016-7434 on FreeBSD 9.3?
>> On Nov 22, in r309009, Xin Li merged ntp 4.2.8p9, which fixes this
>> issue, to stable/9:
>> 
>> https://svnweb.freebsd.org/changeset/base/309009
>> 
>> Unfortunately the commit message did not mention the CVE identifier.  I
>> can't find any corresponding security advisory either.
...
> No updates needed to update system to 9.3-RELEASE-p52.
> No updates are available to install.
> Run '/usr/sbin/freebsd-update fetch' first.
> [root@gauntlet /]# ntpd --version
> ntpd 4.2.8p8-a (1)
> 
> So no then...
> 
> 9.3 is still so-say supported so I'm not talking about -STABLE.

Well, as I mentioned, there was no Security Advisory (which is a little
strange), so I didn't expect there to be any binary updates.  As far as
I know, binary updates are only built for Security Advisories and Errata
Notices.

-Dimitry

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Reply via email to