This ntp update fixes the following critical security issue:
* A potential remote code execution problem was found inside ntpd. The
functions crypto_recv() (when using autokey authentication) and
ctl_putdata() where updated to avoid buffer overflows that could
have been exploited. (CVE-2014-9295 / VU#852879)
Security Issues:
* CVE-2014-9295
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295</a>>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server LTSS | 11.1 | x86_64 | ntp-doc | < 4.2.4p8-1.28.1 | ntp-doc-4.2.4p8-1.28.1.x86_64.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | i586 | ntp | < 4.2.4p8-1.28.1 | ntp-4.2.4p8-1.28.1.i586.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | x86_64 | ntp | < 4.2.4p8-1.28.1 | ntp-4.2.4p8-1.28.1.x86_64.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | s390x | ntp-doc | < 4.2.4p8-1.28.1 | ntp-doc-4.2.4p8-1.28.1.s390x.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | i586 | ntp-doc | < 4.2.4p8-1.28.1 | ntp-doc-4.2.4p8-1.28.1.i586.rpm |
SUSE Linux Enterprise Server LTSS | 11.1 | s390x | ntp | < 4.2.4p8-1.28.1 | ntp-4.2.4p8-1.28.1.s390x.rpm |