Source: ntp Version: 1:4.2.6.p2+dfsg-1 Severity: important Tags: security upstream fixed-upstream
Hi, the following vulnerabilities were published for ntp. CVE-2015-1798[0]: ntpd accepts unauthenticated packets with symmetric key crypto CVE-2015-1799[1]: Authentication doesn't protect symmetric associations against DoS attacks If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-1798 http://bugs.ntp.org/2779 [1] https://security-tracker.debian.org/tracker/CVE-2015-1799 http://bugs.ntp.org/2781 [2] http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
