Oval Definition:	oval:org.opensuse.security:def:59644
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). Family: unix Class: patch Status: Reference(s): 1032680 1040311 1040312 1040313 1048510 1050577 1050578 1050579 1050581 1054028 1055960 1056995 1065276 1066156 1068251 1070428 1071558 1074254 1075724 1076308 1077692 1090023 1090024 1090025 1090026 1090027 1090028 1090029 1090030 1090032 1090033 1106853 1108627 1108637 1110358 1111331 1114592 1135254 1135715 1141897 1142649 1142654 1144903 1148517 1148931 1149145 1149792 1153108 1153158 1153161 1159478 1159479 1159482 1159486 1168930 1169605 1169740 1169786 1169936 1170302 1170741 1170939 1171355 1172651 1173334 1174910 1174913 897422 903543 943457 CVE-2010-2240 CVE-2011-0523 CVE-2011-0524 CVE-2013-1940 CVE-2013-4396 CVE-2013-6424 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2015-0255 CVE-2015-3164 CVE-2015-3418 CVE-2017-11462 CVE-2017-11613 CVE-2017-11624 CVE-2017-11625 CVE-2017-11626 CVE-2017-11627 CVE-2017-12595 CVE-2017-15908 CVE-2017-2624 CVE-2017-7500 CVE-2017-7501 CVE-2017-9208 CVE-2017-9209 CVE-2017-9210 CVE-2017-9935 CVE-2018-1049 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-16335 CVE-2018-17100 CVE-2018-17101 CVE-2018-17795 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2815 CVE-2018-8956 CVE-2019-10220 CVE-2019-11091 CVE-2019-14250 CVE-2019-15847 CVE-2019-17133 CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2020-11008 CVE-2020-11868 CVE-2020-13817 CVE-2020-14361 CVE-2020-14362 CVE-2020-15025 CVE-2020-5260 SUSE-SU-2017:2659-1 SUSE-SU-2018:0299-1 SUSE-SU-2018:3286-1 SUSE-SU-2018:3289-1 SUSE-SU-2019:2345-2 SUSE-SU-2020:0394-1 SUSE-SU-2020:1295-1 SUSE-SU-2020:1805-1 SUSE-SU-2020:2401-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND perl-LWP-Protocol-https-6.06-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information rmt-server-2.3.1-lp151.2.3 is installed OR rmt-server-config-2.3.1-lp151.2.3 is installed OR rmt-server-pubcloud-2.3.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information ntp-4.2.8p15-88 is installed OR ntp-doc-4.2.8p15-88 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libgypsy0-0.9-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information grub2-2.02-11 is installed OR grub2-arm64-efi-2.02-11 is installed OR grub2-i386-pc-2.02-11 is installed OR grub2-powerpc-ieee1275-2.02-11 is installed OR grub2-s390x-emu-2.02-11 is installed OR grub2-snapper-plugin-2.02-11 is installed OR grub2-systemd-sleep-plugin-2.02-11 is installed OR grub2-x86_64-efi-2.02-11 is installed OR grub2-x86_64-xen-2.02-11 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information git-2.26.2-27.36 is installed OR git-core-2.26.2-27.36 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed OR libwebkit2gtk3-lang-2.24.4-2.47 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed OR webkit2gtk3-2.24.4-2.47 is installed
BACK