Redwood City, CA - 2009/05/18 - The NTP Public Services Project (http://support.ntp.org/) is pleased to announce that NTP 4.2.4p7, a Point Release of the NTP Reference Implementation from the NTP Project, is now available at http://www.ntp.org/downloads.html and http://support.ntp.org/download.
Security Updates: * [Sec 1144] limited (two byte) buffer overflow in ntpq. CVE-2009-0159 Credit for finding this vulnerability goes to Geoff Keating of Apple. http://bugs.ntp.org/1144 * [Sec 1149] use SO_EXCLUSIVEADDRUSE on Windows Credit for finding this issue goes to Dave Hart. http://bugs.ntp.org/1149 * [Sec 1151] Remote exploit if autokey is enabled. CVE-2009-1252 http://bugs.ntp.org/1151 Other Changes: * Fix many compiler warnings * Many fixes and improvements for Windows * Adds support for AIX 6.1 * Resolves some issues under MacOS X and Solaris * Improved logging The file-size of this Point Release is 3382146 bytes. An MD5 sum of this release is available at http://www.ntp.org/downloads.html and http://support.ntp.org/download. Please report any bugs, issues, or desired enhancements at http://bugs.ntp.org/. The NTP (Network Time Protocol) Public Services Project, which is hosted by Internet Systems Consortium, Inc. (http://www.isc.org/), provides support and additional development resources for the Reference Implementation of NTP produced by the NTP Project (http://www.ntp.org/). _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
