Debian Security Advisory DSA 045-1 (ntp)

The remote host is missing an update to ntp announced via advisory DSA 045-1.
Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL> reported that ntp daemons such as that released with Debian GNU/Linux are vulnerable to a buffer overflow that can lead to a remote root exploit. This has been corrected for Debian 2.2 (potato) in ntp version 4.0.99g-2potato1. We recommend you upgrade your ntp package immediately.