==========================================================================
Ubuntu Security Notice USN-4563-1
October 01, 2020

ntp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS

Summary:

NTP could be made to crash.

Software Description:
– ntp: Network Time Protocol daemon and utility programs

Details:

It was discovered that the fix for CVE-2018-7182 introduced a NULL
pointer dereference into NTP. An attacker could use this vulnerability
to cause a denial of service (crash).

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
ntp 1:4.2.8p10+dfsg-5ubuntu7.3
ntpdate 1:4.2.8p10+dfsg-5ubuntu7.3
sntp 1:4.2.8p10+dfsg-5ubuntu7.3

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4563-1
CVE-2019-8936

Package Information:
https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p10+dfsg-5ubuntu7.3

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEE7MowLJorxPNkyBZZW+PTAFZKyRgFAl92UQAACgkQW+PTAFZK
yRjPsBAA1PbUHDmBV1baVU6Q6ZwLjU3mwoQOBszrtY0x/iQE5V073rIyKqjmv63g
s0by+MIzph6x+NSaCJc+h2EVMc9YhT+DT05FcNaOIYTpSW7cbUuMJtoyFr6dfeB6
47rksFwSDEDfHalkOlv+GklDMHpSeEIj2lin3HnndPN0KVRgU66DJ1AEI4G496Nc
bQJXADOvwo84dkNeX74WXKFlFrJtWBYHQQvRQ6uTE5cMJEB2BrBTAjoX55eFbSJg
B6OdpZEtKTLavEPnEG1dXvPJKR8ExTEoUTK4OJbyGFBEsNBtMUa7dl1YHAhNKCkH
b6PZ0QpqimdKxEMsNXIhn36ge7CFaZwtLzjHN8wUDezPDmemZ3XpCOg+MlF5vx8q
uJLzsmXO7iX9raFasT1vWBrLFZy7BO2vFtq5+SxVq3mb0IPc+ztnGR7h+b/73AJi
gpROzhtn1issklvFjnbCvSgIwDDXmSNj9b8FnyqSih0SV34rpq4zOrMPl6aU1os0
8p5b/cqGmqdfj0yvQzBpXpMQm1wd6zgcN70DIWW5J7v06Haeo7E2ARe7XdW101bW
L5xs8cK4pnfrieBbqacYiNRPXX55U2z7GdVugvvhYFMEM1w0Fcl+tHqbPto/HFp9
rhTTAtWhFyORqOfYyxZORdr0DevaxI7v8KCvzqx3i/XpCSokEjE=
=dVvf
—–END PGP SIGNATURE—–
—