On Mon, Nov 2, 2020 at 12:10 PM Björn Persson <Bjorn(a)xn--rombobjrn-67a.se> wrote:
Miroslav Lichvar wrote:
> The main problem is that they don't fix all known security issues. In
> the CVE list I see about 10 issues that were not fixed at all or only
> partially, some exploitable in default configuration.
That sounds bad. Where is that list? In Red Hat Bugzilla I see only two.
> I'm not sure how many users of ntp are there. As a replacement, we
> could package ntpsec.
Judging only from their own website, it seems that switching to NTPsec
would be a great improvement.
I'll have to investigate whether I can migrate all my usecases to
Chrony.
Work migrated to Chrony a year or so ago. The only thing I use from
ntp is the "ntpdate" tool. Everything else is chrony now. :)
--
真実はいつも一つ!/ Always, there's only one truth!