Concerning the ntp-4.2.8p8 security fixes

Gary E. Miller gem at
Fri Jun 3 17:21:28 UTC 2016

Yo Eric!

On Fri, 3 Jun 2016 11:15:13 -0400
"Eric S. Raymond" <esr at> wrote:

> Yeouch! I think your caution is well-founded.  I also think it would
> do NTPsec no harm to be *seen* to be more cautious and
> security-sensitive than, even if this weren't a real ops
> issue.

+1.  If the bug warranted an advisory it warrants a release.
> It's Mark's call, but my advice to him is to tag a release and make
> a minor public fuss about's and Red Hat's dismissiveness.

Yup, work the PR angle: "We take fewer risks".

Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the devel mailing list