Oval Definition:oval:org.opensuse.security:def:59644
Revision Date:2020-12-01Version:1
Title:Security update for ntp (Moderate)
Description:

This update for ntp fixes the following issues:

ntp was updated to 4.2.8p15

- CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334).
Family:unixClass:patch
Status:Reference(s):1032680
1040311
1040312
1040313
1048510
1050577
1050578
1050579
1050581
1054028
1055960
1056995
1065276
1066156
1068251
1070428
1071558
1074254
1075724
1076308
1077692
1090023
1090024
1090025
1090026
1090027
1090028
1090029
1090030
1090032
1090033
1106853
1108627
1108637
1110358
1111331
1114592
1135254
1135715
1141897
1142649
1142654
1144903
1148517
1148931
1149145
1149792
1153108
1153158
1153161
1159478
1159479
1159482
1159486
1168930
1169605
1169740
1169786
1169936
1170302
1170741
1170939
1171355
1172651
1173334
1174910
1174913
897422
903543
943457
CVE-2010-2240
CVE-2011-0523
CVE-2011-0524
CVE-2013-1940
CVE-2013-4396
CVE-2013-6424
CVE-2014-8091
CVE-2014-8092
CVE-2014-8093
CVE-2014-8094
CVE-2014-8095
CVE-2014-8096
CVE-2014-8097
CVE-2014-8098
CVE-2014-8099
CVE-2014-8100
CVE-2014-8101
CVE-2014-8102
CVE-2014-8103
CVE-2015-0255
CVE-2015-3164
CVE-2015-3418
CVE-2017-11462
CVE-2017-11613
CVE-2017-11624
CVE-2017-11625
CVE-2017-11626
CVE-2017-11627
CVE-2017-12595
CVE-2017-15908
CVE-2017-2624
CVE-2017-7500
CVE-2017-7501
CVE-2017-9208
CVE-2017-9209
CVE-2017-9210
CVE-2017-9935
CVE-2018-1049
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-16335
CVE-2018-17100
CVE-2018-17101
CVE-2018-17795
CVE-2018-2790
CVE-2018-2794
CVE-2018-2795
CVE-2018-2796
CVE-2018-2797
CVE-2018-2798
CVE-2018-2799
CVE-2018-2800
CVE-2018-2814
CVE-2018-2815
CVE-2018-8956
CVE-2019-10220
CVE-2019-11091
CVE-2019-14250
CVE-2019-15847
CVE-2019-17133
CVE-2019-18388
CVE-2019-18389
CVE-2019-18390
CVE-2019-18391
CVE-2019-8595
CVE-2019-8607
CVE-2019-8615
CVE-2019-8644
CVE-2019-8649
CVE-2019-8658
CVE-2019-8666
CVE-2019-8669
CVE-2019-8671
CVE-2019-8672
CVE-2019-8673
CVE-2019-8676
CVE-2019-8677
CVE-2019-8678
CVE-2019-8679
CVE-2019-8680
CVE-2019-8681
CVE-2019-8683
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2020-11008
CVE-2020-11868
CVE-2020-13817
CVE-2020-14361
CVE-2020-14362
CVE-2020-15025
CVE-2020-5260
SUSE-SU-2017:2659-1
SUSE-SU-2018:0299-1
SUSE-SU-2018:3286-1
SUSE-SU-2018:3289-1
SUSE-SU-2019:2345-2
SUSE-SU-2020:0394-1
SUSE-SU-2020:1295-1
SUSE-SU-2020:1805-1
SUSE-SU-2020:2401-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND perl-LWP-Protocol-https-6.06-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • rmt-server-2.3.1-lp151.2.3 is installed
  • OR rmt-server-config-2.3.1-lp151.2.3 is installed
  • OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p15-88 is installed
  • OR ntp-doc-4.2.8p15-88 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libgypsy0-0.9-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND ucode-intel-20190618-13.47 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND ucode-intel-20190618-13.47 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • grub2-2.02-11 is installed
  • OR grub2-arm64-efi-2.02-11 is installed
  • OR grub2-i386-pc-2.02-11 is installed
  • OR grub2-powerpc-ieee1275-2.02-11 is installed
  • OR grub2-s390x-emu-2.02-11 is installed
  • OR grub2-snapper-plugin-2.02-11 is installed
  • OR grub2-systemd-sleep-plugin-2.02-11 is installed
  • OR grub2-x86_64-efi-2.02-11 is installed
  • OR grub2-x86_64-xen-2.02-11 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • git-2.26.2-27.36 is installed
  • OR git-core-2.26.2-27.36 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
  • BACK