Mandriva Linux Security Advisory 2009-007 - A flaw was found in how NTP checked the return value of signature verification. A remote attacker could use this to bypass certificate validation by using a malformed SSL/TLS signature. The updated packages have been patched to prevent this issue.
↧