Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
patchinfo.2116
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.2116
<patchinfo incident="2116"> <issue id="812259" tracker="bnc">Do not touch Intel's PERF BIAS (power vs performance) CPU setting</issue> <issue id="816099" tracker="bnc">4k FILE_SYNC over NFS for every change made to a mmap'd file (using IBM Rational ClearCase)</issue> <issue id="855062" tracker="bnc">FATE 315961 Emulex be2net driver update for SLE12</issue> <issue id="867583" tracker="bnc">be2net fails to initialize with SR-IOV</issue> <issue id="884701" tracker="bnc">Removing Kernel Modules from s390x kernel</issue> <issue id="899908" tracker="bnc">kGraft: usb-storage kernel thread blocks finishing kGraft patch</issue> <issue id="922071" tracker="bnc">megaraid driver regression on Intel Kylin server (S2600GZ)</issue> <issue id="937444" tracker="bnc">NMI is not triggering kdump</issue> <issue id="940338" tracker="bnc">VUL-0: CVE-2015-5707: kernel: Integer overflow in SCSI generic driver</issue> <issue id="940946" tracker="bnc">crash_kexec doesn't save registers for CPUs panicing from NMI</issue> <issue id="941363" tracker="bnc">frequent soft lockups in __d_lookup</issue> <issue id="943989" tracker="bnc">Unresolved symbol error message is a false positive in most cases</issue> <issue id="945219" tracker="bnc">Network issues with openvswitch and VLAN interface</issue> <issue id="947953" tracker="bnc">ISST-LTE: oops during install on SLES 12 SP1 with corrupt XFS partition</issue> <issue id="949752" tracker="bnc">L3: general protection fault at __d_lookup+0x68</issue> <issue id="950292" tracker="bnc">kernel-default-base is missing autofs4 module</issue> <issue id="951155" tracker="bnc">SLES12 SP1 RC2 kernel-xen : Kernel OOPS kernel BUG at ../arch/x86/mm/fault-xen.c:408!</issue> <issue id="955308" tracker="bnc">nfs client operations stall if done during large reads</issue> <issue id="955654" tracker="bnc">VUL-0: CVE-2013-7446: kernel: Unix sockets use after free - peer_wait_queue prematurely freed</issue> <issue id="956084" tracker="bnc">L3: max segment size per I/O request on xen_vbd devices</issue> <issue id="956514" tracker="bnc">NFSv4 client high utilization caused by NFS4ERR_OPENMODE</issue> <issue id="957525" tracker="bnc">kernel: soft lockup in __d_lookup of nfsd</issue> <issue id="957986" tracker="bnc">Indirect descriptors are not compatible with Amazon block backend</issue> <issue id="959090" tracker="bnc">kernel-vanilla-devel refers to patched kernel-devel</issue> <issue id="959146" tracker="bnc">Hang on boot - regression in upcoming SLE12-SP1 kernel update</issue> <issue id="959257" tracker="bnc">Kernel panic during host side cable pull from SN1000Q (16GB Qlogic) adapter</issue> <issue id="959463" tracker="bnc">Hotplug patches required for Dynamic Reconfiguration</issue> <issue id="959629" tracker="bnc">L3-Question: No turbo support for the Broadwell-EP processor (E5-2687W v4)</issue> <issue id="959709" tracker="bnc">VUL-0: kernel: privilege escalation in user namespaces</issue> <issue id="960174" tracker="bnc">futex pi_state leak</issue> <issue id="960227" tracker="bnc">[HPS Bug] Reduce cacheline contention on large SMP systems</issue> <issue id="960458" tracker="bnc">L3: Hang in scsi_dh_alua.</issue> <issue id="960561" tracker="bnc">VUL-0: CVE-2015-8709: kernel: ptrace: potential privilege escalation in user namespaces</issue> <issue id="960629" tracker="bnc">Peer failure messages for unused USB ports.</issue> <issue id="961257" tracker="bnc">ipv6: add complete rcu protection around np->opt?</issue> <issue id="961500" tracker="bnc">VUL-0: CVE-2016-0723: kernel: Use-after-free in TIOCGETD ioctl</issue> <issue id="961509" tracker="bnc">VUL-0: CVE-2015-8767: kernel: SCTP denial of service during heartbeat timeout functions</issue> <issue id="961516" tracker="bnc">Truncated pages are not dropped when ext3 is mounted in data=journal mode</issue> <issue id="961588" tracker="bnc">SLES12 offline_pages crashes system</issue> <issue id="961658" tracker="bnc">xenblk.max_indirect_segments in SLES does not work, large IOs are split</issue> <issue id="961971" tracker="bnc">L3: tainted_mask is non-zero even when no tainting modules were loaded</issue> <issue id="962336" tracker="bnc">kgraft: unannotated kthreads</issue> <issue id="962356" tracker="bnc">kernel build is taking too long</issue> <issue id="962788" tracker="bnc">module: percpu symbols missing in module's symtab</issue> <issue id="962965" tracker="bnc">VFs unload using sysfs method is failing only on Xen on both SLES 12 and SLES 12 SP1(with latest maint updates)</issue> <issue id="963193" tracker="bnc">btrfs quota not working on SLES 12-SP1 with "Disk quota exceeded on all subvolumes with a quotum."</issue> <issue id="963449" tracker="bnc">kernel-default.spec line 167 "%obsolete_rebuilds %name" breaks kernel build</issue> <issue id="963572" tracker="bnc">kgraft: workqueue: WQ_MEM_RECLAIM kgraft:kgr_work_fn is flushing !WQ_MEM_ RECLAIM</issue> <issue id="963746" tracker="bnc">ISCSI target server crash: kernel BUG at ../net/ceph/messenger.c:1212!</issue> <issue id="963765" tracker="bnc">VUL-0: CVE-2015-8785: kernel: fuse: possible denial of service in fuse_fill_write_pages()</issue> <issue id="963767" tracker="bnc">VUL-0: CVE-2016-2069 : kernel: race condition in the TLB flush logic</issue> <issue id="963825" tracker="bnc">timeout booting to SSD with SLES12 SP1 (using btrfs)</issue> <issue id="963960" tracker="bnc">SLES 12 SP1 - Startup time of one docker container is high</issue> <issue id="964201" tracker="bnc">L3: kernel BUG at /usr/src/packages/BUILD/kernel-default-3.0.101/linux-3.0/fs/nfs/write.c:318</issue> <issue id="964730" tracker="bnc">VUL-0: CVE-2016-0774: kernel: pipe buffer state corruption after unsuccessful atomic read from pipe</issue> <issue id="965199" tracker="bnc">L3: kernel panic during veritas vxvm zone/port enable and disable operation</issue> <issue id="965344" tracker="bnc">Btrfs: deadlock between direct IO writes and defrag/readpages</issue> <issue id="965830" tracker="bnc">"Failed to find boot device" on Xen HVM and HyperV</issue> <issue id="965840" tracker="bnc">Network card is not recognized on JeOS guest</issue> <issue id="965891" tracker="bnc">Missing xfs kernel module</issue> <issue id="966026" tracker="bnc">Missing kernel modules for OpenStack JeOS image</issue> <issue id="966094" tracker="bnc">Adding two or more Xen SCSI disks to a VM on the same host controller cause dom0 to crash</issue> <issue id="966278" tracker="bnc">btrfs trace dump in find_parent_nodes</issue> <issue id="966437" tracker="bnc">VUL-0: CVE-2015-8812: kernel: CXGB3: Logic bug in return code handling prematurely frees key structures causing Use after free or kernel panic.</issue> <issue id="966471" tracker="bnc">L3: hwclock problems in SLES 12 GA VMs with more than 1 VCPU</issue> <issue id="966693" tracker="bnc">VUL-0: CVE-2016-2384: kernel: ALSA: usb-audio: double-free triggered by invalid USB descriptor</issue> <issue id="966864" tracker="bnc">L3: nfsd: reconnect does not work properly</issue> <issue id="966910" tracker="bnc">Btrfs: fix BUG_ON() due to double page unlock that happens on error path for single page buffered writes</issue> <issue id="967802" tracker="bnc">Post-Alpha2 JeOS can't be deployed to virtualized SCSI disk</issue> <issue id="968018" tracker="bnc">VUL-1: kernel: ALSA core issues reported by syzkaller fuzzer</issue> <issue id="968074" tracker="bnc">Kernel module e1000e is missing from kernel-default-base</issue> <issue id="968206" tracker="bnc">SCSI disk is not present in VMware for emulated LSI SCSI controllers</issue> <issue id="968230" tracker="bnc">Btrfs: invalid memory accesses and races in the dedup (extent_same) ioctl</issue> <issue id="968234" tracker="bnc">More qemu drivers missing in kernel-default-base</issue> <issue id="968253" tracker="bnc">nothing provides ksym needed by crash-kmp-xen and xen-kmp-default</issue> <issue id="969112" tracker="bnc">kabi change in struct kvm_x86_ops</issue> <issue id="CVE-2013-7446" tracker="cve" /> <issue id="CVE-2015-5707" tracker="cve" /> <issue id="CVE-2015-8709" tracker="cve" /> <issue id="CVE-2015-8767" tracker="cve" /> <issue id="CVE-2015-8785" tracker="cve" /> <issue id="CVE-2015-8812" tracker="cve" /> <issue id="CVE-2016-0723" tracker="cve" /> <issue id="CVE-2016-0774" tracker="cve" /> <issue id="CVE-2016-2069" tracker="cve" /> <issue id="CVE-2016-2384" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>michal-m</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive various security and bugfixes. Features added: - A improved XEN blkfront module was added, which allows more I/O bandwidth. (FATE#320625) It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode. The following security bugs were fixed: - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654). - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request (bnc#940338). - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states "there is no kernel bug here" (bnc#959709 bnc#960561). - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509). - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765). - CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel driver when the network was considered to be congested. This could be used by local attackers to cause machine crashes or potentially code executuon (bsc#966437). - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500). - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964730). - CVE-2016-2069: Race conditions in TLB syncing was fixed which could leak to information leaks (bnc#963767). - CVE-2016-2384: A double-free triggered by invalid USB descriptor in ALSA usb-audio was fixed, which could be exploited by physical local attackers to crash the kernel or gain code execution (bnc#966693). The following non-security bugs were fixed: - alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018). - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018). - be2net: fix some log messages (bnc#855062 FATE#315961, bnc#867583). - block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625). - btrfs: Add handler for invalidate page (bsc#963193). - btrfs: check prepare_uptodate_page() error code earlier (bnc#966910). - btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193). - btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193). - btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193). - btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193). - btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193). - btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193). - btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193). - btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193). - btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193). - btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193). - btrfs: fix deadlock between direct IO write and defrag/readpages (bnc#965344). - btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230). - btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230). - btrfs: fix warning in backref walking (bnc#966278). - btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193). - btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193). - btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193). - btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193). - btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193). - btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193). - btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193). - btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193). - btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193). - btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193). - btrfs: qgroup: Use new metadata reservation (bsc#963193). - btrfs: skip locking when searching commit root (bnc#963825). - dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752). - documentation: Document kernel.panic_on_io_nmi sysctl (bsc#940946, bsc#937444). - documentation: Fix build of PDF files in kernel-docs package Double the spaces for tex, and fix buildrequires for docbook. - doc: Use fop for creating PDF files in kernel-docs package as some files still cannot be built with the default backend. - driver core: Add BUS_NOTIFY_REMOVED_DEVICE event (bnc#962965). - drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625). - driver: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625). - ec2: updated kabi files and start tracking - fs: Improve fairness when locking the per-superblock s_anon list (bsc#957525, bsc#941363). - fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960). - fuse: break infinite loop in fuse_fill_write_pages() (bsc#963765). - futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174). - jbd2: Fix unreclaimed pages after truncate in data=journal mode (bsc#961516). - kabi: Preserve checksum of kvm_x86_ops (bsc#969112). - kABI: protect struct af_alg_type. - kABI: protect struct crypto_ahash. - kABI: reintroduce blk_rq_check_limits. - kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules - kernel: Change ASSIGN_ONCE(val, x) to WRITE_ONCE(x, val) (bsc#940946, bsc#937444). - kernel: Provide READ_ONCE and ASSIGN_ONCE (bsc#940946, bsc#937444). - kernel/watchdog.c: perform all-CPU backtrace in case of hard lockup (bsc#940946, bsc#937444). - kexec: Fix race between panic() and crash_kexec() (bsc#940946, bsc#937444). - kgr: do not print error for !abort_if_missing symbols (bnc#943989). - kgr: do not use WQ_MEM_RECLAIM workqueue (bnc#963572). - kgr: log when modifying kernel (fate#317827). - kgr: mark some more missed kthreads (bnc#962336). - kgr: usb/storage: do not emit thread awakened (bnc#899908). - kvm: x86: Check dest_map->vector to match eoi signals for rtc (bsc#966471). - kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471). - kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471). - kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471). - libceph: fix scatterlist last_piece calculation (bsc#963746). - megaraid_sas: Chip reset if driver fails to get IOC ready (bsc#922071). Refresh the patch based on the actual upstream commit, and add the commit ID. - mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (VM Functionality, bnc#961588). - module: keep percpu symbols in module's symtab (bsc#962788). - namespaces: Re-introduce task_nsproxy() helper (bug#963960). - namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960). - net: core: Correct an over-stringent device loop detection (bsc#945219). - nfs: Background flush should not be low priority (bsc#955308). - nfsd: Do not start lockd when only NFSv4 is running (fate#316311). - nfs: do not use STABLE writes during writeback (bnc#816099). - nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201). - nfs: Move nfsd patch to the right section - nfsv4: Recovery of recalled read delegations is broken (bsc#956514). - nmi: provide the option to issue an NMI back trace to every cpu but current (bsc#940946, bsc#937444). - nmi: provide the option to issue an NMI back trace to every cpu but current (bsc#940946, bsc#937444). - panic, x86: Allow CPUs to save registers even if looping in NMI context (bsc#940946, bsc#937444). - panic, x86: Fix re-entrance problem due to panic on NMI (bsc#940946, bsc#937444). - pci: allow access to VPD attributes with size 0 (bsc#959146). - pciback: Check PF instead of VF for PCI_COMMAND_MEMORY. - pciback: Save the number of MSI-X entries to be copied later. - pci: Blacklist vpd access for buggy devices (bsc#959146). - pci: Determine actual VPD size on first access (bsc#959146). - pci: Update VPD definitions (bsc#959146). - perf: Do not modify perf bias performance setting by default at boot (bnc#812259,bsc#959629). - proc: Fix ptrace-based permission checks for accessing task maps. - rpm/constraints.in: Bump disk space requirements up a bit Require 10GB on s390x, 20GB elsewhere. - rpm/kernel-binary.spec.in: Fix build if no UEFI certs are installed - rpm/kernel-binary.spec.in: Fix kernel-vanilla-devel dependency (bsc#959090) - rpm/kernel-binary.spec.in: Fix paths in kernel-vanilla-devel (bsc#959090). - rpm/kernel-binary.spec.in: Install libopenssl-devel for newer sign-file - rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51). - rpm/kernel-binary.spec.in: Use bzip compression to speed up build (bsc#962356) - rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253) - rpm/kernel-source.spec.in: Install kernel-macros for kernel-source-vanilla (bsc#959090) - rpm/kernel-spec-macros: Do not modify the release string in PTFs (bsc#963449) - rpm/package-descriptions: Add kernel-zfcpdump and drop -desktop - sched/fair: Disable tg load_avg/runnable_avg update for root_task_group (bnc#960227). - sched/fair: Move cache hot load_avg/runnable_avg into separate cacheline (bnc#960227). - sched: Fix race between task_group and sched_task_group (Automatic NUMA Balancing (fate#315482)) - scsi: Add sd_mod to initrd modules For some reason PowerVM backend can't work without sd_mod - scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458). - scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199). - scsi: restart list search after unlock in scsi_remove_target (bsc#959257). - series.conf: add section comments - supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074) - supported.conf: Add Hyper-V modules to -base (bsc#965830) - supported.conf: Add more QEMU and VMware drivers to -base (bsc#965840). - supported.conf: Add more qemu device driver (bsc#968234) - supported.conf: Add mptspi and mptsas to -base (bsc#968206) - supported.conf: Add netfilter modules to base (bsc#950292) - supported.conf: Add nls_iso8859-1 and nls_cp437 to -base (bsc#950292) - supported.conf: Add the qemu scsi driver (sym53c8xx) to -base (bsc#967802) - supported.conf: Add tulip to -base for Hyper-V (bsc#968234) - supported.conf: Add vfat to -base to be able to mount the ESP (bsc#950292). - supported.conf: Add virtio_{blk,net,scsi} to kernel-default-base (bsc#950292) - supported.conf: Add virtio-rng (bsc#966026) - supported.conf: Add xen-blkfront. - supported.conf: Add xfs to -base (bsc#965891) - supported.conf: Also add virtio_pci to kernel-default-base (bsc#950292). - supported.conf: drop +external from ghash-clmulni-intel It was agreed that it does not make sense to maintain "external" for this specific module. Furthermore it causes problems in rather ordinary VMware environments. (bsc#961971) - supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12. - tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864). - usb: Quiet down false peer failure messages (bnc#960629). - x86/apic: Introduce apic_extnmi command line parameter (bsc#940946, bsc#937444). - x86/nmi: Save regs in crash dump on external NMI (bsc#940946, bsc#937444). - x86/nmi: Save regs in crash dump on external NMI (bsc#940946, bsc#937444). - xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658). - xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625). - xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625). - xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625). - xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625). - xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625). - xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625). - xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625). - xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625). - xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625). - xen: Linux 3.12.52. - xen: Refresh patches.xen/xen3-patch-3.9 (bsc#951155). - xen: Refresh patches.xen/xen3-patch-3.9 (do not subvert NX protection during 1:1 mapping setup). - xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094). - xen: Xen config files updated to enable upstream block frontend. - xfs: add a few more verifier tests (bsc#947953). - xfs: fix double free in xlog_recover_commit_trans (bsc#947953). - xfs: recovery of XLOG_UNMOUNT_TRANS leaks memory (bsc#947953). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor