** Description changed: [Impact] ssl support in ntp is broken [Text Case] Not sure how to test, but check in the build log if "checking if we will use crypto..." is "yes" or "no" the precise version: https://launchpadlibrarian.net/95616971/buildlog_ubuntu-precise-i386.ntp_1%3A4.2.6.p3%2Bdfsg-1ubuntu3_BUILDING.txt.gz "checking if we will use crypto... no" + + the quantal one: + https://launchpadlibrarian.net/106850381/buildlog_ubuntu-quantal-i386.ntp_1%3A4.2.6.p3%2Bdfsg-1ubuntu4_BUILDING.txt.gz + "checking if we will use crypto... yes" [Regression Potential] should be limited, it's just pointing to the right location [Original Report] Hey, this is the exact same bug as Debian's #670662 and #671626 but as it affects a stable (LTS) release I thought I would report it too, in case it can be fixed before the next release. Basically a multi-arch change in OpenSSL package disabled the crypto part in ntp, meaning it's not possible anymore to use some kind of protection, wether on the client part or the server part. I'm unsure about tagging it security since it's not really a vulnerability by itself, but you see the point. Attached patch should fix the problem, but the Debian maintainer tagged the bug “pending” so you might want to wait for his fix.
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/998403 Title: ntp in precise has disabled crypto To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/998403/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
