** Description changed: - Hey, + [Impact] + <fill me in with explanation of severity and frequency of bug on users and justification for backporting the fix to the stable release> + + [Development Fix] + <fill me in with an explanation of how the bug has been addressed in the development branch, including the relevant version numbers of packages modified in order to implement the fix. > + + [Stable Fix] + <fill me in by pointing out a minimal patch applicable to the stable version of the package.> + + [Text Case] + <fill me in with detailed *instructions* on how to reproduce the bug. This will be used by people later on to verify the updated package fixes the problem.> + 1. + 2. + 3. + Broken Behavior: + Fixed Behavior: + + [Regression Potential] + <fill me in with a discussion of likelihood and potential severity of regressions and how users could get inadvertently affected.> + + [Original Report]Hey, this is the exact same bug as Debian's #670662 and #671626 but as it affects a stable (LTS) release I thought I would report it too, in case it can be fixed before the next release. Basically a multi-arch change in OpenSSL package disabled the crypto part in ntp, meaning it's not possible anymore to use some kind of protection, wether on the client part or the server part. I'm unsure about tagging it security since it's not really a vulnerability by itself, but you see the point. Attached patch should fix the problem, but the Debian maintainer tagged the bug “pending” so you might want to wait for his fix.
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/998403 Title: ntp in precise has disabled crypto To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/998403/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
