Magnus Danielson writes: > Hi, > > On 03/23/2017 05:12 PM, Martin Burnicki wrote: > > Magnus Danielson schrieb: > >> Hi Martin, > >> > >> On 03/23/2017 03:25 PM, Martin Burnicki wrote: > >>> Hi Magnus, > >>> > >>> Magnus Danielson wrote: > >>>> Hi, > >>>> > >>>> On 03/22/2017 02:27 PM, David Taylor wrote: > >>>>> NTP 4.2.8p10 released > >>>>> > >>>>> Windows binaries working on Windows-XP SP3 & later - download: > >>>>> http://www.satsignal.eu/ntp/x86/index.html > >>>>> > >>>>> Source: http://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.8p10.tar.gz > >>>>> > >>>> > >>>> Is bugs generated in distros? > >>>> Debian for instance. > >>> > >>> What do you mean? I don't understand your question. > >> > >> In particular for security updates it would be good to do coordinated > >> filing of a tracking bug for various Linux distributions, such that > >> they upgrade their packaging quickly. Exactly who does what may vary, > >> but with some form of orchestrated handling upgrading may become > >> quicker. > > > > The folks who are in the security group knew about the upcoming security > > release, but I agree an email should have been sent on the normal NTP > > announce mailing list as soon as the new version became available.. > > It took some time to find: > > https://packages.qa.debian.org/n/ntp.html > > 4.2.8p10 now in unstable. Hope it ripples out to the others soon. > > My point here is that we like to make sure the progress is there and > easy to evaluate when an update is possible.
For certainly more than 5 years' time we've been offering early security patch access to OS vendors and other folks who include or embed NTP in their products. We've put this offer in all of our CERT announcements, which go out at least a week before the public release of any security release. We've listed access to advance security patches at: http://nwtime.org/membership/benefits/ since the launch of the NTF website, and this access was also listed on a similar page for several years' time before that when I set up the NTP Forum at ISC. We're open to doing an even better job of telling folks about things like this. Recommendations welcome. -- Harlan Stenn <st...@ntp.org> http://networktimefoundation.org - be a member! _______________________________________________ questions mailing list questions@lists.ntp.org http://lists.ntp.org/listinfo/questions
