Mailinglist Archive: opensuse-updates (46 mails)

< Previous Next >
openSUSE-SU-2014:0949-1: moderate: ntp: adjust default config against distributed denial of service attack
openSUSE Security Update: ntp: adjust default config against distributed
denial of service attack
______________________________________________________________________________

Announcement ID: openSUSE-SU-2014:0949-1
Rating: moderate
References: #857195
Cross-References: CVE-2013-5211
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:


The NTP time service could be used for remote denial of service
amplification attacks.

This issue can be fixed by the administrator as we described in our
security advisory SUSE-SA:2014:001
http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html

and on http://support.novell.com/security/cve/CVE-2013-5211.html

This update now also replaces the default ntp.conf template to fix this
problem.

Please note that if you have touched or modified ntp.conf yourself, it
will not be automatically fixed, you need to merge the changes manually as
described.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-

- openSUSE 12.3:

zypper in -t patch openSUSE-2014-

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

ntp-4.2.6p5-15.5.1
ntp-debuginfo-4.2.6p5-15.5.1
ntp-debugsource-4.2.6p5-15.5.1
ntp-doc-4.2.6p5-15.5.1

- openSUSE 12.3 (i586 x86_64):

ntp-4.2.6p5-9.6.1
ntp-debuginfo-4.2.6p5-9.6.1
ntp-debugsource-4.2.6p5-9.6.1
ntp-doc-4.2.6p5-9.6.1


References:

http://support.novell.com/security/cve/CVE-2013-5211.html
https://bugzilla.novell.com/857195


< Previous Next >
This Thread
  • No further messages