I have requested src/usr.sbin/timed/timedc/timedc.c, v 1.5 to be MFC’ed to RELENG_4 and RELENG_4_10 so it will get its way into the upcoming release. It has not decided whether this will be merged into RELENG_4_10 yet, however, it is very likely that this will.

Jacques pointed out that timedc dropped its privilege before calling makeargv. Given that it was a buffer overflow and some privileged resources are still accessable after the privilege drop, it has a moderate security risk.

Not sure whether this issue will get a security advisory.