Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation of a small-print variable in The Book, the fix for this problem was incorrect, resulting in a root distance that did not include the peer dispersion. The calculations and formulae have been reviewed and reconciled, and the code has been updated accordingly. External References: http://support.ntp.org/bin/view/Main/NtpBug3067
Created ntp tracking bugs for this issue: Affects: fedora-all [bug 1397351]
Analysis: When an offpath attacker can spoof the first ntp reply, ntpd will jump and when it gets a real response, it will exit.
Is an RPM released with fix for this. I haven't seen one @ http://mirror.centos.org. If not released, what is ETA for same? Thanks, Keyur
Wondering the same thing. Is an errata update for el6/el7 forthcoming? Thanks.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:0252 https://rhn.redhat.com/errata/RHSA-2017-0252.html