From sle-security-updates at lists.suse.com Fri Nov 2 14:08:29 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 2 Nov 2018 21:08:29 +0100 (CET) Subject: SUSE-SU-2018:3606-1: moderate: Security update for soundtouch Message-ID: <20181102200829.0D83AFCBE@maintenance.suse.de> SUSE Security Update: Security update for soundtouch ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3606-1 Rating: moderate References: #1108630 #1108631 #1108632 Cross-References: CVE-2018-17096 CVE-2018-17097 CVE-2018-17098 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. (bsc#1108632) - CVE-2018-17097: The WavFileBase class allowed remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. (double free) (bsc#1108631) - CVE-2018-17096: The BPMDetect class allowed remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. (bsc#1108630) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP3: zypper in -t patch SUSE-SLE-WE-12-SP3-2018-2564=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2564=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2564=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2564=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64): libSoundTouch0-32bit-1.7.1-5.6.1 libSoundTouch0-debuginfo-32bit-1.7.1-5.6.1 soundtouch-1.7.1-5.6.1 soundtouch-debuginfo-1.7.1-5.6.1 soundtouch-debugsource-1.7.1-5.6.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): soundtouch-1.7.1-5.6.1 soundtouch-debuginfo-1.7.1-5.6.1 soundtouch-debugsource-1.7.1-5.6.1 soundtouch-devel-1.7.1-5.6.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libSoundTouch0-1.7.1-5.6.1 libSoundTouch0-debuginfo-1.7.1-5.6.1 soundtouch-debuginfo-1.7.1-5.6.1 soundtouch-debugsource-1.7.1-5.6.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libSoundTouch0-1.7.1-5.6.1 libSoundTouch0-32bit-1.7.1-5.6.1 libSoundTouch0-debuginfo-1.7.1-5.6.1 libSoundTouch0-debuginfo-32bit-1.7.1-5.6.1 soundtouch-1.7.1-5.6.1 soundtouch-debuginfo-1.7.1-5.6.1 soundtouch-debugsource-1.7.1-5.6.1 References: https://www.suse.com/security/cve/CVE-2018-17096.html https://www.suse.com/security/cve/CVE-2018-17097.html https://www.suse.com/security/cve/CVE-2018-17098.html https://bugzilla.suse.com/1108630 https://bugzilla.suse.com/1108631 https://bugzilla.suse.com/1108632 From sle-security-updates at lists.suse.com Fri Nov 2 14:09:19 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 2 Nov 2018 21:09:19 +0100 (CET) Subject: SUSE-SU-2018:3607-1: moderate: Security update for curl Message-ID: <20181102200919.30250FCBE@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3607-1 Rating: moderate References: #1113660 Cross-References: CVE-2018-16842 Affected Products: SUSE Studio Onsite 1.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for curl fixes the following issues: - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Studio Onsite 1.3: zypper in -t patch slestso13-curl-13854=1 Package List: - SUSE Studio Onsite 1.3 (x86_64): libcurl-devel-7.19.7-1.20.53.19.1 References: https://www.suse.com/security/cve/CVE-2018-16842.html https://bugzilla.suse.com/1113660 From sle-security-updates at lists.suse.com Fri Nov 2 14:09:51 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 2 Nov 2018 21:09:51 +0100 (CET) Subject: SUSE-SU-2018:3608-1: moderate: Security update for curl Message-ID: <20181102200951.88876FCBE@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3608-1 Rating: moderate References: #1112758 #1113660 Cross-References: CVE-2018-16840 CVE-2018-16842 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for curl fixes the following issues: - CVE-2018-16840: A use after free in closing SASL handles was fixed (bsc#1112758) - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2563=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2563=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2563=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2563=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): curl-debuginfo-7.37.0-37.31.1 curl-debugsource-7.37.0-37.31.1 libcurl-devel-7.37.0-37.31.