Number: AV17-037
Date: March 22 2017
Purpose
The purpose of this advisory is to bring attention to a multiple NTP vulnerabilities security update.
Assessment
The NTP project has released version ntp-4.2.8p10, which fixed 15 vulnerabilities and 15 bugs in their software.
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
http://www.kb.cert.org/vuls/id/633847
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities