I saw a posting today and wonder if I should be concerned about my YUN that I use as my NTP server on my private 192.168. network.
Thanks, good found. Yes, It is vulnerable!
Yun's NTP is far behind:
... PKG_NAME:=ntp PKG_VERSION:=4.2.6p5 ...
All NTP Version 4 releases, prior to Version 4.2.8, are vulnerable and need to be updated to Version 4.2.8.
For a novice, how do I do an update?
And should someone 'Official' put out the 'Alarm! for All YUN users?
Wait either YunOS team or upstream OS Openwrt team update the package.
Noure, thanks for pointing this out.
Can you open an issue on Github so we can track it and update it as soon as possible.
Since fix vulnerability problem is very time critical, addition more than Angelo' suggestion you might post at
https://forum.openwrt.org/ ( Openwrt, Yun's upstream OS forum)
http://www.linino.org/forum/ ( Yun's original design manufacturer forum)
2 3 horses at track to compete.