Fedora 40: ntpd-rs 1.5.0 critical: DoS client issue resolved
fedora
May 3, 2025
Update to version 1.5.0 (for now, without PPS feature enabled due to potential correctness issues in the code)
Summary
Full-featured implementation of NTP with NTS support.
Update Information:
Update to version 1.5.0 (for now, without PPS feature enabled due to potential correctness issues in the code). Release notes: https://github.com/pendulum-project/ntpd-rs/releases/tag/v1.5.0 Also contains the fix for GHSA-v83q-83hj-rw38.
Topics Covered
Change Log
* Thu Apr 24 2025 Fabio Valentini
References
[ 1 ] Bug #2349338 - ntpd-rs: ntpd NTS client denial of service via wrongly sized cookies [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2349338
[ 2 ] Bug #2349339 - ntpd-rs: ntpd NTS client denial of service via wrongly sized cookies [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2349339
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-66b73d6c72' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: ntpd-rs
Product: Fedora 40
Version: 1.5.0
Release: 1.fc40
Summary: Full-featured implementation of NTP with NTS support
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!