Source: ntp Version: 1:4.2.6.p2+dfsg-1 Severity: important Tags: security upstream fixed-upstream
Hi, the following vulnerabilities were published for ntp. CVE-2015-1798[0]: ntpd accepts unauthenticated packets with symmetric key crypto CVE-2015-1799[1]: Authentication doesn't protect symmetric associations against DoS attacks If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-1798 http://bugs.ntp.org/2779 [1] https://security-tracker.debian.org/tracker/CVE-2015-1799 http://bugs.ntp.org/2781 [2] http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
