File _patchinfo of Package patchinfo.2528
<patchinfo incident="2528">
<issue id="959709" tracker="bnc">VUL-0: kernel: privilege escalation in user namespaces</issue>
<issue id="963767" tracker="bnc">VUL-0: CVE-2016-2069: kernel: race condition in the TLB flush logic</issue>
<issue id="958886" tracker="bnc">VUL-1: CVE-2015-8543: kernel-source: connect IPv6/SOCK_RAW connect causes a denial of service</issue>
<issue id="963765" tracker="bnc">VUL-0: CVE-2015-8785: kernel: fuse: possible denial of service in fuse_fill_write_pages()</issue>
<issue id="972174" tracker="bnc">VUL-1: CVE-2015-8839: kernel: ext4 data corruption due to punch hole races</issue>
<issue id="971124" tracker="bnc">VUL-1: CVE-2016-2185: kernel: Kernel panic on invalid USB device descriptor (ati_remote2 driver)</issue>
<issue id="971125" tracker="bnc">VUL-1: CVE-2016-2184: kernel: Kernel panic on invalid USB device descriptor (snd_usb_audio driver)</issue>
<issue id="962075" tracker="bnc">VUL-0: CVE-2016-0728: kernel: Use-after-free vulnerability in keyring facility</issue>
<issue id="958951" tracker="bnc">VUL-0: CVE-2015-7550: kernel: User triggerable crash from race between key read and rey revoke</issue>
<issue id="971360" tracker="bnc">VUL-0: CVE-2016-3156: kernel-source: ipv4: denial of service when destroying a network interface</issue>
<issue id="973378" tracker="bnc">[syzkaller] snd_timer BUG: KASAN: use-after-free in snd_timer_interrupt</issue>
<issue id="954876" tracker="bnc">Sound burst when initiating Plasma 5 Desktop</issue>
<issue id="961263" tracker="bnc">NCQ Timeout with SMR drives (e.g. Seagate 8tb hdd)</issue>
<issue id="970970" tracker="bnc">VUL-1: CVE-2016-3137: kernel-source: Crash on invalid USB device descriptors (cypress_m8 driver)</issue>
<issue id="962257" tracker="bnc">ocfs2: very bad performance when doing cluster IO</issue>
<issue id="974418" tracker="bnc">VUL-0: CVE-2016-3951: kernel: usbnet: memory corruption triggered by invalid USB descriptor allowing for DoS</issue>
<issue id="959399" tracker="bnc">VUL-1: CVE-2015-8575: kernel-source: information leak from getsockname in bluetooth/sco</issue>
<issue id="970911" tracker="bnc">VUL-0: CVE-2016-3138: kernel-source: crash on invalid USB device descriptors (cdc_acm driver)</issue>
<issue id="865259" tracker="bnc">[Test Case 1279393] [Build 0094] ocfs2-kmp-* not installed by default</issue>
<issue id="970958" tracker="bnc">VUL-0: CVE-2016-2186: kernel-source: Kernel panic on invalid USB device descriptor (powermate driver)</issue>
<issue id="959190" tracker="bnc">VUL-1: CVE-2015-8569: kernel: information leak using getsockname</issue>
<issue id="974215" tracker="bnc">EFI framebuffer patches for arm64</issue>
<issue id="966693" tracker="bnc">VUL-0: CVE-2016-2384: kernel: ALSA: usb-audio: double-free triggered by invalid USB descriptor</issue>
<issue id="962866" tracker="bnc">BUG: unable to handle kernel NULL pointer dereference at 0000000000000060 in intel_fb_obj_invalidate+0x1c/0xf0 [i915]</issue>
<issue id="954404" tracker="bnc">VUL-0: CVE-2015-8104: kernel: kvm: virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception</issue>
<issue id="970955" tracker="bnc">VUL-1: CVE-2016-3136: kernel-source: Crash on invalid USB device descriptors (mct_u232 driver)</issue>
<issue id="970956" tracker="bnc">VUL-0: CVE-2016-2188: kernel-source: Kernel panic on invalid USB device descriptor (iowarrior driver)</issue>
<issue id="960710" tracker="bnc">crash when unloading+loading snd_hda_intel</issue>
<issue id="958439" tracker="bnc">Noise in headphones when shutting down or rebooting</issue>
