[MacPorts] #44874: NTP needs to be upgraded urgently
#44874: NTP needs to be upgraded urgently -------------------------------+-------------------------------- Reporter: dave@… | Owner: macports-tickets@… Type: update | Status: new Priority: High | Milestone: Component: ports | Version: 2.3.1 Keywords: ntp vulnerability | Port: sysutils/ntp -------------------------------+-------------------------------- As I type this, my NTPD server is under a DoS attack from a botnet, using a vulnerability known since late 2013. The ports tree urgently needs to be upgraded to NTP 4.2.7.p26; it currently has 4.2.6, which is vulnerable. I have since firewalled inbound ntp/udp, as I am not peering. More information at http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Atta... Please address. Thanks. -- Dave -- Ticket URL: <https://trac.macports.org/ticket/44874> MacPorts <http://www.macports.org/> Ports system for OS X
#44874: NTP needs to be upgraded urgently ---------------------+-------------------------------- Reporter: dave@… | Owner: macports-tickets@… Type: update | Status: new Priority: High | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: ntp | ---------------------+-------------------------------- Changes (by cal@…): * cc: dave@… (removed) * keywords: ntp vulnerability => * port: sysutils/ntp => ntp Comment: You don't need to Cc yourself, if you're the reporter. Instead, you should Cc the maintainer when filing bugs against ports (`port info --maintainer ntp`). Good thing upstream didn't bother to release a new stable version that has the problem fixed</irony> :/ Working on this. -- Ticket URL: <https://trac.macports.org/ticket/44874#comment:2> MacPorts <http://www.macports.org/> Ports system for OS X
#44874: NTP needs to be upgraded urgently ---------------------+--------------------- Reporter: dave@… | Owner: dluke@… Type: update | Status: new Priority: High | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: ntp | ---------------------+--------------------- Changes (by cal@…): * cc: cal@… (added) * owner: macports-tickets@… => dluke@… -- Ticket URL: <https://trac.macports.org/ticket/44874#comment:3> MacPorts <http://www.macports.org/> Ports system for OS X
#44874: NTP needs to be upgraded urgently ---------------------+--------------------- Reporter: dave@… | Owner: dluke@… Type: update | Status: closed Priority: High | Milestone: Component: ports | Version: 2.3.1 Resolution: fixed | Keywords: Port: ntp | ---------------------+--------------------- Changes (by cal@…): * status: new => closed * resolution: => fixed Comment: Updated to latest dev release in r125063. Maintainer: If you want to solve this in a different way, please attach a patch. -- Ticket URL: <https://trac.macports.org/ticket/44874#comment:4> MacPorts <http://www.macports.org/> Ports system for OS X
#44874: NTP needs to be upgraded urgently ---------------------+---------------------- Reporter: dave@… | Owner: dluke@… Type: update | Status: reopened Priority: High | Milestone: Component: ports | Version: 2.3.1 Resolution: | Keywords: Port: ntp | ---------------------+---------------------- Changes (by dluke@…): * status: closed => reopened * resolution: fixed => Comment: Macports policy is to ship the latest stable upstream version. The conf file we have always shipped with ntp includes settings to prevent ntp from being used as a DDoS amplifier (you will note that the specific command in the CVE linked to is blocked from anything other than localhost) see also http://openntpproject.org. Do you have evidence of a new attack or that the conf we ship isn't effective? If not, I'm going to revert cal's changes in r125063 -- Ticket URL: <https://trac.macports.org/ticket/44874#comment:5> MacPorts <http://www.macports.org/> Ports system for OS X
#44874: NTP needs to be upgraded urgently ----------------------+--------------------- Reporter: dave@… | Owner: dluke@… Type: update | Status: closed Priority: High | Milestone: Component: ports | Version: 2.3.1 Resolution: invalid | Keywords: Port: ntp | ----------------------+--------------------- Changes (by dluke@…): * status: reopened => closed * resolution: => invalid Comment: r125070 reverted r125063 and r125062 Please reopen this if there's actual evidence of an issue - if so, it needs to be reported upstream as it means the current security advice from ntp.org is invalid and needs to be updated. -- Ticket URL: <https://trac.macports.org/ticket/44874#comment:6> MacPorts <http://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts