Security update for chrony SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:3868-1 Final 1 1 2025-10-30T13:44:59Z current 2025-10-30T13:44:59Z 2025-10-30T13:44:59Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for chrony This update for chrony fixes the following issues: Security issues fixed: - Race condition during socket creation by chronyc allows privilege escalation from user chrony to root (bsc#1246544). Other issues fixed: - Improve connection retry intervals when facing NTS-KE related issues (bsc#1213551). * nts: use shorter NTS-KE retry interval when network is down. * ntp: don't adjust poll interval when waiting for NTS-KE. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-3868,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3868 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20253868-1/ Link for SUSE-SU-2025:3868-1 https://lists.suse.com/pipermail/sle-security-updates/2025-October/023089.html E-Mail link for SUSE-SU-2025:3868-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1194220 SUSE Bug 1194220 https://bugzilla.suse.com/1194229 SUSE Bug 1194229 https://bugzilla.suse.com/1213551 SUSE Bug 1213551 https://bugzilla.suse.com/1246544 SUSE Bug 1246544 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 chrony-4.1-5.12.1 chrony-4.1-5.12.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5