DLA 2201-1: ntp security update

Debian 9913 Published by

A ntp security update has been released for Debian GNU/Linux 8 LTS to address a Denial of Service (DoS) vulnerability.



DLA 2201-1: ntp security update



Package : ntp
Version : 1:4.2.6.p5+dfsg-7+deb8u3
CVE ID : CVE-2020-11868

A Denial of Service (DoS) vulnerability was discovered in the network
time protocol server/client, ntp.

ntp allowed an "off-path" attacker to block unauthenticated
synchronisation via a server mode packet with a spoofed source IP
address because transmissions were rescheduled even if a packet
lacked a valid "origin timestamp"

For Debian 8 "Jessie", this issue has been fixed in ntp version
1:4.2.6.p5+dfsg-7+deb8u3.

We recommend that you upgrade your ntp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://wiki.debian.org/LTS

Mozilla-Firefox (SSA:2020-126-01)

RHSA-2020:2014-01: Important: sqlite security update

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...