Oval Definition:	oval:org.opensuse.security:def:53501
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). - Removed an OpenSSL version warning (bsc#992038 and bsc#1125401). Family: unix Class: patch Status: Reference(s): 1022727 1042948 1049373 1051150 1051412 1052252 1052771 1052984 1058082 1061107 1062937 1063034 1063035 1063037 1063038 1063039 1063040 1063041 1072902 1074122 1074425 1074610 1081557 1125401 1169740 1170446 1171355 1172651 1173334 1173592 1173594 930689 930691 970498 983215 983216 992038 998589 CVE-2007-5970 CVE-2008-7247 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-2240 CVE-2010-5298 CVE-2012-5615 CVE-2012-6702 CVE-2013-1940 CVE-2013-1976 CVE-2013-2139 CVE-2013-4396 CVE-2013-6424 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-2494 CVE-2014-2653 CVE-2014-3470 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2014-8964 CVE-2015-0255 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-3152 CVE-2015-3164 CVE-2015-3418 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4913 CVE-2015-5352 CVE-2015-5600 CVE-2015-5969 CVE-2015-6563 CVE-2015-6564 CVE-2015-8325 CVE-2015-8833 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616 CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0651 CVE-2016-0655 CVE-2016-0666 CVE-2016-0668 CVE-2016-0777 CVE-2016-0778 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-1908 CVE-2016-2047 CVE-2016-3115 CVE-2016-3477 CVE-2016-3492 CVE-2016-3521 CVE-2016-3615 CVE-2016-4182 CVE-2016-4237 CVE-2016-4238 CVE-2016-4271 CVE-2016-4272 CVE-2016-4274 CVE-2016-4275 CVE-2016-4276 CVE-2016-4277 CVE-2016-4278 CVE-2016-4279 CVE-2016-4280 CVE-2016-4281 CVE-2016-4282 CVE-2016-4283 CVE-2016-4284 CVE-2016-4285 CVE-2016-4287 CVE-2016-5300 CVE-2016-5440 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6210 CVE-2016-6515 CVE-2016-6662 CVE-2016-6663 CVE-2016-6664 CVE-2016-6921 CVE-2016-6922 CVE-2016-6923 CVE-2016-6924 CVE-2016-6925 CVE-2016-6926 CVE-2016-6927 CVE-2016-6929 CVE-2016-6930 CVE-2016-6931 CVE-2016-6932 CVE-2016-7440 CVE-2016-8283 CVE-2016-8858 CVE-2016-9082 CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2017-1000445 CVE-2017-1000476 CVE-2017-10268 CVE-2017-10378 CVE-2017-11449 CVE-2017-11751 CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12179 CVE-2017-12180 CVE-2017-12181 CVE-2017-12182 CVE-2017-12183 CVE-2017-12184 CVE-2017-12185 CVE-2017-12186 CVE-2017-12187 CVE-2017-12430 CVE-2017-12642 CVE-2017-13721 CVE-2017-13723 CVE-2017-14249 CVE-2017-15232 CVE-2017-17680 CVE-2017-17882 CVE-2017-18190 CVE-2017-2624 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3302 CVE-2017-3308 CVE-2017-3309 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-5843 CVE-2017-5848 CVE-2017-7475 CVE-2017-9409 CVE-2018-2562 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 CVE-2018-2767 CVE-2018-2771 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819 CVE-2018-8956 CVE-2020-11868 CVE-2020-13817 CVE-2020-15025 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 SUSE-SU-2015:1046-1 SUSE-SU-2016:0912-1 SUSE-SU-2016:2312-1 SUSE-SU-2017:0424-1 SUSE-SU-2017:3047-1 SUSE-SU-2018:0055-1 SUSE-SU-2018:0373-1 SUSE-SU-2018:0604-1 SUSE-SU-2020:1823-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information flatpak-0.10.4-lp150.2 is installed OR libflatpak0-0.10.4-lp150.2 is installed OR typelib-1_0-Flatpak-1_0-0.10.4-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND transfig-3.2.6a-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information curl-7.19.7-1.20.31 is installed OR libcurl4-7.19.7-1.20.31 is installed OR libcurl4-32bit-7.19.7-1.20.31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information augeas-0.9.0-3.17 is installed OR libaugeas0-0.9.0-3.