Concerning the ntp-4.2.8p8 security fixes
Gary E. Miller
gem at rellim.com
Fri Jun 3 17:21:28 UTC 2016
Yo Eric!
On Fri, 3 Jun 2016 11:15:13 -0400
"Eric S. Raymond" <esr at thyrsus.com> wrote:
> Yeouch! I think your caution is well-founded. I also think it would
> do NTPsec no harm to be *seen* to be more cautious and
> security-sensitive than NTP.org, even if this weren't a real ops
> issue.
+1. If the bug warranted an advisory it warrants a release.
> It's Mark's call, but my advice to him is to tag a release and make
> a minor public fuss about NTP.org's and Red Hat's dismissiveness.
Yup, work the PR angle: "We take fewer risks".
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160603/300eeff5/attachment.bin>
More information about the devel
mailing list