Oval Definition:	oval:org.opensuse.security:def:55438
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Critical) Description: The network timeservice ntp was updated to fix critical security issues (bnc#910764, CERT VU#852879) * A potential remote code execution problem was found inside ntpd. The functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure() where updated to avoid buffer overflows that could be exploited. (CVE-2014-9295) * Furthermore a problem inside the ntpd error handling was found that is missing a return statement. This could also lead to a potentially attack vector. (CVE-2014-9296) Family: unix Class: patch Status: Reference(s): 1012382 1050242 1051510 1053043 1056787 1058115 1063638 1064802 1065600 1065729 1066129 1068546 1071995 1075020 1082387 1083647 1085535 1099658 1103367 1103992 1104353 1104427 1106011 1106284 1108838 1110946 1111696 1112063 1113722 1114427 1114893 1115688 1115713 1117158 1117561 1118139 1119843 1120091 1120423 1120566 1120843 1120902 1120946 1122776 1123454 1123663 1124211 1124503 1124839 1126356 1127616 1128052 1128904 1128905 1128979 1129138 1129497 1129693 1129770 1129848 1129857 1130409 1130699 1130972 1131451 1131488 1131565 1131673 1132044 1132894 1133114 1133145 1133176 1133188 1133190 1133320 1133612 1133616 1134160 1134162 1134199 1134200 1134201 1134202 1134203 1134204 1134205 1134354 1134393 1134459 1134460 1134461 1134537 1134591 1134597 1134607 1134651 1134671 1134760 1134806 1134810 1134813 1134848 1134936 1135006 1135007 1135008 1135056 1135100 1135120 1135278 1135281 1135309 1135312 1135314 1135315 1135316 1135320 1135323 1135330 1135492 1135542 1135556 1135603 1135642 1135661 1135758 1136206 1136424 1136428 1136430 1136432 1136434 1136435 1136438 1136439 1136477 1136478 1136573 1136586 1136881 1136935 1136990 1137151 1137152 1137153 1137162 1137372 1137444 1137586 1137739 1137752 1141493 1150114 875647 881241 910764 916835 924828 963963 965283 974847 978395 979261 979906 981040 981041 981108 981109 981111 981112 981114 981115 981548 981549 981550 986359 988489 CVE-2013-1976 CVE-2013-4245 CVE-2014-0050 CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6466 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 CVE-2014-8891 CVE-2014-8892 CVE-2014-9295 CVE-2014-9296 CVE-2015-1931 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2619 CVE-2015-2621 CVE-2015-2625 CVE-2015-2632 CVE-2015-2637 CVE-2015-2638 CVE-2015-2664 CVE-2015-2806 CVE-2015-2808 CVE-2015-4000 CVE-2015-4729 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-8806 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3092 CVE-2016-3705 CVE-2016-3977 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2016-5388 CVE-2017-12652 CVE-2018-10916 CVE-2018-19208 CVE-2018-7191 CVE-2019-10124 CVE-2019-11085 CVE-2019-11365 CVE-2019-11366 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11487 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-16167 CVE-2019-3846 CVE-2019-5489 CVE-2019-7317 SUSE-SU-2015:0904-1 SUSE-SU-2015:2172-1 SUSE-SU-2016:1140-1 SUSE-SU-2016:1510-1 SUSE-SU-2016:1538-1 SUSE-SU-2016:2188-1 SUSE-SU-2018:3812-2 SUSE-SU-2019:0642-1 SUSE-SU-2019:1091-1 SUSE-SU-2019:1530-1 SUSE-SU-2019:2752-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information coreutils-8.29-lp150.2 is installed OR coreutils-lang-8.29-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-74.0.3729.157-lp151.2.3 is installed OR chromium-74.0.3729.157-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND openssl-certs-1.97-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information orca-2.28.3-0.5 is installed OR orca-lang-2.28.3-0.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information ntp-4.2.6p5-31 is installed OR ntp-doc-4.2.6p5-31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND atftp-0.7.0-160.8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libwpd-0.10.2-2.7 is installed OR libwpd-0_10-10-0.10.2-2.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr1.10-2 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr1.10-2 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr1.10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND clamav-0.99.2-32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information bind-9.9.9P1-46 is installed OR bind-chrootenv-9.9.9P1-46 is installed OR bind-doc-9.9.9P1-46 is installed OR bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-devel-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libXvnc1-1.6.0-18.28 is installed OR tigervnc-1.6.0-18.28 is installed OR xorg-x11-Xvnc-1.6.0-18.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ImageMagick-6.8.8.1-71.74 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.74 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.74 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information giflib-progs-5.0.5-12 is installed OR libgif6-5.0.5-12 is installed OR libgif6-32bit-5.0.5-12 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
BACK