{"affected":[],"aliases":[],"details":"\nThe NTP time service could have been used for remote denial of service \namplification attacks.\n\nThis issue can be fixed by the administrator as we described in our \nsecurity advisory SUSE-SA:2014:001\n\nhttp://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html\n<http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html>\n\nand on\n\nhttp://support.novell.com/security/cve/CVE-2013-5211.html\n<http://support.novell.com/security/cve/CVE-2013-5211.html>\n\nthis update now also replaces the default ntp.conf template to fix this \nproblem.\n\nPlease note that if you have touched or modified ntp.conf yourself, it will \nnot be automatically fixed, you need to merge the changes manually as \ndescribed.\n\nAdditionally the following bug has been fixed:\n\n    * ntp start script does not update /var/lib/ntp/etc/localtime file if\n      /etc/localtime is symlink (bnc#838458)\n\nSecurity Issues:\n\n    * CVE-2013-5211\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211>\n\n","id":"SUSE-SU-2015:0259-3","modified":"2014-07-21T14:05:24Z","published":"2014-07-21T14:05:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150259-3/"},{"type":"REPORT","url":"https://bugzilla.suse.com/611513"},{"type":"REPORT","url":"https://bugzilla.suse.com/645356"},{"type":"REPORT","url":"https://bugzilla.suse.com/656345"},{"type":"REPORT","url":"https://bugzilla.suse.com/680301"},{"type":"REPORT","url":"https://bugzilla.suse.com/692969"},{"type":"REPORT","url":"https://bugzilla.suse.com/730374"},{"type":"REPORT","url":"https://bugzilla.suse.com/734467"},{"type":"REPORT","url":"https://bugzilla.suse.com/758253"},{"type":"REPORT","url":"https://bugzilla.suse.com/771480"},{"type":"REPORT","url":"https://bugzilla.suse.com/817893"},{"type":"REPORT","url":"https://bugzilla.suse.com/838458"},{"type":"REPORT","url":"https://bugzilla.suse.com/857195"},{"type":"REPORT","url":"https://bugzilla.suse.com/910764"},{"type":"REPORT","url":"https://bugzilla.suse.com/911792"},{"type":"REPORT","url":"https://bugzilla.suse.com/924202"},{"type":"REPORT","url":"https://bugzilla.suse.com/928321"},{"type":"REPORT","url":"https://bugzilla.suse.com/935409"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-5211"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9293"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9294"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9295"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9297"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9298"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1799"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3405"}],"related":["CVE-2013-5211","CVE-2014-9293","CVE-2014-9294","CVE-2014-9295","CVE-2014-9297","CVE-2014-9298","CVE-2015-1799","CVE-2015-3405"],"summary":"Security update for ntp","upstream":["CVE-2013-5211","CVE-2014-9293","CVE-2014-9294","CVE-2014-9295","CVE-2014-9297","CVE-2014-9298","CVE-2015-1799","CVE-2015-3405"]}