Number: AV16-191
Date: 22 November 2016
Purpose
The purpose of this advisory is to bring attention to a multiple NTP vulnerabilities security update.
Assessment
The NTP project has released version ntp-4.2.8p9, which fixed 10 vulnerabilities and 28 bugs in their software.
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
http://www.kb.cert.org/vuls/id/633847
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities