Project

General

Profile

Bug #9388

Updated by Jim Pingle over 5 years ago

Ran pkg audit new install of 2.4.4-p2: 

 <pre> 
 

  pkg audit -F 
 Fetching vuln.xml.bz2: 100%    777 KiB 795.3kB/s      00:01     
 ntp-4.2.8p12 is vulnerable: 
 ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet 
 CVE: CVE-2019-8936 
 WWW: https://vuxml.FreeBSD.org/freebsd/c2576e14-36e2-11e9-9eda-206a8a720317.html 
 </pre> 

Back