Oval Definition:oval:org.opensuse.security:def:59400
Revision Date:2020-12-01Version:1
Title:Security update for ntp (Moderate)
Description:

This update for ntp fixes the following issues:

- Update to 4.2.8p11 (bsc#1082210): * CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. * CVE-2018-7182: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak. (bsc#1083426) * CVE-2018-7170: Multiple authenticated ephemeral associations. (bsc#1083424) * CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state. (bsc#1083422) * CVE-2018-7185: Unauthenticated packet can reset authenticated interleaved association. (bsc#1083420) * CVE-2018-7183: ntpq:decodearr() can write beyond its buffer limit.(bsc#1083417) - Don't use libevent's cached time stamps in sntp. (bsc#1077445)

This update is a reissue of the previous update with LTSS channels included.
Family:unixClass:patch
Status:Reference(s):1006984
1006989
1037811
1077330
1077445
1082063
1082210
1083417
1083420
1083422
1083424
1083426
1094291
1097356
1097560
1097824
1103809
1103810
1104076
1106119
1129180
1131060
1131863
1134156
1140359
1140868
1146882
1146884
1149496
1150733
1158763
1160968
1162972
1163927
1163959
1163969
1164692
1172402
1174910
1174913
977043
CVE-2012-2141
CVE-2014-2284
CVE-2014-2285
CVE-2014-3565
CVE-2015-0254
CVE-2015-5621
CVE-2016-1549
CVE-2018-0739
CVE-2018-12470
CVE-2018-12471
CVE-2018-12472
CVE-2018-5848
CVE-2018-7170
CVE-2018-7182
CVE-2018-7183
CVE-2018-7184
CVE-2018-7185
CVE-2019-11709
CVE-2019-11711
CVE-2019-11712
CVE-2019-11713
CVE-2019-11715
CVE-2019-11717
CVE-2019-11719
CVE-2019-11729
CVE-2019-11730
CVE-2019-12973
CVE-2019-14559
CVE-2019-14563
CVE-2019-14575
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
CVE-2019-14817
CVE-2019-18900
CVE-2019-3689
CVE-2019-3835
CVE-2019-3839
CVE-2019-3880
CVE-2019-5482
CVE-2019-9811
CVE-2020-12405
CVE-2020-12406
CVE-2020-12410
CVE-2020-14361
CVE-2020-14362
CVE-2020-1938
CVE-2020-2583
CVE-2020-2593
CVE-2020-2604
CVE-2020-2659
SUSE-SU-2018:1765-2
SUSE-SU-2018:2898-2
SUSE-SU-2019:1195-1
SUSE-SU-2019:1861-1
SUSE-SU-2019:2339-2
SUSE-SU-2019:2478-1
SUSE-SU-2019:2781-1
SUSE-SU-2020:0079-2
SUSE-SU-2020:0456-1
SUSE-SU-2020:0495-1
SUSE-SU-2020:0725-1
SUSE-SU-2020:1563-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp150.1 is installed
  • OR dbus-1-x11-1.12.2-lp150.1 is installed
  • OR libdbus-1-3-1.12.2-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libcryptopp-5.6.5-lp151.3.3 is installed
  • OR libcryptopp-devel-5.6.5-lp151.3.3 is installed
  • OR libcryptopp5_6_5-5.6.5-lp151.3.3 is installed
  • OR libcryptopp5_6_5-32bit-5.6.5-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p11-64.5 is installed
  • OR ntp-doc-4.2.8p11-64.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • jakarta-taglibs-standard-1.1.1-255 is installed
  • OR jakarta-taglibs-standard-javadoc-1.1.1-255 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • qemu-2.9.1-6.19 is installed
  • OR qemu-block-curl-2.9.1-6.19 is installed
  • OR qemu-block-iscsi-2.9.1-6.19 is installed
  • OR qemu-block-rbd-2.9.1-6.19 is installed
  • OR qemu-block-ssh-2.9.1-6.19 is installed
  • OR qemu-guest-agent-2.9.1-6.19 is installed
  • OR qemu-ipxe-1.0.0-6.19 is installed
  • OR qemu-kvm-2.9.1-6.19 is installed
  • OR qemu-lang-2.9.1-6.19 is installed
  • OR qemu-seabios-1.10.2-6.19 is installed
  • OR qemu-sgabios-8-6.19 is installed
  • OR qemu-tools-2.9.1-6.19 is installed
  • OR qemu-vgabios-1.10.2-6.19 is installed
  • OR qemu-x86-2.9.1-6.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bind-9.11.2-1 is installed
  • OR bind-chrootenv-9.11.2-1 is installed
  • OR bind-doc-9.11.2-1 is installed
  • OR bind-utils-9.11.2-1 is installed
  • OR libbind9-160-9.11.2-1 is installed
  • OR libdns169-9.11.2-1 is installed
  • OR libirs160-9.11.2-1 is installed
  • OR libisc166-9.11.2-1 is installed
  • OR libisc166-32bit-9.11.2-1 is installed
  • OR libisccc160-9.11.2-1 is installed
  • OR libisccfg160-9.11.2-1 is installed
  • OR liblwres160-9.11.2-1 is installed
  • OR python-bind-9.11.2-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • BACK