Oval Definition:	oval:org.opensuse.security:def:59253
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). Family: unix Class: patch Status: Reference(s): 1072947 1078662 1080740 1084300 1085967 1096449 1104204 1106383 1111331 1113969 1115034 1133495 1139459 1142772 1145692 1146358 1146359 1151377 1151506 1154043 1155574 1156482 1159646 1159814 1162108 1169740 1171352 1171355 1172651 1173334 1173998 1174157 1174662 1176496 1176764 1177943 CVE-2011-0707 CVE-2011-3146 CVE-2013-1881 CVE-2013-7490 CVE-2018-11769 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-16468 CVE-2018-6126 CVE-2018-7738 CVE-2018-8048 CVE-2018-8956 CVE-2019-1010180 CVE-2019-11091 CVE-2019-17571 CVE-2019-20919 CVE-2019-8675 CVE-2019-8696 CVE-2020-11868 CVE-2020-13753 CVE-2020-13817 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-15025 CVE-2020-1712 CVE-2020-9802 CVE-2020-9803 CVE-2020-9805 CVE-2020-9806 CVE-2020-9807 CVE-2020-9843 CVE-2020-9850 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2018:1783-2 SUSE-SU-2019:0390-1 SUSE-SU-2019:0392-1 SUSE-SU-2019:0394-1 SUSE-SU-2019:1235-1 SUSE-SU-2019:2916-1 SUSE-SU-2020:0054-1 SUSE-SU-2020:0331-1 SUSE-SU-2020:1805-1 SUSE-SU-2020:2069-1 SUSE-SU-2020:2232-1 SUSE-SU-2020:2856-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libopenssl1_0_0-1.0.2n-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information nginx-1.14.2-lp151.4.6 is installed OR nginx-source-1.14.2-lp151.4.6 is installed OR vim-plugin-nginx-1.14.2-lp151.4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information ntp-4.2.8p15-88 is installed OR ntp-doc-4.2.8p15-88 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.15-4 is installed OR librsvg-2-2-2.40.15-4 is installed OR librsvg-2-2-32bit-2.40.15-4 is installed OR rsvg-view-2.40.15-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20191112a-13.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND sudo-1.8.20p2-3.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information ghostscript-9.52-23.34 is installed OR ghostscript-x11-9.52-23.34 is installed OR libspectre-0.2.7-12.10 is installed OR libspectre1-0.2.7-12.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libSoundTouch0-1.7.1-5.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.3-2.56 is installed OR libwebkit2gtk-4_0-37-2.28.3-2.56 is installed OR libwebkit2gtk3-lang-2.28.3-2.56 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2-4_0-2.28.3-2.56 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.3-2.56 is installed OR webkit2gtk-4_0-injected-bundles-2.28.3-2.56 is installed OR webkit2gtk3-2.28.3-2.56 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND gdb-8.3.1-2.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
BACK