NEWS updates

author Harlan Stenn <stenn@ntp.org>

Sun, 13 Nov 2016 02:43:02 +0000 (02:43 +0000)

committer Harlan Stenn <stenn@ntp.org>

Sun, 13 Nov 2016 02:43:02 +0000 (02:43 +0000)
author Harlan Stenn <stenn@ntp.org>
Sun, 13 Nov 2016 02:43:02 +0000 (02:43 +0000)
committer Harlan Stenn <stenn@ntp.org>
Sun, 13 Nov 2016 02:43:02 +0000 (02:43 +0000)
diff --git a/NEWS b/NEWS

index 498018d6dab41c2e6876fcd30f1605f6517f743c..555098e1a49c0ad877965a571cd677fff01facbd 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -42,6 +42,23 @@ X  Mitigation:
             (without -g) if it stops running. 
  X  Credit: This weakness was discovered by Miroslav Lichvar of Red Hat.
  
+* Broadcast Mode Replay Prevention DoS
+   Date Resolved: xx October 2016; Dev (4.3.94) XX October 2016
+X  References: Sec 3114 / CVE-2016-XXXX / VU#XXXXX
+X  Affects: ntp-4.2.8p7, and ntp-4.3.92.
+X  CVSS2: HIGH 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
+X  CVSS3: HIGH 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
+X  Summary: 
+X  Mitigation:
+        Implement BCP-38.
+        Upgrade to 4.2.8p8, or later, from the NTP Project Download Page
+           or the NTP Public Services Project Download Page
+        If you cannot upgrade from 4.2.8p7, the only other alternatives
+           are to patch your code or filter CRYPTO_NAK packets.
+        Properly monitor your ntpd instances, and auto-restart ntpd
+           (without -g) if it stops running. 
+X  Credit: This weakness was discovered by Miroslav Lichvar of Red Hat.
+
  * Broadcast Mode Poll Interval Enforcement DoS
     Date Resolved: xx October 2016; Dev (4.3.94) XX October 2016
  X  References: Sec 3113 / CVE-2016-XXXX / VU#XXXXX
author	Harlan Stenn <stenn@ntp.org>
	Sun, 13 Nov 2016 02:43:02 +0000 (02:43 +0000)
committer	Harlan Stenn <stenn@ntp.org>
	Sun, 13 Nov 2016 02:43:02 +0000 (02:43 +0000)