devel@ntpsec.org said:
> Why wouldn't we require a certain openssl version as there are a number of
> security vulnerabilities in (older) openssl?
Do you have a pointer to a list of the insecure versions with a summary of
the bug so we can see if we use that feature?
--
These are my opinions.
Hello,
I noticed the commit at
https://gitlab.com/NTPsec/ntpsec/commit/6d17955b03ca65d67f2cc2ceba01bd60e07d5fd4
and have a question regarding this:
Why wouldn't we require a certain openssl version as there are a number
of security vulnerabilities in (older) openssl?
Kind regards,
Udo
___
On 08-03-18 01:52, Richard Laager wrote:
>> What about the spec file?
>
> There are a couple of different issues here:
>
> 1) You want to use /etc/sysconfig/ntpd.
Not in this one. (see attachment)
This was fixed after the systemd tip you gave me.
> 2) Should the packaging on any particular dist
On 03/07/2018 06:40 AM, Udo van den Heuvel wrote:
> So the ntpd.service change is not needed.
To be absolutely clear, drop-in files in /etc are for the administrator.
If using /etc/sysconfig/ntpd is desirable in the packaging for a
particular distro, the ntpd.service in /lib should be updated dire
CVE-2018-7182 only.
On Tue, Mar 6, 2018 at 3:10 PM, Richard Laager via devel
wrote:
> I tried this to security-discuss, but I'm not sure if it went through:
>
> The Debian security team has asked me which of the February 2018
> ntp-4.2.8p11 vulnerabilities apply to NTPsec:
>
> http://support.ntp.
On 07-03-18 06:18, Richard Laager wrote:
> I gave this concept a try. We were missing the [Service] section header.
> Use this instead:
>
> [Service]
> ExecStart=
> EnvironmentFile=-/etc/sysconfig/ntpd
> ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS
Thanks, that made things work!
So the ntpd.serv
