Fedora Core 9 FEDORA-2009-0547 (ntp)

Summary
The remote host is missing an update to ntp announced via advisory FEDORA-2009-0547.
Solution
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update ntp' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0547
Insight
Update Information: This update fixes CVE-2009-0021: NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077. ChangeLog: * Mon Jan 12 2009 Miroslav Lichvar 4.2.4p6-1.fc9 - update to 4.2.4p6 (CVE-2009-0021)
References