CVE-2016-7433 log

Source
Severity Low
Remote Yes
Type Incorrect calculation
Description
ntpd Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation of a small-print variable in The Book, the fix for this problem was incorrect, resulting in a root distance that did not include the peer dispersion. The calculations and formula have been reviewed and reconciled, and the code has been updated accordingly.
Group Package Affected Fixed Severity Status Ticket
AVG-80 ntp 4.2.8.p8-1 4.2.8.p9-1 High Fixed
AVG-79 ntp 4.2.8.p8-1 4.2.8.p9-1 High Fixed
Date Advisory Group Package Severity Description
26 Nov 2016 ASA-201611-28 AVG-79 ntp High multiple issues
References
http://support.ntp.org/bin/view/Main/NtpBug3067
http://bugs.ntp.org/show_bug.cgi?id=2085