Ubuntu USN-705-1 (ntp)

Summary
The remote host is missing an update to ntp announced via advisory USN-705-1. It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature.
Solution
The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: ntp-refclock 1:4.2.0a+stable-8.1ubuntu6.1 ntp-simple 1:4.2.0a+stable-8.1ubuntu6.1 Ubuntu 7.10: ntp 1:4.2.4p0+dfsg-1ubuntu2.1 Ubuntu 8.04 LTS: ntp 1:4.2.4p4+dfsg-3ubuntu2.1 Ubuntu 8.10: ntp 1:4.2.4p4+dfsg-6ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. https://secure1.securityspace.com/smysecure/catid.html?in=USN-705-1