File _patchinfo of Package patchinfo.4115

<patchinfo incident="4115">
  <issue id="1006118" tracker="bnc">race condition with root on multipath</issue>
  <issue id="1008340" tracker="bnc">VUL-1: CVE-2016-8637: dracut: creates world readable initramfs when early cpio is used</issue>
  <issue id="1017695" tracker="bnc">openSuse 42.2: Boot on broken RAID 1 with missing disk fails. Looks linked to dracut premount hook script (start job running with nolimit timeout)</issue>
  <issue id="1005410" tracker="bnc">multipath boot race with data on partitions (s390x)</issue>
  <issue id="1007925" tracker="bnc">lvm/multipath issue (s390x)</issue>
  <issue id="986734" tracker="bnc">[HPS Bug] sles12sp2 beta3 frequent boots to emergency mode following mount failures</issue>
  <issue id="986838" tracker="bnc">SLES 12 SP1 - [x86] Multipath hangs (using the multipath -F command)</issue>
  <issue id="2016-8637" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>dmolkentin</packager>
  <description>
This update for dracut fixes the following issues:

Security issues fixed:

- CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd
  would be read-only available for all users, allowing local users to retrieve secrets stored in
  the initial ramdisk. (bsc#1008340)

Non security issues fixed:

- Allow booting from degraded MD arrays with systemd. (bsc#1017695)
- Start multipath services before local-fs-pre.target. (bsc#1005410, bsc#1006118, bsc#1007925,
  bsc#986734, bsc#986838)
</description>
  <summary>Security update for dracut</summary>
</patchinfo>