SUSE-SU-2016:1311-1

Source
https://www.suse.com/support/update/announcement/2016/suse-su-20161311-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:1311-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2016:1311-1
Related
Published
2016-05-17T09:29:35Z
Modified
2016-05-17T09:29:35Z
Summary
Security update for ntp
Details

This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues:

Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)

Major functional changes: - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added during update to ntp.conf to allow sntp to work. - The local clock is being disabled during update. - ntpd is no longer running chrooted.

Other functional changes: - ntp-signd is installed. - 'enable mode7' can be added to the configuration to allow ntdpc to work as compatibility mode option. - 'kod' was removed from the default restrictions. - SHA1 keys are used by default instead of MD5 keys.

These security issues were fixed: - CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216). - CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966). - CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002). - CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784). - CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000). - CVE-2015-7977: reslist NULL pointer dereference (bsc#962970). - CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802). - CVE-2015-7975: nextvar() missing length check (bsc#962988). - CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960). - CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995). - CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994). - CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997). - CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629). - CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608). - CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608). - CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608). - CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608). - CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608). - CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608). - CVE-2015-7850: remote config logfile-keyfile (bsc#951608). - CVE-2015-7849: trusted key use-after-free (bsc#951608). - CVE-2015-7848: mode 7 loop counter underrun (bsc#951608). - CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608). - CVE-2015-7703: configuration directives 'pidfile' and 'driftfile' should only be allowed locally (bsc#951608). - CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608). - CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).

These non-security issues were fixed: - fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd). This replaces the w32 patches in 4.2.4 that added the authreg directive. - bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd. When run as cron job, /usr/sbin/ is not in the path, which caused the synchronization to fail. - bsc#782060: Speedup ntpq. - bsc#916617: Add /var/db/ntp-kod. - bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems. - bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST. - Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted. - Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq. - bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution. - bsc#905885: Use SHA1 instead of MD5 for symmetric keys. - Improve runtime configuration: * Read keytype from ntp.conf * Don't write ntp keys to syslog. - Fix legacy action scripts to pass on command line arguments. - bsc#944300: Remove 'kod' from the restrict line in ntp.conf. - bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd. - Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser. - Disable mode 7 (ntpdc) again, now that we don't use it anymore. - Add 'addserver' as a new legacy action. - bsc#910063: Fix the comment regarding addserver in ntp.conf. - bsc#926510: Disable chroot by default. - bsc#920238: Enable ntpdc for backwards compatibility. - bsc#784760: Remove local clock from default configuration. - bsc#942441/fate#319496: Require perl-Socket6. - Improve runtime configuration: * Read keytype from ntp.conf * Don't write ntp keys to syslog. - bsc#920183: Allow -4 and -6 address qualifiers in 'server' directives. - Use upstream ntp-wait, because our version is incompatible with the new ntpq command line syntax.

References

Affected packages

SUSE:OpenStack Cloud 5 / ntp

Package

Name
ntp
Purl
pkg:rpm/suse/ntp&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.8p6-41.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}

SUSE:Manager 2.1 / ntp

Package

Name
ntp
Purl
pkg:rpm/suse/ntp&distro=SUSE%20Manager%202.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.8p6-41.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}

SUSE:Manager Proxy 2.1 / ntp

Package

Name
ntp
Purl
pkg:rpm/suse/ntp&distro=SUSE%20Manager%20Proxy%202.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.8p6-41.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / ntp

Package

Name
ntp
Purl
pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.8p6-41.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "yast2-ntp-client": "2.17.14.1-1.12.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / yast2-ntp-client

Package

Name
yast2-ntp-client
Purl
pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.14.1-1.12.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "yast2-ntp-client": "2.17.14.1-1.12.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-LTSS / ntp

Package

Name
ntp
Purl
pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.8p6-41.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / ntp

Package

Name
ntp
Purl
pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.8p6-41.1

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p6-41.1",
            "ntp": "4.2.8p6-41.1"
        }
    ]
}