Ubuntu
ntp package

  1. Bug #314776
  2. Comment #4

Comment 4 for bug 314776

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

ntp (1:4.2.4p4+dfsg-7ubuntu3) jaunty; urgency=low

  * SECURITY UPDATE: clients treat malformed signatures as good when verifying
    server DSA and ECDSA certificates.
    - debian/patches/CVE-2009-0021.patch: update ntpd/ntp_crypto.c to properly
      check the return code of EVP_VerifyFinal()
    - CVE-2009-0021