{"affected":[{"ecosystem_specific":{"binaries":[{"ntp":"4.2.8p13-46.32.1","ntp-doc":"4.2.8p13-46.32.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","name":"ntp","purl":"pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.2.8p13-46.32.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ntp fixes the following issues:\n\t  \nSecurity issue fixed: \t  \n\n- CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause \n  segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed:\n\n- Fixed several bugs in the BANCOMM reclock driver.\n- Fixed ntp_loopfilter.c snprintf compilation warnings.\n- Fixed spurious initgroups() error message.\n- Fixed STA_NANO struct timex units.\n- Fixed GPS week rollover in libparse.\n- Fixed incorrect poll interval in packet.\n- Added a missing check for ENABLE_CMAC.\n","id":"SUSE-SU-2019:0775-1","modified":"2019-03-27T10:38:39Z","published":"2019-03-27T10:38:39Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190775-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1128525"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8936"}],"related":["CVE-2019-8936"],"summary":"Security update for ntp","upstream":["CVE-2019-8936"]}