Oval Definition:oval:org.mitre.oval:def:13252
Revision Date:2015-02-23Version:21
Title:DSA-1702-1 ntp -- interpretation conflict
Description:It has been discovered that NTP, an implementation of the Network Time Protocol, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which may ultimately lead to the acceptance of unauthenticated time information. For the stable distribution, this problem has been fixed in version 1:4.2.2.p4+dfsg-2etch1. For the unstable distribution, this problem has been fixed in version 4.2.4p4+dfsg-8. The testing distribution will be fixed soon. We recommend that you upgrade your ntp package.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0021
DSA-1702-1
Platform(s):Debian GNU/Linux 4.0
Product(s):ntp
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • ntp-refclock DPKG is earlier than 1:4.2.2.p4+dfsg-2etch1
  • OR ntp-simple DPKG is earlier than 1:4.2.2.p4+dfsg-2etch1
  • OR ntp-doc DPKG is earlier than 1:4.2.2.p4+dfsg-2etch1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • ntpdate DPKG is earlier than 1:4.2.2.p4+dfsg-2etch1
  • OR ntp DPKG is earlier than 1:4.2.2.p4+dfsg-2etch1
    • BACK