Reporting Vulnerabilities
Please refrain from discussing potential security issues in any mailing lists or public forums. Instead, work with the Security Officer Team to determine the impact and resolution of the vulnerability.
Code: If you find a security vulnerability in any of NTF's Project codebases, please report it by PGP-encrypted email to that project's security address.
Pool: Issues for "pool.ntp.org" and its subdomains should be reported to the NTP Pool Project.
Other: Non-code vulnerabilities (such as a website issue) should be reported to webmaster.