Oval Definition:	oval:org.opensuse.security:def:53646
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). - Removed an OpenSSL version warning (bsc#992038 and bsc#1125401). Family: unix Class: patch Status: Reference(s): 1045986 1068101 1070130 1072887 1073973 1076500 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1091610 1125401 1131644 1131868 1131870 1131871 1131872 1131874 1133640 1144443 1150934 1156920 1166933 1167331 1169740 1171355 1172651 1173334 729190 930077 930078 930079 932483 945484 945493 947458 948902 960414 960996 961368 962313 962743 964845 964847 964849 965576 970632 975865 992038 CVE-2009-0790 CVE-2011-3146 CVE-2012-2388 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2013-1881 CVE-2013-2944 CVE-2013-5018 CVE-2013-6075 CVE-2013-6076 CVE-2013-6418 CVE-2014-0011 CVE-2014-2338 CVE-2014-3566 CVE-2014-4975 CVE-2014-8080 CVE-2014-8090 CVE-2014-8240 CVE-2014-9221 CVE-2015-0255 CVE-2015-1855 CVE-2015-3900 CVE-2015-4041 CVE-2015-4042 CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4171 CVE-2015-7551 CVE-2015-7575 CVE-2015-8023 CVE-2015-8041 CVE-2015-8126 CVE-2015-8325 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0475 CVE-2016-0483 CVE-2016-0494 CVE-2016-1908 CVE-2016-2339 CVE-2016-3115 CVE-2017-1000368 CVE-2017-11185 CVE-2017-11464 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 CVE-2017-9022 CVE-2017-9023 CVE-2018-1000041 CVE-2018-1115 CVE-2018-14526 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-5748 CVE-2018-8956 CVE-2019-11555 CVE-2019-13377 CVE-2019-16275 CVE-2019-9494 CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 CVE-2020-11868 CVE-2020-13817 CVE-2020-15025 SUSE-SU-2016:0256-1 SUSE-SU-2016:0455-1 SUSE-SU-2016:1386-1 SUSE-SU-2017:1771-1 SUSE-SU-2017:3213-1 SUSE-SU-2018:0385-1 SUSE-SU-2018:1692-1 SUSE-SU-2018:1695-1 SUSE-SU-2020:1823-1 SUSE-SU-2020:3380-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information ghostscript-9.23-lp150.1 is installed OR ghostscript-x11-9.23-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.80-lp151.2.6 is installed OR chromium-75.0.3770.80-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.12-0.4 is installed OR MozillaFirefox-translations-10.0.12-0.4 is installed OR libfreebl3-3.14.1-0.3 is installed OR libfreebl3-32bit-3.14.1-0.3 is installed OR mozilla-nspr-4.9.4-0.3 is installed OR mozilla-nspr-32bit-4.9.4-0.3 is installed OR mozilla-nss-3.14.1-0.3 is installed OR mozilla-nss-32bit-3.14.1-0.3 is installed OR mozilla-nss-tools-3.14.1-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.535-0.20 is installed OR flash-player-gnome-11.2.202.535-0.20 is installed OR flash-player-kde4-11.2.202.535-0.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.491-0.11 is installed OR flash-player-gnome-11.2.202.491-0.11 is installed OR flash-player-kde4-11.2.202.491-0.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libhogweed2-2.7.1-9 is installed OR libhogweed2-32bit-2.7.1-9 is installed OR libnettle-2.7.1-9 is installed OR libnettle4-2.7.1-9 is installed OR libnettle4-32bit-2.7.1-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.72-3 is installed OR java-1_8_0-openjdk-headless-1.8.0.72-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND sudo-1.8.10p3-10.13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND python-pywbem-0.7.0-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information coreutils-8.25-13.7 is installed OR coreutils-lang-8.25-13.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information groff-1.22.2-5 is installed OR groff-full-1.22.2-5 is installed OR gxditview-1.22.2-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libspice-server1-0.12.5-10 is installed OR spice-0.12.5-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libtiff5-4.0.6-26 is installed OR libtiff5-32bit-4.0.6-26 is installed OR tiff-4.0.6-26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.5_04-43.33 is installed OR xen-doc-html-4.7.5_04-43.33 is installed OR xen-libs-4.7.5_04-43.33 is installed OR xen-libs-32bit-4.7.5_04-43.33 is installed OR xen-tools-4.7.5_04-43.33 is installed OR xen-tools-domU-4.7.5_04-43.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND dnsmasq-2.76-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.23 is installed OR openssh-askpass-gnome-7.2p2-74.23 is installed OR openssh-fips-7.2p2-74.23 is installed OR openssh-helpers-7.2p2-74.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND ntp-4.2.8p15-4.10 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND python-Pillow-2.7.0-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.0-11.27 is installed
BACK