Comment 0 for bug 998403

Hey,

this is the exact same bug as Debian's #670662 and #671626 but as it affects a stable (LTS) release I thought I would report it too, in case it can be fixed before the next release.

Basically a multi-arch change in OpenSSL package disabled the crypto part in ntp, meaning it's not possible anymore to use some kind of protection, wether on the client part or the server part.

I'm unsure about tagging it security since it's not really a vulnerability by itself, but you see the point. Attached patch should fix the problem, but the Debian maintainer tagged the bug “pending” so you might want to wait for his fix.