Comment 3 for bug 1891953

Thanks for the debdiff - I am happy to sponsor this for you - one quick thing, there is no need to reference the debian bug report in the changelog so I have cleaned it up to look like the following:

ntp (1:4.2.8p10+dfsg-5ubuntu7.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Null dereference attack in mode 6 packet (LP: #1891953)
    - debian/patches/CVE-2019-8936.patch: Guard against operations
      on NULL pointer in ntpd/ntp_control.c.
    - CVE-2019-8936

 -- Brian Morton <email address hidden> Mon, 17 Aug 2020 21:58:51 -0400

I also notice this CVE is also unresolved in focal and groovy - would you be interested in preparing debdiff's against ntp in those releases as well?