-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : ntp Version : 1:4.2.6.p5+dfsg-7+deb8u3 CVE ID : CVE-2020-11868
A Denial of Service (DoS) vulnerability was discovered in the network time protocol server/client, ntp. ntp allowed an "off-path" attacker to block unauthenticated synchronisation via a server mode packet with a spoofed source IP address because transmissions were rescheduled even if a packet lacked a valid "origin timestamp" For Debian 8 "Jessie", this issue has been fixed in ntp version 1:4.2.6.p5+dfsg-7+deb8u3. We recommend that you upgrade your ntp packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,''`. : :' : Chris Lamb `. `'` [email protected] / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl6xOCQACgkQHpU+J9Qx HlgoMg//T0rObYWMHmatqA1LYkJJdr8t/Kiv87RGujfzkL2Se/WLNqU/dE3qmWng NgOMoffQhyuf7UPcOGHHYfvl17H73zrzmqe+2tCLnmKlVAF+F7JylmTisPxZzMQe zrmDqMsFNVxKFK+OPWXuVTb/tprq0G/3hN0nbJvflSPGrUgZedkW5QmLzIV/VjTr J/z3wUz7j7z0GYR067u4crjcAIuSmeQwkYLlrGfpfIcm3M/iAA9OnwVHgMhPbdSU CTIg4NDjR02E1JP1gxGQABkvJe4H5+FHzvvg26UicxCIkMPmCTGgbE22K9d3/dc2 qfPznTZ6i6TRi63SstgSUK8rV900Jo/kwhI7gqFpaVRGlK5cCxxhwG8SfgZzLhTi jEEvzfeScIcpt4GapiaFiZrl8C0gipqWCWAjd24xMFzWsIggkHtxhFAagBfdKcQl kNn8ApMKEOlNkPcKTqelZ5d4bJ4T860CEXpVz+DxPORsSilFqcOjiQoejrfwxsRL JWzUjn6iMtjUim5oThII2M2LqTN79ARIFXX7o/PRHakGCovzMsWGDBeafjNpnlKK ScVUP82pq45gT1AXF971eOkE1oQ5uTGyz0LxaUfNWS/0jwNKhCk24Ye/ximzAB8k 8Cm09r5wdUOkWHAFEu76RSCr4i2fzvNh6MOMy4jBloQBt/8jSGk= =XZJh -----END PGP SIGNATURE-----
