ntp-4.2.8p17 was released on 6 June 2023 and addresses 3 bugs including a regression that breaks hex-encoded keys in 4.2.8p16.
Please see the NTP Security Notice for vulnerability and mitigation details.
This is the NTP Public Services Project Bugzilla which provides tracking of development issues (e.g. bugs, enhancements) for the Network Time Protocol (NTP) Reference Implementation produced by the NTP Project.
Please report security related bugs by PGP-encrypted email to the NTF Security Officer Team. You can use our NTF Security Officer Key. PLEASE DO NOT ENTER SECURITY RELATED REPORTS IN THIS BUG TRACKING SYSTEM.