Amazon Linux 1 Security Advisory: ALAS-2017-781
Advisory Release Date: 2017-01-04 17:00 Pacific
Advisory Updated Date: 2017-01-04 17:00 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
The following security-related issues were resolved:
CVE-2016-7426: Client rate limiting and server responses
CVE-2016-7429: Attack on interface selection
CVE-2016-7433: Broken initial sync calculations regression
CVE-2016-9310: Mode 6 unauthenticated trap information disclosure and DDoS vector
CVE-2016-9311: Null pointer dereference when trap service is enabled
Affected Packages:
ntp
Issue Correction:
Run yum update ntp to update your system.
i686:
ntpdate-4.2.6p5-43.33.amzn1.i686
ntp-4.2.6p5-43.33.amzn1.i686
ntp-debuginfo-4.2.6p5-43.33.amzn1.i686
noarch:
ntp-perl-4.2.6p5-43.33.amzn1.noarch
ntp-doc-4.2.6p5-43.33.amzn1.noarch
src:
ntp-4.2.6p5-43.33.amzn1.src
x86_64:
ntp-4.2.6p5-43.33.amzn1.x86_64
ntp-debuginfo-4.2.6p5-43.33.amzn1.x86_64
ntpdate-4.2.6p5-43.33.amzn1.x86_64