openSUSE-SU-2024:0300-1

Опубликовано: 11 сент. 2024

Источник: suse-cvrf

Описание

Security update for ntpd-rs

This update for ntpd-rs fixes the following issues:

Introducing ntpd-rs version 1.2.3

Список пакетов

SUSE Package Hub 15 SP6

ntpd-rs-1.2.3-bp156.2.1

ntpd-rs-common-1.2.3-bp156.2.1

openSUSE Leap 15.6

ntpd-rs-1.2.3-bp156.2.1

ntpd-rs-common-1.2.3-bp156.2.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/A4WLTGLBBW3Y5MPISZ6SZKGQOAP2L2GN/
E-Mail link for openSUSE-SU-2024:0300-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://www.suse.com/security/cve/CVE-2024-38528/
SUSE CVE CVE-2024-38528 page

Описание

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. This vulnerability has been patched in version 1.1.3.

Затронутые продукты

SUSE Package Hub 15 SP6:ntpd-rs-1.2.3-bp156.2.1

SUSE Package Hub 15 SP6:ntpd-rs-common-1.2.3-bp156.2.1

openSUSE Leap 15.6:ntpd-rs-1.2.3-bp156.2.1

openSUSE Leap 15.6:ntpd-rs-common-1.2.3-bp156.2.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-38528.html
CVE-2024-38528

openSUSE-SU-2024:0300-1

Описание

Список пакетов

SUSE Package Hub 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-38528

Описание

Затронутые продукты

Ссылки