Overview

File _patchinfo of Package patchinfo.18519

<patchinfo incident="18519">
  <issue id="1065600" tracker="bnc">Backports of upstream Xen-related kernel patches</issue>
  <issue id="1163592" tracker="bnc">kernel packaging problem: RPM group = %group</issue>
  <issue id="1178401" tracker="bnc">errors in OBS builds from kernel+initrd, e.g. "dracut-pre-udev[231]: modprobe: FATAL: Module ext2 not found in directory /lib/modules/5.8.15-1-default"</issue>
  <issue id="1178762" tracker="bnc">Slow down in OBS since kernel 5.6.0 on 32bit</issue>
  <issue id="1179014" tracker="bnc">[rpm4.16] invalid use of barewords in kernel spec files</issue>
  <issue id="1179015" tracker="bnc">[rpm4.16] kernel-source build fails</issue>
  <issue id="1179045" tracker="bnc">kernel-default fails with rpmlint 2.0</issue>
  <issue id="1179082" tracker="bnc">[rpm4.16] kernel: broken symbolic links</issue>
  <issue id="1179428" tracker="bnc">VUL-0: CVE-2020-29374: kernel-source: get_user_pages implementation, when used for a copy-on-write page, could grant unintended write access</issue>
  <issue id="1179660" tracker="bnc">VUL-0: CVE-2020-29368: kernel-source: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check</issue>
  <issue id="1180058" tracker="bnc">Please don't create /boot/do_purge_kernels on initial install</issue>
  <issue id="1181747" tracker="bnc">VUL-0: CVE-2021-26932: kernel-source: Linux grant mapping error handling issues (XSA-361 v4)</issue>
  <issue id="1181753" tracker="bnc">VUL-0: CVE-2021-26931: kernel-source: Linux backends treating grant mapping errors as bugs (XSA-362 v3)</issue>
  <issue id="1181843" tracker="bnc">VUL-0: CVE-2021-26930: kernel-source: error handling issues in blkback's grant mapping (XSA-365 v3)</issue>
  <issue id="1182140" tracker="bnc">L3-Question: SLE15 SP0, SP1 and SP2 uninstalling kernel removes symlinks in /boot</issue>
  <issue id="1182175" tracker="bnc">L3: After moving SLES11SP4 domUs (guests) from SLES12 SP2 to SP5 dom0 - network and DB access is extremely slow</issue>
  <issue id="2020-29368" tracker="cve" />
  <issue id="2021-26930" tracker="cve" />
  <issue id="2021-26931" tracker="cve" />
  <issue id="2021-26932" tracker="cve" />
  <issue id="2020-29374" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>ematsumiya</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1181843).
- CVE-2021-26931: Fixed an issue where Linux  kernel was treating grant mapping errors as bugs (XSA-362 bsc#1181753).
- CVE-2021-26932: Fixed improper error handling issues in Linux grant mapping (XSA-361 bsc#1181747).
  by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#178372).
- CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write implementation which could have granted unintended write access
  because of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).

The following non-security bugs were fixed:

- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). 
- rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) 
- rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two.
- rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) The in-tree KMP that is built with SLE kernels have a different scriptlet that is embedded in kernel-binary.spec.in rather than *.sh files.
- rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for "grep -E". So use the latter instead.
- rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
- rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).
- rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). 
- rpm/post.sh: Avoid purge-kernel for the first installed kernel (bsc#1180058)
- xen/netback: avoid race in xenvif_rx_ring_slots_available() (bsc#1065600).
- xen/netback: fix spurious event detection for common event case (bsc#1182175).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places