[svlug] Serious NTP security holes

Rick Moen rick at svlug.org
Tue Dec 23 02:34:44 PST 2014

Previous message: [svlug] Serious NTP security holes
Next message: [svlug] Can't Receive
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Correcting a typo that garbled a point I was trying to make in passing:

> I most certainly did not advise people offering NTP service ot proper
                                                              ^^^^^^^^^
> networks to ignore the bug and its code fixes.  Rather the contrary.

Should be 'to public'.

While I'm here, I'll mention that this is yet another 'new' kernel bug that
is completely harmless if you have applied grsecurity.net's PaX patchset,
because it implements the UDEREF technique to ensure sane kernel behaviour
in that and a number of other ways despite both new and unsuspected kernel
bugs.  Details here:  https://grsecurity.net/~spender/uderef.txt

Grsecurty / PaX is _stil_ worth looking into, for those of us who take
security seriously.

Previous message: [svlug] Serious NTP security holes
Next message: [svlug] Can't Receive
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list