Package "sntp"

Name: sntp


Network Time Protocol - sntp client

Latest version: 1:4.2.8p12+dfsg-3ubuntu4.20.10.1
Release: groovy (20.10)
Level: security
Repository: universe
Head package: ntp
Homepage: http://support.ntp.org/


Download "sntp"

Other versions of "sntp" in Groovy

Repository Area Version
base universe 1:4.2.8p12+dfsg-3ubuntu4
updates universe 1:4.2.8p12+dfsg-3ubuntu4.20.10.1


Version: 1:4.2.8p12+dfsg-3ubuntu4.20.10.1 2021-04-20 15:06:29 UTC

  ntp (1:4.2.8p12+dfsg-3ubuntu4.20.10.1) groovy-security; urgency=medium

  * SECURITY UPDATE: Null dereference attack in mode 6 packet (LP: #1891953)
    - debian/patches/CVE-2019-8936.patch: Guard against operations
      on NULL pointer in ntpd/ntp_control.c.
    - CVE-2019-8936
  * Fix FTBFS with GCC-10
    - debian/rules: add -fcommon flag to CFLAGS

 -- Brian Morton <email address hidden> Fri, 27 Nov 2020 16:10:51 -0500

1891953 CVE-2019-8936
CVE-2019-8936 NTP through 4.2.8p12 has a NULL Pointer Dereference.

About   -   Send Feedback to @ubuntu_updates