OVAL Reference oval:org.opensuse.security:def:58663

Oval Definition:

oval:org.opensuse.security:def:58663

Revision Date:	2020-12-01	Version:	1
Title:	Security update for ntp (Moderate)
Description:	This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed (bsc#1030050): - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock - CVE-2017-6463: Authenticated DoS via Malicious Config Option - CVE-2017-6458: Potential Overflows in ctl_put() functions - CVE-2017-6451: Improper use of snprintf() in mx4200_send() - CVE-2017-6460: Buffer Overflow in ntpq when fetching reslist - CVE-2016-9042: 0rigin (zero origin) DoS. - ntpq_stripquotes() returns incorrect Value - ereallocarray()/eallocarray() underused - Copious amounts of Unused Code - Off-by-one in Oncore GPS Receiver - Makefile does not enforce Security Flags Bugfixes: - Remove spurious log messages (bsc#1014172). - clang scan-build findings - Support for openssl-1.1.0 without compatibility modes - Bugfix 3072 breaks multicastclient - forking async worker: interrupted pipe I/O - (...) time_pps_create: Exec format error - Incorrect Logic for Peer Event Limiting - Change the process name of forked DNS worker - Trap Configuration Fail - Nothing happens if minsane < maxclock < minclock - allow -4/-6 on restrict line with mask - out-of-bound pointers in ctl_putsys and decode_bitflags - Move ntp-kod to /var/lib/ntp, because /var/db is not a standard directory and causes problems for transactional updates.
Family:	unix	Class:	patch
Status:		Reference(s):	1012382 1014172 1030050 1031717 1038505 1045640 1046610 1057734 1070536 1075428 1076033 1076847 1077560 1082153 1082299 1083125 1083745 1083836 1084353 1084610 1084721 1084829 1085042 1085185 1085224 1085402 1085404 1086162 1086194 1087066 1087088 1087260 1087481 1087845 1088241 1088242 1088600 1088684 1089198 1089608 1089644 1089752 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1090338 1090643 1096740 1102682 1103203 1105323 1106119 1106191 1107256 1114459 1116574 1123161 1126463 1130972 1131060 1134399 1139358 1140012 1140652 1140903 1140945 1141401 1141402 1141452 1141453 1141454 1141628 1142023 1142098 1142857 1143045 1143048 1143189 1143191 1144257 1144273 1144288 1144920 1145920 1145922 1146163 1146358 1146359 1167890 1168930 1173369 1174157 1175259 CVE-2011-2485 CVE-2012-3386 CVE-2015-4491 CVE-2015-7552 CVE-2015-7673 CVE-2015-7674 CVE-2016-6352 CVE-2016-8605 CVE-2016-9042 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-18257 CVE-2017-18551 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2018-10087 CVE-2018-10124 CVE-2018-1087 CVE-2018-10902 CVE-2018-10938 CVE-2018-13785 CVE-2018-20855 CVE-2018-20856 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 CVE-2018-3665 CVE-2018-5390 CVE-2018-7740 CVE-2018-8043 CVE-2018-8781 CVE-2018-8822 CVE-2018-8897 CVE-2019-10207 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 CVE-2019-15117 CVE-2019-15118 CVE-2019-17639 CVE-2019-3819 CVE-2019-3880 CVE-2019-8675 CVE-2019-8696 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-15011 CVE-2020-5260 SUSE-SU-2017:1048-1 SUSE-SU-2017:1385-1 SUSE-SU-2018:1173-1 SUSE-SU-2018:1690-1 SUSE-SU-2018:2112-1 SUSE-SU-2018:3933-1 SUSE-SU-2019:2299-1 SUSE-SU-2019:3057-1 SUSE-SU-2020:0992-1 SUSE-SU-2020:2482-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libdmx1-1.1.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information ncat-7.70-lp151.3.9 is installed OR ndiff-7.70-lp151.3.9 is installed OR nmap-7.70-lp151.3.9 is installed OR nping-7.70-lp151.3.9 is installed OR zenmap-7.70-lp151.3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information ntp-4.2.8p10-60 is installed OR ntp-doc-4.2.8p10-60 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libdcerpc-binding0-4.4.2-38.25 is installed OR libdcerpc-binding0-32bit-4.4.2-38.25 is installed OR libdcerpc0-4.4.2-38.25 is installed OR libdcerpc0-32bit-4.4.2-38.25 is installed OR libndr-krb5pac0-4.4.2-38.25 is installed OR libndr-krb5pac0-32bit-4.4.2-38.25 is installed OR libndr-nbt0-4.4.2-38.25 is installed OR libndr-nbt0-32bit-4.4.2-38.25 is installed OR libndr-standard0-4.4.2-38.25 is installed OR libndr-standard0-32bit-4.4.2-38.25 is installed OR libndr0-4.4.2-38.25 is installed OR libndr0-32bit-4.4.2-38.25 is installed OR libnetapi0-4.4.2-38.25 is installed OR libnetapi0-32bit-4.4.2-38.25 is installed OR libsamba-credentials0-4.4.2-38.25 is installed OR libsamba-credentials0-32bit-4.4.2-38.25 is installed OR libsamba-errors0-4.4.2-38.25 is installed OR libsamba-errors0-32bit-4.4.2-38.25 is installed OR libsamba-hostconfig0-4.4.2-38.25 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.25 is installed OR libsamba-passdb0-4.4.2-38.25 is installed OR libsamba-passdb0-32bit-4.4.2-38.25 is installed OR libsamba-util0-4.4.2-38.25 is installed OR libsamba-util0-32bit-4.4.2-38.25 is installed OR libsamdb0-4.4.2-38.25 is installed OR libsamdb0-32bit-4.4.2-38.25 is installed OR libsmbclient0-4.4.2-38.25 is installed OR libsmbclient0-32bit-4.4.2-38.25 is installed OR libsmbconf0-4.4.2-38.25 is installed OR libsmbconf0-32bit-4.4.2-38.25 is installed OR libsmbldap0-4.4.2-38.25 is installed OR libsmbldap0-32bit-4.4.2-38.25 is installed OR libtevent-util0-4.4.2-38.25 is installed OR libtevent-util0-32bit-4.4.2-38.25 is installed OR libwbclient0-4.4.2-38.25 is installed OR libwbclient0-32bit-4.4.2-38.25 is installed OR samba-4.4.2-38.25 is installed OR samba-client-4.4.2-38.25 is installed OR samba-client-32bit-4.4.2-38.25 is installed OR samba-doc-4.4.2-38.25 is installed OR samba-libs-4.4.2-38.25 is installed OR samba-libs-32bit-4.4.2-38.25 is installed OR samba-winbind-4.4.2-38.25 is installed OR samba-winbind-32bit-4.4.2-38.25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gdk-pixbuf-lang-2.34.0-18 is installed OR gdk-pixbuf-query-loaders-2.34.0-18 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-18 is installed OR libgdk_pixbuf-2_0-0-2.34.0-18 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-18 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libupsclient1-2.7.1-1 is installed OR nut-2.7.1-1 is installed OR nut-drivers-net-2.7.1-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed

BACK