Ubuntu
ntp package

NTP security issues on Precise and Trusty

Bug #1625372 reported by Bryan Green on 2016-09-19

258

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	ntp (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Based on the changelog, precise and trusty have not received patches for the following CVE issues:

CVE-2016-1547
CVE-2016-1548
CVE-2016-1550
CVE-2016-2516
CVE-2016-2518

When will these be fixed on Precise and Trusty? They have been fixed on Debian 7 and 8.

Thanks,
Bryan

CVE References

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2016-09-22:

Hi Security Team,
I just came by on a triage run and thought it would be right to subscribe you to make you aware (let me know if not).

Christian Ehrhardt  (paelzer) on 2016-09-22

information type:

Public → Public Security

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2016-09-22:

Hello Bryan, thanks for contacting us; the ntp fixes are in our queue but currently behind other higher-priority fixes. We track CVEs in the Ubuntu CVE Tree, a web front-end is available:

http://people.canonical.com/~ubuntu-security/cve/pkg/ntp.html

Thanks

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2016-10-06:

http://www.ubuntu.com/usn/usn-3096-1/

Changed in ntp (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuntp package

NTP security issues on Precise and Trusty

Bug Description

CVE References

Other bug subscribers

Related questions

Remote bug watches

Ubuntu
ntp package