We are supporting SLES 11 SP3 LTSS systems and proactively monitor the security update advisories for newly discovered vulnerabilities and fixes. So far we have been filtering the list based on Affected Products but since SP3 went out of general support end of Jan, we are concerned that the we may "miss" some advisories which impact this particular version. In other words, can you confirm that the "Affected Products" list for each advisory is complete and full representation of the scope for the vulnerability in question? For example the recent ntp vulnerability has listed only SLES SP4 as affected product, can we assume than it is NOT applicable for SP3?
Thank you for a swift answer!