On 13 Dec 2016, at 03:18, Michelle Sullivan <miche...@sorbs.net> wrote: > > Dimitry Andric wrote: >> On 08 Dec 2016, at 06:08, Michelle Sullivan <miche...@sorbs.net> wrote: >>> Are we going to get a patch for CVE-2016-7434 on FreeBSD 9.3? >> On Nov 22, in r309009, Xin Li merged ntp 4.2.8p9, which fixes this >> issue, to stable/9: >> >> https://svnweb.freebsd.org/changeset/base/309009 >> >> Unfortunately the commit message did not mention the CVE identifier. I >> can't find any corresponding security advisory either. ... > No updates needed to update system to 9.3-RELEASE-p52. > No updates are available to install. > Run '/usr/sbin/freebsd-update fetch' first. > [root@gauntlet /]# ntpd --version > ntpd 4.2.8p8-a (1) > > So no then... > > 9.3 is still so-say supported so I'm not talking about -STABLE.
Well, as I mentioned, there was no Security Advisory (which is a little strange), so I didn't expect there to be any binary updates. As far as I know, binary updates are only built for Security Advisories and Errata Notices. -Dimitry
signature.asc
Description: Message signed with OpenPGP using GPGMail
