Univention Bugzilla – Bug 37406
ntp: Multiple issues (ES 3.1)
Last modified: 2015-01-09 09:48:39 CET
Multiple issues have been found in ISC NTP: An insecure default key could lead to an attacker being able to reconfigure ntpd (CVE-2014-9293) ntp-keygen generated weak keys (CVE-2014-9294) Multiple buffer overflows (CVE-2014-9295) Incorrect error handling in processing NTP packets (CVE-2014-9296)
An updated package has been built, tests were successful.
OK - unsigned NTP (signed NTP does not work, probably configuration problems)
The update has been released in the component extsec3.1