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gpg2-2.0.9-25.33.41 is installed OR gpg2-lang-2.0.9-25.33.41 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND wireshark-1.10.14-12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information flash-player-11.2.202.635-140 is installed OR flash-player-gnome-11.2.202.635-140 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information xorg-x11-server-7.6_1.18.3-76.15 is installed OR xorg-x11-server-extra-7.6_1.18.3-76.15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libcairo-gobject2-1.15.2-24 is installed OR libcairo-gobject2-32bit-1.15.2-24 is installed OR libcairo-script-interpreter2-1.15.2-24 is installed OR libcairo2-1.15.2-24 is installed OR libcairo2-32bit-1.15.2-24 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gstreamer-plugins-bad-1.8.3-17 is installed OR gstreamer-plugins-bad-lang-1.8.3-17 is installed OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed OR libgstbadaudio-1_0-0-1.8.3-17 is installed OR libgstbadbase-1_0-0-1.8.3-17 is installed OR libgstbadvideo-1_0-0-1.8.3-17 is installed OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed OR libgstcodecparsers-1_0-0-1.8.3-17 is installed OR libgstgl-1_0-0-1.8.3-17 is installed OR libgstmpegts-1_0-0-1.8.3-17 is installed OR libgstphotography-1_0-0-1.8.3-17 is installed OR libgsturidownloader-1_0-0-1.8.3-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libXi6-1.7.4-9 is installed OR libXi6-32bit-1.7.4-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_48-default-4-4 is installed OR kgraft-patch-3_12_74-60_64_48-xen-4-4 is installed OR kgraft-patch-SLE12-SP1_Update_17-4-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ft2demos-2.6.3-7.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-12-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-12-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND cifs-utils-6.5-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libsystemd0-228-150.82 is installed OR libsystemd0-32bit-228-150.82 is installed OR libudev1-228-150.82 is installed OR libudev1-32bit-228-150.82 is installed OR systemd-228-150.82 is installed OR systemd-32bit-228-150.82 is installed OR systemd-bash-completion-228-150.82 is installed OR systemd-sysvinit-228-150.82 is installed OR udev-228-150.82 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ovmf-2017+git1492060560.b6d11d7c46-4.12 is installed OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.12 is installed OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libFLAC++6-1.3.0-11 is installed OR libFLAC8-1.3.0-11 is installed OR libFLAC8-32bit-1.3.0-11 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND ntp-4.2.8p15-4.10 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-bson-1_11-1.11.1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information qemu-2.6.2-41.43 is installed OR qemu-block-curl-2.6.2-41.43 is installed OR qemu-block-rbd-2.6.2-41.43 is installed OR qemu-block-ssh-2.6.2-41.43 is installed OR qemu-guest-agent-2.6.2-41.43 is installed OR qemu-ipxe-1.0.0-41.43 is installed OR qemu-kvm-2.6.2-41.43 is installed OR qemu-lang-2.6.2-41.43 is installed OR qemu-s390-2.6.2-41.43 is installed OR qemu-seabios-1.9.1-41.43 is installed OR qemu-sgabios-8-41.43 is installed OR qemu-tools-2.6.2-41.43 is installed OR qemu-vgabios-1.9.1-41.43 is installed OR qemu-x86-2.6.2-41.43 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kernel-default-4.4.180-94.107 is installed OR kernel-default-base-4.4.180-94.107 is installed OR kernel-default-devel-4.4.180-94.107 is installed OR kernel-default-kgraft-4.4.180-94.107 is installed OR kernel-devel-4.4.180-94.107 is installed OR kernel-macros-4.4.180-94.107 is installed OR kernel-source-4.4.180-94.107 is installed OR kernel-syms-4.4.180-94.107 is installed OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
BACK