| Errata ID | 331 |
|---|---|
| Date | 2016-11-23 |
| Source package | ntp |
| Fixed in version | 1:4.2.6.p5+dfsg-2.63.201611102010 |
| Description | This update addresses the following issue(s): * incorrect handling of crypto NAK packets my result in denial of service (CVE-2016-1547) * Change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode (CVE-2016-1548) * Timing attack for authenticated packets (CVE-2016-1550) * Duplicate IPs on unconfig directives will cause an assertion failure (CVE-2016-2516) * Crafted addpeer with hmode > 7 causes out-of-bounds reference (CVE-2016-2518) |
| Additional notes | |
| CVE ID | CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2516 CVE-2016-2518 |
| UCS Bug number | #40770 |