<issue id="954647" tracker="bnc">Fixes for Dell headset are missing from Leap 4.1.x kernel</issue>
<issue id="884701" tracker="bnc">Removing Kernel Modules from s390x kernel</issue>
<issue id="951626" tracker="bnc">VUL-0: CVE-2015-7884: kernel: ioctl infoleaks on vivid-osd</issue>
<issue id="970892" tracker="bnc">VUL-0: CVE-2016-3140: kernel-source: crash on invalid USB device descriptors (digi_acceleport driver)</issue>
<issue id="966179" tracker="bnc">[i915] framebuffer console remains black</issue>
<issue id="966137" tracker="bnc">Installing with NVIDIA K420 does not show "Internal Audio"; sets "NVIDIA HDMI Audio" as default.</issue>
<issue id="975868" tracker="bnc">xorg crash after upgrade to 4.1.20</issue>
<issue id="963746" tracker="bnc">ISCSI target server crash: kernel BUG at ../net/ceph/messenger.c:1212!</issue>
<issue id="961509" tracker="bnc">VUL-0: CVE-2015-8767: kernel: SCTP denial of service during heartbeat timeout functions</issue>
<issue id="966437" tracker="bnc">VUL-0: CVE-2015-8812: kernel: CXGB3: Logic bug in return code handling prematurely frees key structures causing Use after free or kernel panic.</issue>
<issue id="962597" tracker="bnc">virtio_rng causes long stalls during shutdown</issue>
<issue id="971628" tracker="bnc">VUL-1: CVE-2016-3689: kernel: ims-pcu driver can be oopsed by malicious device</issue>
<issue id="965125" tracker="bnc">kernel crashes with divide error: 0000 in e1000e driver</issue>
<issue id="961500" tracker="bnc">VUL-0: CVE-2016-0723: kernel: Use-after-free in TIOCGETD ioctl</issue>
<issue id="865096" tracker="bnc">[Test Case 1366807] kernel-default-base-3.12.10-2.3 package conflicts during upgrade SLES11SP3 to SLES12Beta1</issue>
<issue id="975945" tracker="bnc">VUL-0: CVE-2016-3955: kernel: buffer overflow in usbip by trusting length of incoming packets</issue>
<issue id="954532" tracker="bnc">Elantech Touchpad on Acer Aspire R11 not detected</issue>
<issue id="970948" tracker="bnc">VUL-0: CVE-2016-2847: kernel-source: limit the per-user amount of pages allocated in pipes</issue>
<issue id="814440" tracker="bnc">HP CSBU SP3 bug: driver for Creative Recon3D audio working in Beta3, broken in Beta4</issue>
<issue id="966684" tracker="bnc">VUL-0: CVE-2016-2383: kernel: Incorrect branch fixups for eBPF allow arbitrary read</issue>
<issue id="958504" tracker="bnc">Constant background noise on T440s and loud cracking noise after audio powersave</issue>
<issue id="969356" tracker="bnc">VUL-0: CVE-2015-1339: kernel: Memory exhaustion via CUSE driver</issue>
<issue id="970845" tracker="bnc">Kernel:openSUSE-42.1' 4.1.19-1.1.gba8f37b: xfs problems & kernel panic</issue>
<issue id="968018" tracker="bnc">VUL-1: kernel: ALSA core issues reported by syzkaller fuzzer</issue>
<issue id="966259" tracker="bnc">BTRFS send error: did not find backref in send_root</issue>
<issue id="963931" tracker="bnc">VUL-0: CVE-2015-8787: kernel: Missing NULL pointer check in nf_nat_redirect_ipv4</issue>
<issue id="958463" tracker="bnc">VUL-0: CVE-2015-8539: kernel: Fix handling of stored error in a negatively instantiated user key</issue>
<issue id="951440" tracker="bnc">VUL-0: CVE-2015-7872: kernel: Keyrings crash triggerable by unprivileged user</issue>
<issue id="957988" tracker="bnc">VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155)</issue>
<issue id="949936" tracker="bnc">VUL-0: CVE-2015-7799: kernel: Using the PPP character device driver caused the system to restart</issue>