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): curl-7.37.0-37.31.1 curl-debuginfo-7.37.0-37.31.1 curl-debugsource-7.37.0-37.31.1 libcurl4-7.37.0-37.31.1 libcurl4-debuginfo-7.37.0-37.31.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libcurl4-32bit-7.37.0-37.31.1 libcurl4-debuginfo-32bit-7.37.0-37.31.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): curl-7.37.0-37.31.1 curl-debuginfo-7.37.0-37.31.1 curl-debugsource-7.37.0-37.31.1 libcurl4-32bit-7.37.0-37.31.1 libcurl4-7.37.0-37.31.1 libcurl4-debuginfo-32bit-7.37.0-37.31.1 libcurl4-debuginfo-7.37.0-37.31.1 - SUSE CaaS Platform ALL (x86_64): curl-7.37.0-37.31.1 curl-debuginfo-7.37.0-37.31.1 curl-debugsource-7.37.0-37.31.1 libcurl4-7.37.0-37.31.1 libcurl4-debuginfo-7.37.0-37.31.1 - SUSE CaaS Platform 3.0 (x86_64): curl-7.37.0-37.31.1 curl-debuginfo-7.37.0-37.31.1 curl-debugsource-7.37.0-37.31.1 libcurl4-7.37.0-37.31.1 libcurl4-debuginfo-7.37.0-37.31.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): curl-7.37.0-37.31.1 curl-debuginfo-7.37.0-37.31.1 curl-debugsource-7.37.0-37.31.1 libcurl4-7.37.0-37.31.1 libcurl4-debuginfo-7.37.0-37.31.1 References: https://www.suse.com/security/cve/CVE-2018-16840.html https://www.suse.com/security/cve/CVE-2018-16842.html https://bugzilla.suse.com/1112758 https://bugzilla.suse.com/1113660 From sle-security-updates at lists.suse.com Fri Nov 2 14:10:32 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 2 Nov 2018 21:10:32 +0100 (CET) Subject: SUSE-SU-2018:3609-1: moderate: Security update for ffmpeg Message-ID: <20181102201032.5CAD6FCBE@maintenance.suse.de> SUSE Security Update: Security update for ffmpeg ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3609-1 Rating: moderate References: #1097983 #1100345 #1100348 #1105869 Cross-References: CVE-2018-12458 CVE-2018-13300 CVE-2018-13305 CVE-2018-15822 Affected Products: SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Packagehub Subpackages 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for ffmpeg fixes the following issues: - CVE-2018-13300: An improper argument passed to the avpriv_request_sample function may have triggered an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure (bsc#1100348) - CVE-2018-15822: The flv_write_packet function did not check for an empty audio packet, leading to an assertion failure and DoS (bsc#1105869) - CVE-2018-13305: Due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service. (bsc#1100345). - CVE-2018-12458: An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c might have triggered an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. (bsc#1097983). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2018-2566=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2566=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2566=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2566=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (x86_64): ffmpeg-debuginfo-3.4.2-4.12.4 ffmpeg-debugsource-3.4.2-4.12.4 libavcodec-devel-3.4.2-4.12.4 libavformat-devel-3.4.2-4.12.4 libavformat57-3.4.2-4.12.4 libavformat57-debuginfo-3.4.2-4.12.4 libavresample-devel-3.4.2-4.12.4 libavresample3-3.4.2-4.12.4 libavresample3-debuginfo-3.4.2-4.12.4 - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64): ffmpeg-3.4.2-4.12.4 ffmpeg-debuginfo-3.4.2-4.12.4 ffmpeg-debugsource-3.4.2-4.12.4 libavdevice57-3.4.2-4.12.4 libavdevice57-debuginfo-3.4.2-4.12.4 libavfilter6-3.4.2-4.12.4 libavfilter6-debuginfo-3.4.2-4.12.4 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): ffmpeg-3.4.2-4.12.4 ffmpeg-debuginfo-3.4.2-4.12.4 ffmpeg-debugsource-3.4.2-4.12.4 ffmpeg-private-devel-3.4.2-4.12.4 libavdevice-devel-3.4.2-4.12.4 libavdevice57-3.4.2-4.12.4 libavdevice57-debuginfo-3.4.2-4.12.4 libavfilter-devel-3.4.2-4.12.4 libavfilter6-3.4.2-4.12.4 libavfilter6-debuginfo-3.4.2-4.12.4 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): ffmpeg-debuginfo-3.4.2-4.12.4 ffmpeg-debugsource-3.4.2-4.12.4 libavcodec57-3.4.2-4.12.4 libavcodec57-debuginfo-3.4.2-4.12.4 libavutil-devel-3.4.2-4.12.4 libavutil55-3.4.2-4.12.4 libavutil55-debuginfo-3.4.2-4.12.4 libpostproc-devel-3.4.2-4.12.4 libpostproc54-3.4.2-4.12.4 libpostproc54-debuginfo-3.4.2-4.12.4 