diff options
author | Brandon Black <freedom@reardencode.com> | 2018-11-28 02:15:25 -0800 |
---|---|---|
committer | Jörg Thalheim <Mic92@users.noreply.github.com> | 2018-11-28 10:15:25 +0000 |
commit | dacbd5a61a9f4ec778dad67bc9538095599f589d (patch) | |
tree | e365a4a36829d5043b8771acb614ccf24d8795ab /nixos/doc | |
parent | d209180c78903dd563a317a0fd34076f66c5e159 (diff) |
nixos/ntp: use upstream default restrictions to avoid DDoS (#50762)
Fixes #50732
Diffstat (limited to 'nixos/doc')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1903.xml | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1903.xml b/nixos/doc/manual/release-notes/rl-1903.xml index 49f475913d8a3..cedd5fc21c6dd 100644 --- a/nixos/doc/manual/release-notes/rl-1903.xml +++ b/nixos/doc/manual/release-notes/rl-1903.xml @@ -113,6 +113,16 @@ </listitem> <listitem> <para> + The <literal>ntp</literal> module now has sane default restrictions. + If you're relying on the previous defaults, which permitted all queries + and commands from all firewall-permitted sources, you can set + <varname>services.ntp.restrictDefault</varname> and + <varname>services.ntp.restrictSource</varname> to + <literal>[]</literal>. + </para> + </listitem> + <listitem> + <para> Package <varname>rabbitmq_server</varname> is renamed to <varname>rabbitmq-server</varname>. </para> |