Overview

File _patchinfo of Package patchinfo.40624

<patchinfo incident="40624">
  <issue tracker="bnc" id="1194229">[S:M:22270:261176 chrony] Chrony is pulling in chrony-pool-empty instead of chrony-pool-suse</issue>
  <issue tracker="bnc" id="1246544">VUL-0: chrony: chronyc uses racy socket creation code which allows privilege escalation from chrony to root</issue>
  <issue tracker="bnc" id="1213551">Customer request for chrony TEST packages including specific upstream fixes</issue>
  <issue tracker="bnc" id="1194220">[S:M:22270:261176 chrony] modules/NtpClient.rb:352 Cannot write settings to '/etc/chrony.conf'</issue>
  <packager>rmax</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for chrony</summary>
  <description>This update for chrony fixes the following issues:

Security issues fixed:
  - Race condition during socket creation by chronyc allows privilege escalation from user chrony to root (bsc#1246544).
    
Other issues fixed:
  - Improve connection retry intervals when facing NTS-KE related issues (bsc#1213551).
    * nts: use shorter NTS-KE retry interval when network is down.
    * ntp: don't adjust poll interval when waiting for NTS-KE.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places