Описание
Security update for ntp
This update for ntp fixes the following issues:
Security issue fixed:
- CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).
Other issues addressed:
- Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182).
- Fixed several bugs in the BANCOMM reclock driver.
- Fixed ntp_loopfilter.c snprintf compilation warnings.
- Fixed spurious initgroups() error message.
- Fixed STA_NANO struct timex units.
- Fixed GPS week rollover in libparse.
- Fixed incorrect poll interval in packet.
- Added a missing check for ENABLE_CMAC.
Список пакетов
SUSE Linux Enterprise Server 11 SP4
ntp-4.2.8p13-64.13.1
ntp-doc-4.2.8p13-64.13.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
ntp-4.2.8p13-64.13.1
ntp-doc-4.2.8p13-64.13.1
Ссылки
- Link for SUSE-SU-2019:13991-1
- E-Mail link for SUSE-SU-2019:13991-1
- SUSE Security Ratings
- SUSE Bug 1001182
- SUSE Bug 1128525
- SUSE CVE CVE-2019-8936 page
Описание
NTP through 4.2.8p12 has a NULL Pointer Dereference.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p13-64.13.1
SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p13-64.13.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p13-64.13.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p13-64.13.1
Ссылки
- CVE-2019-8936
- SUSE Bug 1128525
- SUSE Bug 1148892
- SUSE Bug 1155513