<issue id="969582" tracker="bnc">Missing support in intel_idle for Skylake</issue>
<issue id="960561" tracker="bnc">VUL-0: CVE-2015-8709: kernel: ptrace: potential privilege escalation in user namespaces</issue>
<issue id="CVE-2015-8539" tracker="cve" />
<issue id="CVE-2015-1339" tracker="cve" />
<issue id="CVE-2016-3140" tracker="cve" />
<issue id="CVE-2015-7550" tracker="cve" />
<issue id="CVE-2015-8785" tracker="cve" />
<issue id="CVE-2015-8787" tracker="cve" />
<issue id="CVE-2016-3136" tracker="cve" />
<issue id="CVE-2015-7799" tracker="cve" />
<issue id="CVE-2015-7872" tracker="cve" />
<issue id="CVE-2016-3951" tracker="cve" />
<issue id="CVE-2015-8104" tracker="cve" />
<issue id="CVE-2016-3137" tracker="cve" />
<issue id="CVE-2015-8569" tracker="cve" />
<issue id="CVE-2016-3138" tracker="cve" />
<issue id="CVE-2015-8543" tracker="cve" />
<issue id="CVE-2016-2384" tracker="cve" />
<issue id="CVE-2016-2383" tracker="cve" />
<issue id="CVE-2016-0728" tracker="cve" />
<issue id="CVE-2016-0723" tracker="cve" />
<issue id="CVE-2015-7884" tracker="cve" />
<issue id="CVE-2016-2185" tracker="cve" />
<issue id="CVE-2016-2184" tracker="cve" />
<issue id="CVE-2016-2186" tracker="cve" />
<issue id="CVE-2015-8812" tracker="cve" />
<issue id="CVE-2016-2188" tracker="cve" />
<issue id="CVE-2016-3689" tracker="cve" />
<issue id="CVE-2016-2069" tracker="cve" />
<issue id="CVE-2015-8709" tracker="cve" />
<issue id="CVE-2016-2847" tracker="cve" />
<issue id="CVE-2015-8575" tracker="cve" />
<issue id="CVE-2015-8767" tracker="cve" />
<issue id="CVE-2016-3156" tracker="cve" />
<issue id="318836" tracker="fate" />
<issue id="319484" tracker="fate" />
<issue id="319973" tracker="fate" />
<issue id="319980" tracker="fate" />
<category>security</category>
<rating>moderate</rating>
<packager>dirkmueller</packager>
<description>
This update for kernel-source-arm64 fixes the following issues:
- kABI fixes for 4.1.22
- Add some fixups (module, pci_dev, drm, fuse and thermal)
- Add kabi/severities entries to ignore sound/hda/*, x509_*,
efivar_validate, file_open_root and dax_fault
- Linux 4.1.22 (CVE-2015-8539OD CVE-2015-8812 CVE-2016-2184
CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-3138
CVE-2016-3689 bsc#958463 bsc#970911 bsc#970956 bsc#970958
bsc#971124 bsc#971628 bsc#954532 bsc#954876 bsc#975868
bsc#966437 bsc#971125).
- of: iommu: Silence misleading warning.
- USB: usbip: fix potential out-of-bounds write (bsc#975945).
- Revert "drm/radeon: call hpd_irq_event on resume" (bsc#975868).
- pipe: limit the per-user amount of pages allocated in pipes (bsc#970948 CVE-2016-2847).
- Fix kABI additions for pipe: limit the per-user amount of pages allocated in pipes.
- USB: mct_u232: add sanity checking in probe (bsc#970955, CVE-2016-3136).
- USB: iowarrior: fix oops with malicious USB descriptors (bsc#970956, CVE-2016-2188).
- USB: cdc-acm: more sanity checking (bsc#970911, CVE-2016-3138).
- USB: cypress_m8: add endpoint sanity check (bsc#970970, CVE-2016-3137).
- cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind (bsc#974418, CVE-2016-3951).
- USB: digi_acceleport: do sanity checking for the number of ports (bsc#970892, CVE-2016-3140).
- Linux 4.1.21.
- arm64: Update config file and enable CONFIG_FB_EFI
- efi/arm*: efifb: expose efifb platform device if GOP is available (bsc#974215).
- efi/arm*: libstub: wire up GOP handling into the ARM UEFI stub (bsc#974215).
- efi: efifb: use builtin_platform_driver and drop unused includes (bsc#974215).
- efi/x86: efifb: move DMI based quirks handling out of generic code (bsc#974215).
