Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Network Time Protocol Daemon (ntpd) Security Notice

Number: AV16-191
Date: 22 November 2016

Purpose

The purpose of this advisory is to bring attention to a multiple NTP vulnerabilities security update.

Assessment

The NTP project has released version ntp-4.2.8p9, which fixed 10 vulnerabilities and 28 bugs in their software.

Suggested action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

http://www.kb.cert.org/vuls/id/633847
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Date modified: