NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.

Please see the NTP Security Notice for vulnerability and mitigation details.

---

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

DakarContrib

Dakar compatibility module for use with plugins that need some of the infrastructure that has been established since TWiki-4.0 (Dakar). Most notably, this is the security sandbox that eliminates the most common attack vectors to TWiki seen in the past.

Detailed Documentation

Allocate a sandbox object

  my $sandbox;

  unless (defined &TWiki::Sandbox::new) {
    eval "use TWiki::Contrib::DakarContrib;";
    $sandbox = new TWiki::Sandbox();
  } else {
    $sandbox = $TWiki::sharedSandbox;
  }

Call an external process

  my ($result, $errorCode) = $sandbox->sysCommand($cmdTemplate>, %params);

Normalize a filename

  $fileName = TWiki::Sandbox::normalizeFilename($fileName);

Settings

• One line description:
  • Set SHORTDESCRIPTION = Dakar compatibility module for Plugins that need some of the TWiki-4.0 infrastructure on Cairo codebase
• Name of the perl package
  • Set STUB = TWiki::Contrib::DakarContrib

Installation Instructions

• Download the ZIP file
• Unzip it in your twiki installation directory. Content:

  File:	Description:
  data/TWiki/DakarContrib.txt	contrib topic
  lib/TWiki/Contrib/DakarContrib.pm	perl module

Contrib Info

-- TWiki:Main/MichaelDaum - 26 Jan 2006