- efi/x86: libstub: move to generic GOP code (bsc#974215).
- efi: libstub: move Graphics Output Protocol handling to generic code (bsc#974215).
- efi: make install_configuration_table() boot service usable (bsc#974215).
- efifb: Add support for 64-bit frame buffer addresses (bsc#974215).
- Input: powermate - fix oops with malicious USB descriptors (bsc#970958, CVE-2016-2186).
- USB: usb_driver_claim_interface: add sanity checking (bsc#971124, CVE-2016-2185).
- Input: ims-pcu - sanity check against missing interfaces (bsc#971628, CVE-2016-3689).
- ALSA: timer: Use mod_timer() for rearming the system timer (bsc#973378).
- ALSA: timer: Call notifier in the same spinlock (bsc#973378).
- ALSA: timer: Protect the whole snd_timer_close() with open race (bsc#973378).
- ALSA: timer: Sync timer deletion at closing the system timer (bsc#973378).
- backends: guarantee one time reads of shared ring contents (bsc#957988).
- netback: don't use last request to determine minimum Tx credit (bsc#957988).
- Update Xen patches to 4.1.20.
- Update kabi files from kernel 4.1.20-11
- Backport arm64 patches from SLE12-SP1-ARM
- net: thunderx: Use napi_schedule_irqoff() (fate#319980).
- Update config files: Enable RTC_HCTOSYS, build I2C_XGENE_SLIMPRO as a module.
- ipv4: Don't do expensive useless work during inetdev destroy (CVE-2016-3156 bsc#971360).
- ext4: fix races of writeback with punch hole and zero range (bsc#972174).
- ext4: fix races between buffered IO and collapse / insert range (bsc#972174).
- ext4: move unlocked dio protection from ext4_alloc_file_blocks() (bsc#972174).
- ext4: fix races between page faults and hole punching (bsc#972174).
- net: thunderx: Use napi_schedule_irqoff() (fate#319980).
- Linux 4.1.20 (bsc#954647 bsc#954876).
- ALSA: usb-audio: Add sanity checks for endpoint accesses (CVE-2016-2184,bsc#971125).
- ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk() (CVE-2016-2184,bsc#971125).
- Backport patches from SLE12-SP1-ARM
- PCI: thunder: Add PCIe host driver for ThunderX processors
- PCI: thunder: Add driver for ThunderX-pass{1,2} on-chip devices
- arm64: Add workaround for Cavium erratum 27456.
- Update numa patches to v15
- Update config files
- arm64: Update config files.
Enable
PCI_HOST_THUNDER_ECAM
PCI_HOST_THUNDER_PEM
- PCI: thunder: Add driver for ThunderX-pass{1,2} on-chip devices (fate#319484).
- PCI: thunder: Add PCIe host driver for ThunderX processors (fate#319484).
- PCI: generic: Expose pci_host_common_probe() for use by other drivers (fate#319484).
- PCI: generic: Add pci_host_common_probe(), based on gen_pci_probe() (fate#319484).
- PCI: generic: Move structure definitions to separate header file (fate#319484).
- arm64: Update numa patch set to v15
- [v15, 1/6] efi: ARM/arm64: ignore DT memory nodes instead of removing them (fate#319973).
- [v15,2/6] Documentation, dt, numa: dt bindings for NUMA (fate#319973).
- [v15,3/6] of, numa: Add NUMA of binding implementation (fate#319973).
- [v15,4/6] arm64: Move unflatten_device_tree() call earlier (fate#319973).
- [v15,6/6] arm64, mm, numa: Add NUMA balancing support for arm64 (fate#319973).
- [v15,5/6] arm64, numa: Add NUMA support for arm64 platforms (fate#319973).
- kabi/severities: ignore ip6_route_output symbol lost
It's inlined in 4.1.19.
- hda_jack_callback kabi fix for 4.1.19.
- net kabi fixes for 4.1.19.
- cgroup kabi fix for 4.1.19.
- Linux 4.1.19 (CVE-2016-2383 CVE-2016-2384 bsc#966684 bsc#966693 bsc#968018).
- ibmvnic: Fix ibmvnic_capability struct.
- Update config files: Modularize NF_REJECT_IPV4/V6
There is no reason why these helper modules should be built-in when
the rest of netfilter is built as modules.
