When used as an nts keyshare server, ntpd-rs 1.3.0 uses a vulnerable version of rustls. This allows a network user to crash the server. Client and non-nts server usage of ntpd-rs is unaffected.
Patches
Users running ntpd-rs as an nts server are recomended to immediately upgrade to ntpd-rs 1.3.1
References
See also RUSTSEC-2024-0399
When used as an nts keyshare server, ntpd-rs 1.3.0 uses a vulnerable version of rustls. This allows a network user to crash the server. Client and non-nts server usage of ntpd-rs is unaffected.
Patches
Users running ntpd-rs as an nts server are recomended to immediately upgrade to ntpd-rs 1.3.1
References
See also RUSTSEC-2024-0399