libswresample-devel-3.4.2-4.12.4 libswresample2-3.4.2-4.12.4 libswresample2-debuginfo-3.4.2-4.12.4 libswscale-devel-3.4.2-4.12.4 libswscale4-3.4.2-4.12.4 libswscale4-debuginfo-3.4.2-4.12.4 References: https://www.suse.com/security/cve/CVE-2018-12458.html https://www.suse.com/security/cve/CVE-2018-13300.html https://www.suse.com/security/cve/CVE-2018-13305.html https://www.suse.com/security/cve/CVE-2018-15822.html https://bugzilla.suse.com/1097983 https://bugzilla.suse.com/1100345 https://bugzilla.suse.com/1100348 https://bugzilla.suse.com/1105869 From sle-security-updates at lists.suse.com Fri Nov 2 14:11:33 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 2 Nov 2018 21:11:33 +0100 (CET) Subject: SUSE-SU-2018:3610-1: moderate: Security update for soundtouch Message-ID: <20181102201133.1F5B6FCBE@maintenance.suse.de> SUSE Security Update: Security update for soundtouch ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3610-1 Rating: moderate References: #1108630 #1108631 #1108632 Cross-References: CVE-2018-17096 CVE-2018-17097 CVE-2018-17098 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretch. (bsc#1108632) - CVE-2018-17097: The WavFileBase class allowed remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch. (double free) (bsc#1108631) - CVE-2018-17096: The BPMDetect class allowed remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. (bsc#1108630) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2565=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2565=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): soundtouch-1.8.0-3.6.1 soundtouch-debuginfo-1.8.0-3.6.1 soundtouch-debugsource-1.8.0-3.6.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): libSoundTouch0-1.8.0-3.6.1 libSoundTouch0-debuginfo-1.8.0-3.6.1 soundtouch-debuginfo-1.8.0-3.6.1 soundtouch-debugsource-1.8.0-3.6.1 soundtouch-devel-1.8.0-3.6.1 References: https://www.suse.com/security/cve/CVE-2018-17096.html https://www.suse.com/security/cve/CVE-2018-17097.html https://www.suse.com/security/cve/CVE-2018-17098.html https://bugzilla.suse.com/1108630 https://bugzilla.suse.com/1108631 https://bugzilla.suse.com/1108632 From sle-security-updates at lists.suse.com Mon Nov 5 10:08:43 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 5 Nov 2018 18:08:43 +0100 (CET) Subject: SUSE-SU-2018:3618-1: important: Security update for the Linux Kernel Message-ID: <20181105170843.056B6FCBE@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3618-1 Rating: important References: #1099922 #1102870 #1106095 #1107829 #1108227 #1109967 #1110247 #1113337 #905299 Cross-References: CVE-2018-12896 CVE-2018-14617 CVE-2018-14633 CVE-2018-16276 Affected Products: SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves four vulnerabilities and has 5 fixes is now available. Description: The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829). - CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870). - CVE-2018-16276: An issue was discovered in yurex_read in drivers/usb/misc/yurex.c where local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095). - CVE-2018-12896: An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922). The following non-security bugs were fixed: - net: fix neighbours after MAC change (bnc#905299). - powerpc: Fix smp_mb__before_spinlock() (bsc#1110247). - x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967). - x86/fpu: fix signal handling with eager FPU switching (ia32) (bsc#1108227). - retpoline: Introduce start/end markers of indirect thunk (bsc#1113337). