Friday, February 14, 2014

Security Update: ntp and curl

There are two security updates that are released today: curl and ntp. Both are applied to all supported Slackware releases, back to Slackware 13.0.

As of ntp update, admins must take care of the new configuration changes that added "disable monitor" parameter to mitigate the vulnerabilities even when the restriction is removed (by default, Slackware already added noquery that disabled the attack, thus safe from this attack). Support for IPv6 has been added as well.