Security update for dracut
This update for dracut fixes the following issues:
Security issues fixed:
- CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd
would be read-only available for all users, allowing local users to retrieve secrets stored in
the initial ramdisk. (bsc#1008340)
Non security issues fixed:
- Allow booting from degraded MD arrays with systemd. (bsc#1017695)
- Start multipath services before local-fs-pre.target. (bsc#1005410, bsc#1006118, bsc#1007925,
bsc#986734, bsc#986838)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
-
Submitted by
Daniel Molkentin (dmolkentin)
Fixed bugs
bnc#1006118
race condition with root on multipath
bnc#1008340
VUL-1: CVE-2016-8637: dracut: creates world readable initramfs when early cpio is used
bnc#1017695
openSuse 42.2: Boot on broken RAID 1 with missing disk fails. Looks linked to dracut premount hook script (start job running with nolimit timeout)
bnc#1005410
multipath boot race with data on partitions (s390x)
bnc#1007925
lvm/multipath issue (s390x)
bnc#986734
[HPS Bug] sles12sp2 beta3 frequent boots to emergency mode following mount failures
bnc#986838
SLES 12 SP1 - [x86] Multipath hangs (using the multipath -F command)
