Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2022:0845-2 Moderate: Chrony Update For NTP Security Issue

suse
Calendar Grey April 19, 2022
Dist Suse Esm H88
SUSE has rolled out an important chrony update that mitigates a moderate security vulnerability, incorporating one resolution along with enhanced functionalities.
An update that solves one vulnerability, contains one feature and has 12 fixes is now available

Summary

This update for chrony fixes the following issues: Chrony was updated to 4.1, bringing features and bugfixes. Update to 4.1 * Add support for NTS servers specified by IP address (matching Subject Alternative Name in server certificate) * Add source-specific configuration of trusted certificates * Allow multiple files and directories with trusted certificates * Allow multiple pairs of server keys and certificates * Add copy option to server/pool directive * Increase PPS lock limit to 40% of pulse interval * Perform source selection immediately after loading dump files * Reload dump files for addresses negotiated by NTS-KE server * Update seccomp filter and add less restrictive level * Restart ongoing name resolution on online command * Fix dump files to not include uncorrected offset

Topics%20covered

Topics Covered

security advisory moderate security issue update SUSE Linux NTP chrony

References

#1099272 #1115529 #1128846 #1162964 #1172113

#1173277 #1174075 #1174911 #1180689 #1181826

#1187906 #1190926 #1194229 SLE-17334

Cross- CVE-2020-14367

CVSS scores:

CVE-2020-14367 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVE-2020-14367 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Affected Products:

SUSE Linux Enterprise Micro 5.2

https://www.suse.com/security/cve/CVE-2020-14367.html

https://bugzilla.suse.com/1099272

https://bugzilla.suse.com/1115529

https://bugzilla.suse.com/1128846

https://bugzilla.suse.com/1162964

https://bugzilla.suse.com/1172113

https://bugzilla.suse.com/1173277

https://bugzilla.suse.com/1174075

https://bugzilla.suse.com/1174911

https://bugzilla.suse.com/1180689

Announcement ID: SUSE-SU-2022:0845-2
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security issue update SUSE Linux NTP chrony

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here