On Fri, Mar 09, 2018 at 03:25:02PM -0500, Eric S. Raymond via devel wrote: > Eric S. Raymond via devel <devel at ntpsec.org>: > > The CVEs we dodged aught to be listed in NEWS. For bragging purposes. > > I have just done this. Have we committed the fix for the CVE that we didn't dodge? Thanks, -Matt