- Disable Skylake support in intel_idle driver again (bsc#969582)
This turned out to bring a regression on some machines, unfortunately.
It should be addressed in the upstream at first.
- intel_idle: Skylake Client Support - updated (bsc#969582).
- intel_idle: Skylake Client Support (bsc#969582).
- intel_idle: allow idle states to be freeze-mode specific (bsc#969582).
- cuse: fix memory leak (bsc#969356, CVE-2015-1339).
- series.conf: move cxgb3 patch to network drivers section
- ALSA: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).
- ALSA: timer: Fix race between stop and interrupt (bsc#968018).
- ALSA: timer: Fix wrong instance passed to slave callbacks (bsc#968018).
- ALSA: seq: Fix double port list deletion (bsc#968018).
- Update config files.
Enable CAVIUM_ERRATUM_27456
- arm64: Add workaround for Cavium erratum 27456.
- arm64: alternative: Provide if/else/endif assembler macros.
- arm64: alternative: Merge alternative-asm.h into alternative.h.
- config: arm64: compile xgene-slimpro as a module
- ALSA: hda - Apply clock gate workaround to Skylake, too (bsc#966137).
- ALSA: hda - disable dynamic clock gating on Broxton before reset (bsc#966137).
- ALSA: hda - Fix playback noise with 24/32 bit sample size on BXT (bsc#966137).
- drm/i915: Pin the ifbdev for the info->system_base GGTT mmapping (bsc#962866, bsc#966179).
- drm/i915: Fix failure paths around initial fbdev allocation (bsc#962866, bsc#966179).
- drm/i915: Fix double unref in intelfb_alloc failure path (bsc#962866, bsc#966179).
- kabi/severities: Ignore drivers/mfd/tps65218 and lpddr2_jedec_*
These are from 2 useless drivers that were removed, nobody needs
these symbols.
- Update s390x/vanilla config file: disable MFD_SYSCON.
- Ignore kabi of net/ceph/*, drivers/targets/* & co
The recent ARM64 patches brought kABI brekage on ceph and targets.
Ignore these changes, as they should be either in-kernel or a full
set of KMP.
- bpf: fix branch offset adjustment on backjumps after patching
ctx expansion (bsc#966684, CVE-2016-2383).
- Backport arm64 patches from SLE12-SP1-ARM
Add: libceph: fix scatterlist last_piece calculation (bsc#963746).
- Ignore dm-snapshot kABI changes
4.1.18 changed the signature slightly, but this isn't used anywhere else.
- Ignore kABI for crypto/*
4.1.18 changed the codes in crypto a lot, and also more will come in
near future, too. We support only our own crypto modules, so let's
ignore kABI changes to make our lives easier.
- kABI fixes for 4.1.18 thermal changes.
- kABI fixes for 4.1.18 drm changes.
- kABI fix for 4.1.18 ceph changes.
- Linux 4.1.18 (CVE-2016-0723 bsc#961500 bsc#962257).
- ptrace: being capable wrt a process requires mapped uids/gids (bsc#959709 bsc#960561 CVE-2015-8709).
- iw_cxgb3: Fix incorrectly returning error on success (bsc#966437, CVE-2015-8812).
- Update x86 config files: Enable Intel RAPL
This driver is useful when power caping is needed. It was enabled in
the SLE kernel 2 years ago.
- Update config files: Disable MFD_TPS65218
The TPS65218 is a power management IC for 32-bit ARM systems. Its
driver serves no purpose on other architectures. All sub-drivers were
already disabled anyway.
- ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-2384,bsc#966693).
- e1000e: Avoid divide by zero error (bsc#965125).
- e1000e: fix division by zero on jumbo MTUs (bsc#965125).
- e1000e: Fix tight loop implementation of systime read algorithm (bsc#965125).
- e1000e: fix systim issues (bsc#965125).
- Btrfs: teach backref walking about backrefs with underflowed (bsc#966259).
- fuse: break infinite loop in fuse_fill_write_pages() (bsc#963765, CVE-2015-8785).
- Update s390x config files: CONFIG_ENCLOSURE_SERVICES
Per bsc#884701, CONFIG_ENCLOSURE_SERVICES isn't needed on S/390. It
was already disabled in SLE, so disable it in openSUSE too.
- libceph: fix scatterlist last_piece calculation (bsc#963746).