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-kernel-source-13855=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-source-13855=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-kernel-source-13855=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-kernel-source-13855=1 Package List: - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): kernel-default-3.0.101-0.47.106.56.1 kernel-default-base-3.0.101-0.47.106.56.1 kernel-default-devel-3.0.101-0.47.106.56.1 kernel-source-3.0.101-0.47.106.56.1 kernel-syms-3.0.101-0.47.106.56.1 kernel-trace-3.0.101-0.47.106.56.1 kernel-trace-base-3.0.101-0.47.106.56.1 kernel-trace-devel-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): kernel-ec2-3.0.101-0.47.106.56.1 kernel-ec2-base-3.0.101-0.47.106.56.1 kernel-ec2-devel-3.0.101-0.47.106.56.1 kernel-xen-3.0.101-0.47.106.56.1 kernel-xen-base-3.0.101-0.47.106.56.1 kernel-xen-devel-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64): kernel-bigsmp-3.0.101-0.47.106.56.1 kernel-bigsmp-base-3.0.101-0.47.106.56.1 kernel-bigsmp-devel-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x): kernel-default-man-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): kernel-pae-3.0.101-0.47.106.56.1 kernel-pae-base-3.0.101-0.47.106.56.1 kernel-pae-devel-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-bigsmp-extra-3.0.101-0.47.106.56.1 kernel-trace-extra-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): kernel-default-3.0.101-0.47.106.56.1 kernel-default-base-3.0.101-0.47.106.56.1 kernel-default-devel-3.0.101-0.47.106.56.1 kernel-ec2-3.0.101-0.47.106.56.1 kernel-ec2-base-3.0.101-0.47.106.56.1 kernel-ec2-devel-3.0.101-0.47.106.56.1 kernel-pae-3.0.101-0.47.106.56.1 kernel-pae-base-3.0.101-0.47.106.56.1 kernel-pae-devel-3.0.101-0.47.106.56.1 kernel-source-3.0.101-0.47.106.56.1 kernel-syms-3.0.101-0.47.106.56.1 kernel-trace-3.0.101-0.47.106.56.1 kernel-trace-base-3.0.101-0.47.106.56.1 kernel-trace-devel-3.0.101-0.47.106.56.1 kernel-xen-3.0.101-0.47.106.56.1 kernel-xen-base-3.0.101-0.47.106.56.1 kernel-xen-devel-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): kernel-default-debuginfo-3.0.101-0.47.106.56.1 kernel-default-debugsource-3.0.101-0.47.106.56.1 kernel-trace-debuginfo-3.0.101-0.47.106.56.1 kernel-trace-debugsource-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-0.47.106.56.1 kernel-ec2-debugsource-3.0.101-0.47.106.56.1 kernel-xen-debuginfo-3.0.101-0.47.106.56.1 kernel-xen-debugsource-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (x86_64): kernel-bigsmp-debuginfo-3.0.101-0.47.106.56.1 kernel-bigsmp-debugsource-3.0.101-0.47.106.56.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586): kernel-pae-debuginfo-3.0.101-0.47.106.56.1 kernel-pae-debugsource-3.0.101-0.47.106.56.1 References: https://www.suse.com/security/cve/CVE-2018-12896.html https://www.suse.com/security/cve/CVE-2018-14617.html https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-16276.html https://bugzilla.suse.com/1099922 https://bugzilla.suse.com/1102870 https://bugzilla.suse.com/1106095 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1108227 https://bugzilla.suse.com/1109967 https://bugzilla.suse.com/1110247 https://bugzilla.suse.com/1113337 https://bugzilla.suse.com/905299 From sle-security-updates at lists.suse.com Mon Nov 5 13:08:53 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 5 Nov 2018 21:08:53 +0100 (CET) Subject: SUSE-SU-2018:3620-1: moderate: Security update for icinga Message-ID: <20181105200853.9D2CEFCBE@maintenance.suse.de> SUSE Security Update: Security update for icinga ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3620-1 Rating: moderate References: #1011630 #1018047 #952777 Cross-References: CVE-2015-8010 CVE-2016-10089 CVE-2016-8641 Affected Products: SUSE Manager Tools 12 SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for icinga fixes the following issues: Security issues fixed: - CVE-2015-8010: Fixed XSS in the icinga classic UI (boo#952777) - CVE-2016-8641 / CVE-2016-10089: fixed a possible symlink attack for files/dirs created by root (boo#1011630 and boo#1018047) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2018-2580=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2580=1 Package List: - SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64): icinga-1.13.3-12.3.1 icinga-debuginfo-1.13.3-12.3.1 icinga-debugsource-1.13.3-12.3.1 icinga-devel-1.13.3-12.3.1 icinga-doc-1.13.3-12.3.1 icinga-idoutils-1.13.3-12.3.1 icinga-idoutils-mysql-1.13.3-12.3.1 icinga-idoutils-oracle-1.13.3-12.3.1 icinga-idoutils-pgsql-1.13.3-12.3.1 icinga-plugins-downtimes-1.13.3-12.3.1 icinga-plugins-eventhandlers-1.13.3-12.3.1 icinga-www-1.13.3-12.3.1 