Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2022:0845-1 Moderate: Chrony Security Fix for Time Sync

suse
Calendar Grey March 15, 2022
Dist Suse Esm H88
New release out for chrony on SUSE, addressing several moderate vulnerabilities, improving time alignment capabilities and overall system protection.
An update that solves one vulnerability, contains one feature and has 12 fixes is now available

Summary

This update for chrony fixes the following issues: Chrony was updated to 4.1, bringing features and bugfixes. Update to 4.1 * Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate) * Add source-specific configuration of trusted certificates * Allow multiple files and directories with trusted certificates * Allow multiple pairs of server keys and certificates * Add copy option to server/pool directive * Increase PPS lock limit to 40% of pulse interval * Perform source selection immediately after loading dump files * Reload dump files for addresses negotiated by NTS-KE server * Update seccomp filter and add less restrictive level * Restart ongoing name resolution on online command * Fix dump files to not include uncorrected offset

Topics%20covered

Topics Covered

security advisory moderate update security fix SUSE time synchronization chrony

References

#1099272 #1115529 #1128846 #1162964 #1172113

#1173277 #1174075 #1174911 #1180689 #1181826

#1187906 #1190926 #1194229 SLE-17334

Cross- CVE-2020-14367

CVSS scores:

CVE-2020-14367 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVE-2020-14367 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Affected Products:

SUSE Linux Enterprise Desktop 15-SP3

SUSE Linux Enterprise High Performance Computing 15-SP3

SUSE Linux Enterprise Installer 15-SP3

SUSE Linux Enterprise Micro 5.0

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Module for Basesystem 15-SP3

SUSE Linux Enterprise Realtime Extension 15-SP2

SUSE Linux Enterprise Server 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15-SP3

SUSE Manage...

Read the Full Advisory

Announcement ID: SUSE-SU-2022:0845-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update security fix SUSE time synchronization chrony

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here