Note:
This project will be discontinued after December 13, 2021. [more]
2017-01-30
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).