Oval Definition:	oval:org.opensuse.security:def:56743
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: - Update to 4.2.8p11 (bsc#1082210): * CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. * CVE-2018-7182: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak. (bsc#1083426) * CVE-2018-7170: Multiple authenticated ephemeral associations. (bsc#1083424) * CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state. (bsc#1083422) * CVE-2018-7185: Unauthenticated packet can reset authenticated interleaved association. (bsc#1083420) * CVE-2018-7183: ntpq:decodearr() can write beyond its buffer limit.(bsc#1083417) - Don't use libevent's cached time stamps in sntp. (bsc#1077445) Family: unix Class: patch Status: Reference(s): 1003952 1025506 1027038 1052311 1052368 1054429 1055857 1059893 1076958 1077445 1082063 1082210 1083417 1083420 1083422 1083424 1083426 1120943 1124493 1135824 1158675 1160398 1160770 1165402 1168404 1168407 1169066 1169511 1171475 1171847 1172105 1172116 1172121 1172175 1172176 1173027 965902 983671 984639 991012 991013 991015 991016 991017 991018 991019 991020 CVE-2009-0946 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2011-0226 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2014-2240 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-1038 CVE-2015-7511 CVE-2016-1549 CVE-2016-2183 CVE-2016-2335 CVE-2016-4983 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359 CVE-2016-6328 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2017-1000112 CVE-2017-15107 CVE-2017-7544 CVE-2018-20030 CVE-2018-7170 CVE-2018-7182 CVE-2018-7183 CVE-2018-7184 CVE-2018-7185 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-16770 CVE-2019-3820 CVE-2019-7317 CVE-2019-9278 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 CVE-2020-0093 CVE-2020-11076 CVE-2020-11077 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-5247 CVE-2020-8177 SUSE-SU-2016:1089-1 SUSE-SU-2016:2453-1 SUSE-SU-2016:2915-1 SUSE-SU-2017:0839-1 SUSE-SU-2017:2442-1 SUSE-SU-2018:0956-1 SUSE-SU-2019:1388-1 SUSE-SU-2019:1390-1 SUSE-SU-2019:1721-1 SUSE-SU-2020:1272-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1686-1 SUSE-SU-2020:1732-1 SUSE-SU-2020:2060-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information firewall-macros-0.5.3-lp150.1 is installed OR firewalld-0.5.3-lp150.1 is installed OR firewalld-lang-0.5.3-lp150.1 is installed OR python3-firewall-0.5.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND schismtracker-20190805-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ntp-4.2.8p11-64.3 is installed OR ntp-doc-4.2.8p11-64.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND wireshark-1.12.13-31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-5-2 is installed OR kgraft-patch-3_12_69-60_64_35-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_14-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND ft2demos-2.6.3-7.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information cups-filters-1.0.58-15.2 is installed OR cups-filters-cups-browsed-1.0.58-15.2 is installed OR cups-filters-foomatic-rip-1.0.58-15.2 is installed OR cups-filters-ghostscript-1.0.58-15.2 is installed OR libqpdf18-7.1.1-3.3 is installed OR qpdf-7.1.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND ft2demos-2.6.3-7.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information tomcat-8.0.53-29.27 is installed OR tomcat-admin-webapps-8.0.53-29.27 is installed OR tomcat-docs-webapp-8.0.53-29.27 is installed OR tomcat-el-3_0-api-8.0.53-29.27 is installed OR tomcat-javadoc-8.0.53-29.27 is installed OR tomcat-jsp-2_3-api-8.0.53-29.27 is installed OR tomcat-lib-8.0.53-29.27 is installed OR tomcat-servlet-3_1-api-8.0.53-29.27 is installed OR tomcat-webapps-8.0.53-29.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information gcc9-9.2.1+r275327-1.3 is installed OR libasan5-9.2.1+r275327-1.3 is installed OR libasan5-32bit-9.2.1+r275327-1.3 is installed OR libatomic1-9.2.1+r275327-1.3 is installed OR libatomic1-32bit-9.2.1+r275327-1.3 is installed OR libgcc_s1-9.2.1+r275327-1.3 is installed OR libgcc_s1-32bit-9.2.1+r275327-1.3 is installed OR libgfortran5-9.2.1+r275327-1.3 is installed OR libgfortran5-32bit-9.2.1+r275327-1.3 is installed OR libgo14-9.2.1+r275327-1.3 is installed OR libgo14-32bit-9.2.1+r275327-1.3 is installed OR libgomp1-9.2.1+r275327-1.3 is installed OR libgomp1-32bit-9.2.1+r275327-1.3 is installed OR libitm1-9.2.1+r275327-1.3 is installed OR libitm1-32bit-9.2.1+r275327-1.3 is installed OR liblsan0-9.2.1+r275327-1.3 is installed OR libquadmath0-9.2.1+r275327-1.3 is installed OR libquadmath0-32bit-9.2.1+r275327-1.3 is installed OR libstdc++6-9.2.1+r275327-1.3 is installed OR libstdc++6-32bit-9.2.1+r275327-1.3 is installed OR libstdc++6-locale-9.2.1+r275327-1.3 is installed OR libtsan0-9.2.1+r275327-1.3 is installed OR libubsan1-9.2.1+r275327-1.3 is installed OR libubsan1-32bit-9.2.1+r275327-1.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libasan2-5.3.1+r233831-12 is installed OR libasan2-32bit-5.3.1+r233831-12 is installed OR libffi4-5.3.1+r233831-12 is installed OR libffi4-32bit-5.3.1+r233831-12 is installed OR libmpx0-5.3.1+r233831-12 is installed OR libmpx0-32bit-5.3.1+r233831-12 is installed OR libmpxwrappers0-5.3.1+r233831-12 is installed OR libmpxwrappers0-32bit-5.3.1+r233831-12 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND Package Information ruby2.1-rubygem-puma-2.16.0-4.3 is installed OR rubygem-puma-2.16.0-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information dnsmasq-2.78-18.6 is installed OR dnsmasq-utils-2.78-18.6 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.17.1-11.30 is installed
BACK