On Fri, Jan 10, 2014 at 6:18 AM, Xin Li <[email protected]> wrote: Hi, We will have an advisory next week. If a NTP server is properly > configured, it's likely that they are not affected > I had this problem in november, and ask to -current to integrate the new versione of ntpd in base (see my mail "[request] ntp upgrade" 11/27/13 http://lists.freebsd.org/pipermail/freebsd-current/2013-November/046822.html ). I tried several workaround with config and policy, and ended up you MUST have 4.2.7 to stop these kind of attacks. I think it's better to upgrade the version in base AND to write a security advisory. Thank you -- Cris, member of G.U.F.I Italian FreeBSD User Group http://www.gufi.org/ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"