Update NEWS file

author Harlan Stenn <stenn@ntp.org>

Thu, 21 Feb 2019 01:13:36 +0000 (17:13 -0800)

committer Harlan Stenn <stenn@ntp.org>

Thu, 21 Feb 2019 01:13:36 +0000 (17:13 -0800)
author Harlan Stenn <stenn@ntp.org>
Thu, 21 Feb 2019 01:13:36 +0000 (17:13 -0800)
committer Harlan Stenn <stenn@ntp.org>
Thu, 21 Feb 2019 01:13:36 +0000 (17:13 -0800)
diff --git a/NEWS b/NEWS

index 069b4490d6eeb8109f37acf97f3bba768847f488..5cae9372a2988f708787d5ddbea735ccee8f6fca 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,9 @@ explicitly trusted source to send a crafted malicious mode 6 (ntpq)
  packet that can trigger a NULL pointer dereference, crashing ntpd.
  It also provides 17 other bugfixes and 1 other improvement:
  
+* [Sec 3565] Crafted null dereference attack in authenticated
+            mode 6 packet <perlinger@ntp.org>
+  - reported by Magnus Stubman
  * [Bug 3560] Fix build when HAVE_DROPROOT is not defined <perlinger@ntp.org>
    - applied patch by Ian Lepore
  * [Bug 3558] Crash and integer size bug <perlinger@ntp.org>
author	Harlan Stenn <stenn@ntp.org>
	Thu, 21 Feb 2019 01:13:36 +0000 (17:13 -0800)
committer	Harlan Stenn <stenn@ntp.org>
	Thu, 21 Feb 2019 01:13:36 +0000 (17:13 -0800)