SUSE-SU-2016:1602-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2016/suse-su-20161602-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:1602-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2016:1602-1

Related

Published

2016-06-17T09:07:40Z

Modified

2016-06-17T09:07:40Z

Summary

Security update for ntp

Details

ntp was updated to version 4.2.8p8 to fix five security issues.

These security issues were fixed: - CVE-2016-4953: Bad authentication demobilizes ephemeral associations (bsc#982065). - CVE-2016-4954: Processing spoofed server packets (bsc#982066). - CVE-2016-4955: Autokey association reset (bsc#982067). - CVE-2016-4956: Broadcast interleave (bsc#982068). - CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).

These non-security issues were fixed: - Keep the parent process alive until the daemon has finished initialisation, to make sure that the PID file exists when the parent returns. - bsc#979302: Change the process name of the forking DNS worker process to avoid the impression that ntpd is started twice. - bsc#981422: Don't ignore SIGCHILD because it breaks wait().

References

Affected packages

SUSE:OpenStack Cloud 5 / ntp

Package

Name: ntp
Purl: pkg:rpm/suse/ntp&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.8p8-47.3

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p8-47.3",
            "ntp": "4.2.8p8-47.3"
        }
    ]
}

SUSE:Manager 2.1 / ntp

Package

Name: ntp
Purl: pkg:rpm/suse/ntp&distro=SUSE%20Manager%202.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.8p8-47.3

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p8-47.3",
            "ntp": "4.2.8p8-47.3"
        }
    ]
}

SUSE:Manager Proxy 2.1 / ntp

Package

Name: ntp
Purl: pkg:rpm/suse/ntp&distro=SUSE%20Manager%20Proxy%202.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.8p8-47.3

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p8-47.3",
            "ntp": "4.2.8p8-47.3"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP2-LTSS / ntp

Package

Name: ntp
Purl: pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.8p8-47.3

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p8-47.3",
            "ntp": "4.2.8p8-47.3"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-LTSS / ntp

Package

Name: ntp
Purl: pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.8p8-47.3

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p8-47.3",
            "ntp": "4.2.8p8-47.3"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / ntp

Package

Name: ntp
Purl: pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.2.8p8-47.3

Ecosystem specific

{
    "binaries": [
        {
            "ntp-doc": "4.2.8p8-47.3",
            "ntp": "4.2.8p8-47.3"
        }
    ]
}