Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.285
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.285
<patchinfo incident="285"> <issue id="910764" tracker="bnc">VUL-0: CVE-2014-9295: ntp: VU#852879: remote buffer overflow and weak cryptography</issue> <issue id="CVE-2014-9296" tracker="cve" /> <issue id="CVE-2014-9295" tracker="cve" /> <category>security</category> <rating>critical</rating> <packager>rmax</packager> <description> The network timeservice ntp was updated to fix critical security issues (bnc#910764, CERT VU#852879) * A potential remote code execution problem was found inside ntpd. The functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure() where updated to avoid buffer overflows that could be exploited. (CVE-2014-9295) * Furthermore a problem inside the ntpd error handling was found that is missing a return statement. This could also lead to a potentially attack vector. (CVE-2014-9296) </description> <summary>Security update for ntp</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor