Amazon Linux 1 Security Advisory: ALAS-2019-1206
Advisory Release Date: 2019-05-16 22:30 Pacific
Advisory Updated Date: 2019-05-20 19:01 Pacific
NTP has a NULL pointer dereference attack in an authenticated mode 6 packet. (CVE-2019-8936)
Affected Packages:
ntp
Issue Correction:
Run yum update ntp to update your system.
i686:
ntp-debuginfo-4.2.8p12-1.41.amzn1.i686
ntp-4.2.8p12-1.41.amzn1.i686
ntpdate-4.2.8p12-1.41.amzn1.i686
noarch:
ntp-doc-4.2.8p12-1.41.amzn1.noarch
ntp-perl-4.2.8p12-1.41.amzn1.noarch
src:
ntp-4.2.8p12-1.41.amzn1.src
x86_64:
ntp-4.2.8p12-1.41.amzn1.x86_64
ntp-debuginfo-4.2.8p12-1.41.amzn1.x86_64
ntpdate-4.2.8p12-1.41.amzn1.x86_64