Oval Definition:	oval:org.opensuse.security:def:58296
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). Family: unix Class: patch Status: Reference(s): 1011276 1049302 1049305 1049306 1049307 1049308 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1070727 1083125 1085447 1090368 1090646 1090869 1111331 1122292 1122293 1122299 1127223 1127308 1128158 1128574 1130103 1132665 1133191 1133528 1136446 1136935 1137597 1139083 1154609 1158763 1166238 1169740 1169947 1171355 1172651 1173334 1174633 1174635 1174638 1174910 1174913 1178038 985657 CVE-2009-5155 CVE-2016-3189 CVE-2016-9427 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10078 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-13166 CVE-2017-17083 CVE-2017-17084 CVE-2017-17085 CVE-2018-1087 CVE-2018-11212 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-1890 CVE-2018-8781 CVE-2018-8897 CVE-2018-8956 CVE-2019-11091 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-12900 CVE-2019-18197 CVE-2019-18900 CVE-2019-20503 CVE-2019-2422 CVE-2019-2449 CVE-2019-3846 CVE-2019-3859 CVE-2019-9169 CVE-2020-11868 CVE-2020-13817 CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 CVE-2020-14361 CVE-2020-14362 CVE-2020-15025 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 SUSE-SU-2016:3057-1 SUSE-SU-2017:2175-1 SUSE-SU-2017:3436-1 SUSE-SU-2018:1524-1 SUSE-SU-2019:0617-1 SUSE-SU-2019:1060-1 SUSE-SU-2019:1296-1 SUSE-SU-2020:0717-1 SUSE-SU-2020:0920-2 SUSE-SU-2020:1805-1 SUSE-SU-2020:2331-1 SUSE-SU-2020:2401-1 SUSE-SU-2020:3367-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gcab-1.1-lp150.1 is installed OR gcab-lang-1.1-lp150.1 is installed OR libgcab-1_0-0-1.1-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-75.0.3770.90-2 is installed OR chromium-75.0.3770.90-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gc-7.2d-5 is installed OR libgc1-7.2d-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20190514-13.44 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_92-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_24-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_32-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND squid-3.5.21-26.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libjavascriptcoregtk-3_0-0-2.4.11-23 is installed OR libwebkitgtk-3_0-0-2.4.11-23 is installed OR libwebkitgtk3-lang-2.4.11-23 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ntp-4.2.8p15-88 is installed OR ntp-doc-4.2.8p15-88 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-PyKMIP-0.6.0-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND couchdb-1.7.2-3.3 is installed
BACK