NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
This is login manager that you can specify in the security setup section of
. It instructs TWiki to
cooperate with your web server (typically Apache) to require authentication
information (username & password) from users. It requires that you configure
your web server to demand authentication for scripts named "login" and anything
ending in "auth". The latter should be symlinks to existing scripts; e.g.,
viewauth -> view
editauth -> edit
, and so on.
See also TWikiUserAuthentication
Subclass of TWiki::LoginManager; see that class for documentation of the
methods of this class.
Construct the ApacheLogin
ObjectMethod forceAuthentication () -> boolean
method called when authentication is required - redirects to (...|view)auth
Triggered on auth fail
ObjectMethod loginUrl () -> $loginUrl
TODO: why is this not used internally? When is it called, and why
Content of a login link
this allows the login and logon cgi-scripts to use the same code.
all a logon does, is re-direct to viewauth, and apache then figures out
if it needs to challenge the user
returns the userLogin if stored in the apache CGI query (ie session)