SUSE: 2021:4147-1 Moderate: Chrony NTP Update and Security Patch
suse
December 22, 2021
An update that solves one vulnerability, contains three features and has 22 fixes is now available
Summary
This update for chrony fixes the following issues: Chrony was updated to 4.1: * Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate) * Add source-specific configuration of trusted certificates * Allow multiple files and directories with trusted certificates * Allow multiple pairs of server keys and certificates * Add copy option to server/pool directive * Increase PPS lock limit to 40% of pulse interval * Perform source selection immediately after loading dump files * Reload dump files for addresses negotiated by NTS-KE server * Update seccomp filter and add less restrictive level * Restart ongoing name resolution on online command * Fix dump files to not include uncorrected offset * Fix initstepslew to accept time from own NTP clients
References
#1063704 #1069468 #1082318 #1083597 #1099272
#1115529 #1128846 #1156884 #1159840 #1161119
#1162964 #1171806 #1172113 #1173277 #1173760
#1174075 #1174911 #1180689 #1181826 #1183783
#1184400 #1187906 #1190926 SLE-11424 SLE-22248
SLE-22292
Cross- CVE-2020-14367
CVSS scores:
CVE-2020-14367 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVE-2020-14367 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Affected Products:
SUSE OpenStack Cloud Crowbar 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud 8
SUSE Linux Enterprise Server for SAP 12-SP4
SUSE Linux Enterprise Server for SAP 12-SP3
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server 12-SP4...
Read the Full Advisory
PREVIOUS
NEXT
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!