icinga-www-config-1.13.3-12.3.1 monitoring-tools-1.13.3-12.3.1 - SUSE Enterprise Storage 4 (aarch64 x86_64): icinga-1.13.3-12.3.1 icinga-debuginfo-1.13.3-12.3.1 icinga-debugsource-1.13.3-12.3.1 References: https://www.suse.com/security/cve/CVE-2015-8010.html https://www.suse.com/security/cve/CVE-2016-10089.html https://www.suse.com/security/cve/CVE-2016-8641.html https://bugzilla.suse.com/1011630 https://bugzilla.suse.com/1018047 https://bugzilla.suse.com/952777 From sle-security-updates at lists.suse.com Mon Nov 5 13:09:46 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 5 Nov 2018 21:09:46 +0100 (CET) Subject: SUSE-SU-2018:3621-1: moderate: Security update for opensc Message-ID: <20181105200946.ED2F1FCBE@maintenance.suse.de> SUSE Security Update: Security update for opensc ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3621-1 Rating: moderate References: #1104812 #1106998 #1106999 #1107033 #1107037 #1107038 #1107039 #1107107 #1108318 Cross-References: CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16422 CVE-2018-16423 CVE-2018-16427 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has one errata is now available. Description: This update for opensc fixes the following issues: - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998) - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999) - CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318) - CVE-2018-16418: Fixed buffer overflow when handling string concatenation in util_acl_to_str (bsc#1107039) - CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107) - CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038) - CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037) - CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-opensc-13856=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-opensc-13856=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-opensc-13856=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): opensc-devel-0.11.6-5.27.3.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libopensc2-0.11.6-5.27.3.1 opensc-0.11.6-5.27.3.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libopensc2-32bit-0.11.6-5.27.3.1 opensc-32bit-0.11.6-5.27.3.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libopensc2-x86-0.11.6-5.27.3.1 opensc-x86-0.11.6-5.27.3.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): opensc-debuginfo-0.11.6-5.27.3.1 opensc-debugsource-0.11.6-5.27.3.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): opensc-debuginfo-32bit-0.11.6-5.27.3.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): opensc-debuginfo-x86-0.11.6-5.27.3.1 References: https://www.suse.com/security/cve/CVE-2018-16391.html https://www.suse.com/security/cve/CVE-2018-16392.html https://www.suse.com/security/cve/CVE-2018-16393.html https://www.suse.com/security/cve/CVE-2018-16418.html https://www.suse.com/security/cve/CVE-2018-16419.html https://www.suse.com/security/cve/CVE-2018-16422.html https://www.suse.com/security/cve/CVE-2018-16423.html https://www.suse.com/security/cve/CVE-2018-16427.html https://bugzilla.suse.com/1104812 https://bugzilla.suse.com/1106998 https://bugzilla.suse.com/1106999 https://bugzilla.suse.com/1107033 https://bugzilla.suse.com/1107037 https://bugzilla.suse.com/1107038 https://bugzilla.suse.com/1107039 https://bugzilla.suse.com/1107107 https://bugzilla.suse.com/1108318 From sle-security-updates at lists.suse.com Mon Nov 5 13:11:26 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 5 Nov 2018 21:11:26 +0100 (CET) Subject: SUSE-SU-2018:3622-1: moderate: Security update for opensc Message-ID: <20181105201126.864E3FCBE@maintenance.suse.de> SUSE Security Update: Security update for opensc ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3622-1 Rating: moderate References: #1104812 #1106998 #1106999 #1107033 #1107034 #1107037 #1107038 #1107039 #1107097 #1107107 #1108318 Cross-References: CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420 CVE-2018-16422 CVE-2018-16423 CVE-2018-16426 CVE-2018-16427 Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that solves 10 vulnerabilities and