- Update config files: Disable CONFIG_DDR
CONFIG_DDR is selected automatically by drivers which need it. This
piece of helper code is useless in the absence of any such driver.
- kabi/severities: Drop inet_twsk_schedule symbol check
It's dropped from 4.1.17, but it's rather used only internally.
- Fix kABI for addition of unix_inflight to user_struct.
- Linux 4.1.17 (CVE-2015-7799 CVE-2015-7884 CVE-2015-8104
CVE-2015-8767 CVE-2016-2069 bsc#814440 bsc#951626
bsc#963767 bsc#954876 bsc#958504 bsc#960710
bsc#949936 bsc#954404 bsc#958439 bsc#961509
http://article.gmane.org/gmane.comp.security.oss.general/17908).
- sd: Optimal I/O size is in bytes, not sectors (bsc#961263).
- sd: Reject optimal transfer length smaller than page size (bsc#961263).
- netfilter: nf_nat_redirect: add missing NULL pointer check (CVE-2015-8787 bsc#963931).
- x86/mm: Add barriers and document switch_mm()-vs-flush synchronization (bsc#963767, CVE-2016-2069).
- n_tty: Fix unsafe reference to "other" ldisc (bsc#961500 CVE-2016-0723).
- tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (bsc#961500 CVE-2016-0723).
- ocfs2: fix dlmglue deadlock issue(bsc#962257)
- Linux 4.1.16 (CVE-2015-7550 CVE-2015-7872 CVE-2015-8543
CVE-2015-8569 CVE-2015-8575 bsc#958951 bsc#951440 bsc#958886
bsc#959190 bsc#959399).
- ALSA: hda - Flush the pending probe work at remove (bsc#960710).
- sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (CVE-2015-8767 bsc#961509).
- HID: multitouch: fix input mode switching on some Elan panels (bsc#954532).
- HID: multitouch: Fetch feature reports on demand for Win8 devices (bsc#954532).
- Enable CONFIG_PINCTRL_CHERRYVIEW (bsc#954532)
Needed for recent tablets/laptops.
CONFIG_PINCTRL_BAYTRAIL is still disabled as it can't be built as a module.
- hwrng: core - sleep interruptible in read (bsc#962597).
- Backport arm64 patches from SLE12-SP1-ARM.
- Add LIO clustered RBD backend (fate#318836)
- keys-fix-leak (bsc#962075, CVE-2016-0728).
- rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed
- rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file
- Fix kABI breakage for max_dev_sectors addition to queue_limits (bsc#961263).
- block/sd: Fix device-imposed transfer length limits (bsc#961263).
- block: bump BLK_DEF_MAX_SECTORS to 2560 (bsc#961263).
- Revert "block: remove artifical max_hw_sectors cap" (bsc#961263).
- rpm/constraints.in: Bump disk space requirements up a bit
Require 10GB on s390x, 20GB elsewhere.
- rpm/compute-PATCHVERSION.sh: Skip stale directories in the package dir
- Add RHEL to kernel-obs-build
- group-source-files: mark module.lds as devel file
ld: cannot open linker script file /usr/src/linux-4.2.5-1/arch/arm/kernel/module.lds: No such file or directory
- rpm/kernel-binary.spec.in: really pass down %{?_smp_mflags}
- rpm/kernel-binary.spec.in: Use parallel make in all invocations
Also, remove the lengthy comment, since we are using a standard rpm
macro now.
- rpm/kernel-binary.spec.in: Delete one more DEBUG_SECTION_MISMATCH assignment
- rpm/kernel-binary.spec.in: Do not explicitly set DEBUG_SECTION_MISMATCH
CONFIG_DEBUG_SECTION_MISMATCH is a selectable Kconfig option since
2.6.39 and is enabled in our configs.
- rpm/kernel-binary.spec.in: No scriptlets in kernel-zfcpdump
The kernel should not be added to the bootloader nor are there any KMPs.
- Obsolete compat-wireless, rts5229 and rts_pstor KMPs
These are found in SLE11-SP3, now replaced with the upstream drivers.
- rpm/kernel-binary.spec.in: Do not obsolete ocfs2-kmp (bsc#865259)
- rpm/kernel-binary.spec.in: Obsolete the -base package from SLE11 (bsc#865096)
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
