Oval Definition:oval:org.opensuse.security:def:52614
Revision Date:2020-12-01Version:1
Title:Security update for ntp (Moderate)
Description:

This update for ntp fixes the following issues:

ntp was updated to 4.2.8p15

- CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). - Removed an OpenSSL version warning (bsc#992038 and bsc#1125401).
Family:unixClass:patch
Status:Reference(s):1050549
1051510
1052904
1053043
1055117
1055121
1061840
1065600
1065729
1070872
1082555
1083647
1085535
1085536
1088804
1094244
1097583
1097584
1097585
1097586
1097587
1097588
1100132
1103259
1111331
1112128
1112178
1113399
1113722
1114279
1114542
1114638
1119086
1119680
1120318
1120902
1122767
1123105
1125342
1125401
1126221
1126356
1126704
1126740
1127175
1127371
1127372
1127374
1127378
1127445
1128415
1128544
1129276
1129770
1130130
1130154
1130195
1130335
1130336
1130337
1130338
1130425
1130427
1130518
1130527
1130567
1131062
1131107
1131167
1131168
1131169
1131170
1131171
1131172
1131173
1131174
1131175
1131176
1131177
1131178
1131179
1131180
1131290
1131335
1131336
1131416
1131427
1131442
1131467
1131574
1131587
1131659
1131673
1131847
1131848
1131851
1131900
1131934
1131935
1132083
1132219
1132226
1132227
1132365
1132368
1132369
1132370
1132372
1132373
1132384
1132397
1132402
1132403
1132404
1132405
1132407
1132411
1132412
1132413
1132414
1132426
1132527
1132531
1132555
1132558
1132561
1132562
1132563
1132564
1132570
1132571
1132572
1132589
1132618
1132681
1132726
1132828
1132943
1133005
1133094
1133095
1133115
1133149
1133486
1133529
1133584
1133667
1133668
1133672
1133674
1133675
1133698
1133702
1133731
1133769
1133772
1133774
1133778
1133779
1133780
1133825
1133850
1133851
1133852
1169740
1171355
1172651
1173334
800024
920870
923240
960317
992038
CVE-2006-7250
CVE-2009-0590
CVE-2009-0591
CVE-2009-0789
CVE-2009-0946
CVE-2009-1377
CVE-2009-1378
CVE-2009-1379
CVE-2009-1386
CVE-2009-1387
CVE-2009-3245
CVE-2009-3555
CVE-2009-4029
CVE-2009-4355
CVE-2010-0740
CVE-2010-2497
CVE-2010-2805
CVE-2010-2939
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3430
CVE-2010-3431
CVE-2010-3814
CVE-2010-3853
CVE-2010-3864
CVE-2010-4180
CVE-2010-4252
CVE-2011-0014
CVE-2011-0226
CVE-2011-1098
CVE-2011-1154
CVE-2011-1155
CVE-2011-3148
CVE-2011-3149
CVE-2011-3210
CVE-2011-4108
CVE-2011-4109
CVE-2011-4354
CVE-2011-4576
CVE-2011-4577
CVE-2011-4619
CVE-2011-5095
CVE-2012-0050
CVE-2012-0804
CVE-2012-0884
CVE-2012-1152
CVE-2012-1165
CVE-2012-2110
CVE-2012-2131
CVE-2012-2333
CVE-2012-4504
CVE-2012-4929
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2013-0166
CVE-2013-0169
CVE-2013-0211
CVE-2013-1989
CVE-2013-2066
CVE-2013-4509
CVE-2013-6393
CVE-2014-0076
CVE-2014-0221
CVE-2014-0224
CVE-2014-2525
CVE-2014-2583
CVE-2014-3470
CVE-2014-3505
CVE-2014-3506
CVE-2014-3507
CVE-2014-3508
CVE-2014-3510
CVE-2014-8169
CVE-2014-9130
CVE-2015-2304
CVE-2015-2331
CVE-2015-8459
CVE-2015-8460
CVE-2015-8634
CVE-2015-8635
CVE-2015-8636
CVE-2015-8638
CVE-2015-8639
CVE-2015-8640
CVE-2015-8641
CVE-2015-8642
CVE-2015-8643
CVE-2015-8644
CVE-2015-8645
CVE-2015-8646
CVE-2015-8647
CVE-2015-8648
CVE-2015-8649
CVE-2015-8650
CVE-2015-8651
CVE-2017-12836
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16880
CVE-2018-8956
CVE-2019-11091
CVE-2019-3882
CVE-2019-9003
CVE-2019-9500
CVE-2019-9503
CVE-2020-11868
CVE-2020-13817
CVE-2020-15025
SUSE-SU-2015:0667-1
SUSE-SU-2015:0668-1
SUSE-SU-2015:2401-1
SUSE-SU-2019:1244-1
SUSE-SU-2020:1823-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp150.1 is installed
  • OR dbus-1-x11-1.12.2-lp150.1 is installed
  • OR libdbus-1-3-1.12.2-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • augeas-0.9.0-3.17 is installed
  • OR libaugeas0-0.9.0-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • gnutls-2.4.1-24.39.60 is installed
  • OR libgnutls26-2.4.1-24.39.60 is installed
  • OR libgnutls26-32bit-2.4.1-24.39.60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND ft2demos-2.5.3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND autofs-5.0.9-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • pam-1.1.8-14 is installed
  • OR pam-32bit-1.1.8-14 is installed
  • OR pam-doc-1.1.8-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ibus-chewing-1.4.14-4 is installed
  • OR ibus-pinyin-1.5.0-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND cvs-1.12.12-182.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND ntp-4.2.8p15-4.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.17 is installed
  • OR kernel-default-livepatch-4.12.14-150.17 is installed
  • OR kernel-livepatch-4_12_14-150_17-default-1-1.3 is installed
  • OR kernel-livepatch-SLE15_Update_10-1-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND wget-1.14-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_63-default-7-2 is installed
  • OR kgraft-patch-3_12_74-60_64_63-xen-7-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_22-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXext6-1.3.2-3 is installed
  • OR libXext6-32bit-1.3.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND binutils-2.31-9.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_38-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_13-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR alsa-docs-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gnome-shell-search-provider-nautilus-3.20.3-23.6 is installed
  • OR libnautilus-extension1-3.20.3-23.6 is installed
  • OR nautilus-3.20.3-23.6 is installed
  • OR nautilus-lang-3.20.3-23.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND ctags-5.8-7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
  • OR webkit2gtk3-devel-2.24.4-2.47 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed
  • OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed
  • OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed
  • OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed
  • OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed
  • OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed
  • OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
    • BACK