Oval Definition:	oval:org.opensuse.security:def:60721
Revision Date: 2020-12-01 Version: 1 Title: Security update for ntp (Moderate) Description: This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service (bsc#1169740). - CVE-2018-8956: Fixed an issue which could have allowed remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets (bsc#1171355). - CVE-2020-13817: Fixed an issue which an off-path attacker with the ability to query time from victim's ntpd instance could have modified the victim's clock by a limited amount (bsc#1172651). - CVE-2020-15025: Fixed an issue which remote attacker could have caused denial of service by consuming the memory when a CMAC key was used andassociated with a CMAC algorithm in the ntp.keys (bsc#1173334). Family: unix Class: patch Status: Reference(s): 1009966 1027519 1040311 1040312 1040313 1049092 1050577 1050578 1050579 1050581 1055960 1063269 1078292 1086598 1091107 1094508 1103275 1103276 1103279 1104076 1106263 1111014 1111056 1123156 1146873 1149811 1152497 1154448 1154456 1154458 1154460 1154461 1154464 1155945 1157888 1158003 1158004 1158005 1158006 1158007 1160024 1160467 1160468 1160888 1161066 1163018 1166240 1167068 1168874 1169740 1170558 1170940 1171355 1171363 1172651 1173334 1173580 1175194 1178387 1178666 1178667 1178668 682920 910252 910253 913650 913651 917152 996511 CVE-2014-8116 CVE-2014-8117 CVE-2014-9620 CVE-2014-9621 CVE-2014-9653 CVE-2017-11624 CVE-2017-11625 CVE-2017-11626 CVE-2017-11627 CVE-2017-12595 CVE-2017-9208 CVE-2017-9209 CVE-2017-9210 CVE-2017-9814 CVE-2018-12207 CVE-2018-12472 CVE-2018-15468 CVE-2018-15469 CVE-2018-15470 CVE-2018-17963 CVE-2018-3646 CVE-2018-8048 CVE-2018-8956 CVE-2019-11135 CVE-2019-12068 CVE-2019-14896 CVE-2019-14897 CVE-2019-14907 CVE-2019-15890 CVE-2019-18420 CVE-2019-18421 CVE-2019-18422 CVE-2019-18423 CVE-2019-18424 CVE-2019-18425 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19582 CVE-2019-19583 CVE-2019-6778 CVE-2020-11868 CVE-2020-12108 CVE-2020-12137 CVE-2020-13817 CVE-2020-14350 CVE-2020-15025 CVE-2020-1711 CVE-2020-1983 CVE-2020-25692 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-4044 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6827 CVE-2020-6828 CVE-2020-7039 CVE-2020-8608 SUSE-SU-2017:3048-1 SUSE-SU-2018:1195-1 SUSE-SU-2019:2209-1 SUSE-SU-2019:3297-1 SUSE-SU-2020:0233-1 SUSE-SU-2020:0978-1 SUSE-SU-2020:1301-1 SUSE-SU-2020:1538-1 SUSE-SU-2020:1805-1 SUSE-SU-2020:1991-1 SUSE-SU-2020:3314-1 SUSE-SU-2020:3477-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libsingularity1-2.6.0-lp150.2.3 is installed OR singularity-2.6.0-lp150.2.3 is installed OR singularity-devel-2.6.0-lp150.2.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information pdns-4.1.11-20 is installed OR pdns-backend-geoip-4.1.8-lp151.2.3 is installed OR pdns-backend-godbc-4.1.11-20 is installed OR pdns-backend-ldap-4.1.11-20 is installed OR pdns-backend-lua-4.1.11-20 is installed OR pdns-backend-mydns-4.1.11-20 is installed OR pdns-backend-mysql-4.1.11-20 is installed OR pdns-backend-postgresql-4.1.11-20 is installed OR pdns-backend-remote-4.1.11-20 is installed OR pdns-backend-sqlite3-4.1.11-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information file-5.22-10.3 is installed OR file-magic-5.22-10.3 is installed OR libmagic1-5.22-10.3 is installed OR libmagic1-32bit-5.22-10.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mailman-2.1.17-3.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information xen-4.9.4_06-3.59 is installed OR xen-doc-html-4.9.4_06-3.59 is installed OR xen-libs-4.9.4_06-3.59 is installed OR xen-libs-32bit-4.9.4_06-3.59 is installed OR xen-tools-4.9.4_06-3.59 is installed OR xen-tools-domU-4.9.4_06-3.59 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-filters-1.0.58-19.2 is installed OR cups-filters-cups-browsed-1.0.58-19.2 is installed OR cups-filters-foomatic-rip-1.0.58-19.2 is installed OR cups-filters-ghostscript-1.0.58-19.2 is installed OR libqpdf18-7.1.1-3.3 is installed OR qpdf-7.1.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information coreutils-8.25-13.7 is installed OR coreutils-lang-8.25-13.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libX11-1.6.2-12.12 is installed OR libX11-6-1.6.2-12.12 is installed OR libX11-6-32bit-1.6.2-12.12 is installed OR libX11-data-1.6.2-12.12 is installed OR libX11-xcb1-1.6.2-12.12 is installed OR libX11-xcb1-32bit-1.6.2-12.12 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ntp-4.2.8p15-88 is installed OR ntp-doc-4.2.8p15-88 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-loofah-2.0.2-3.8 is installed OR rubygem-loofah-2.0.2-3.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Twisted-15.2.1-9.5 is installed
BACK