Novell Open Enterprise Server 11 SP2 (OES11SP2)
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Novell Open Enterprise Server 11 (OES11)
Novell Open Enterprise Server 2 SP3 (OES2SP3)
Domain Services for Windows
A potential remote code execution problem was found inside ntpd. The functions crypto_recv() (when using autokey authentication) and ctl_putdata() where updated to avoid buffer overflows that could be exploited. (CVE-2014-9295
Apply the latest ntp patch to address this security issue.
NTP version 4.2.4p8 or greater
Date of the patch should be Friday Dec 19th 2014 or greater
Example to apply the patch and look at the patch information for OES11SP2/SLES11SP3
To apply the patch:
zypper up -t patch slessp3-ntp
Loading repository data...
Reading installed packages...
Resolving package dependencies...
The following NEW patch is going to be installed:
The following package is going to be upgraded:
1 package to upgrade.
Overall download size: 464.0 KiB. No additional space will be used or freed after the operation.
Continue? [y/n/? shows all options] (y): y
Retrieving package ntp-4.2.4p8-1.28.1.x86_64 (1/1), 464.0 KiB (1.6 MiB unpacked)
Retrieving: ntp-4.2.4p8-1.28.1.x86_64.rpm [done]
Installing: ntp-4.2.4p8-1.28.1 [done]
Additional rpm output:
To view the patch info:
zypper patch-info slessp3-ntp
Information for patch slessp3-ntp:
Created On: Fri Dec 19 13:49:40 2014
Reboot Required: No
Package Manager Restart Required: No
Summary: Security update for ntp
This ntp update fixes the following critical security issue:
* A potential remote code execution problem was found inside ntpd. The
functions crypto_recv() (when using autokey authentication) and
ctl_putdata() where updated to avoid buffer overflows that could have
been exploited. (CVE-2014-9295 / VU#852879)
patch:slessp3-ntp == 10117
ntp.x86_64 < 4.2.4p8-1.28.1
ntp-doc.x86_64 < 4.2.4p8-1.28.1
For OES2SP3 the package is xntp
Change the version to apply the patch for versions other than SLES 11 SP3.
To apply the patch on OES11SP1/SLES11SP2
zypper up -t patch slessp2-ntp
To apply the patch on OES11/SLES11SP1
zypper up -t patch slessp1-ntp
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.