has one errata is now available. Description: This update for opensc fixes the following issues: - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card (bsc#1106998) - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card (bsc#1106999) - CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsafe V1 Smartcards (bsc#1108318) - CVE-2018-16418: Fixed buffer overflow when handling string concatenation in util_acl_to_str (bsc#1107039) - CVE-2018-16419: Fixed several buffer overflows when handling responses from a Cryptoflex card (bsc#1107107) - CVE-2018-16420: Fixed buffer overflows when handling responses from an ePass 2003 Card (bsc#1107097) - CVE-2018-16422: Fixed single byte buffer overflow when handling responses from an esteid Card (bsc#1107038) - CVE-2018-16423: Fixed double free when handling responses from a smartcard (bsc#1107037) - CVE-2018-16426: Fixed endless recursion when handling responses from an IAS-ECC card (bsc#1107034) - CVE-2018-16427: Fixed out of bounds reads when handling responses in OpenSC (bsc#1107033) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2582=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2582=1 Package List: - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): opensc-0.13.0-3.3.2 opensc-debuginfo-0.13.0-3.3.2 opensc-debugsource-0.13.0-3.3.2 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): opensc-0.13.0-3.3.2 opensc-debuginfo-0.13.0-3.3.2 opensc-debugsource-0.13.0-3.3.2 References: https://www.suse.com/security/cve/CVE-2018-16391.html https://www.suse.com/security/cve/CVE-2018-16392.html https://www.suse.com/security/cve/CVE-2018-16393.html https://www.suse.com/security/cve/CVE-2018-16418.html https://www.suse.com/security/cve/CVE-2018-16419.html https://www.suse.com/security/cve/CVE-2018-16420.html https://www.suse.com/security/cve/CVE-2018-16422.html https://www.suse.com/security/cve/CVE-2018-16423.html https://www.suse.com/security/cve/CVE-2018-16426.html https://www.suse.com/security/cve/CVE-2018-16427.html https://bugzilla.suse.com/1104812 https://bugzilla.suse.com/1106998 https://bugzilla.suse.com/1106999 https://bugzilla.suse.com/1107033 https://bugzilla.suse.com/1107034 https://bugzilla.suse.com/1107037 https://bugzilla.suse.com/1107038 https://bugzilla.suse.com/1107039 https://bugzilla.suse.com/1107097 https://bugzilla.suse.com/1107107 https://bugzilla.suse.com/1108318 From sle-security-updates at lists.suse.com Mon Nov 5 13:13:54 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 5 Nov 2018 21:13:54 +0100 (CET) Subject: SUSE-SU-2018:3624-1: moderate: Security update for curl Message-ID: <20181105201354.AF4F9FCBE@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3624-1 Rating: moderate References: #1112758 #1113660 Cross-References: CVE-2018-16839 CVE-2018-16840 CVE-2018-16842 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for curl fixes the following issues: - CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758) - CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758) - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2578=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2578=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): curl-mini-7.60.0-3.14.2 curl-mini-debuginfo-7.60.0-3.14.2 curl-mini-debugsource-7.60.0-3.14.2 libcurl-mini-devel-7.60.0-3.14.2 libcurl4-mini-7.60.0-3.14.2 libcurl4-mini-debuginfo-7.60.0-3.14.2 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): curl-7.60.0-3.14.3 curl-debuginfo-7.60.0-3.14.3 curl-debugsource-7.60.0-3.14.3 libcurl-devel-7.60.0-3.14.3 libcurl4-7.60.0-3.14.3 libcurl4-debuginfo-7.60.0-3.14.3 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): libcurl4-32bit-7.60.0-3.14.3 libcurl4-32bit-debuginfo-7.60.0-3.14.3 References: https://www.suse.com/security/cve/CVE-2018-16839.html https://www.suse.com/security/cve/CVE-2018-16840.html https://www.suse.com/security/cve/CVE-2018-16842.html https://bugzilla.suse.com/1112758 https://bugzilla.suse.com/1113660 From sle-security-updates at lists.suse.com Mon Nov 5 13:14:35 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 5 Nov 2018 21:14:35 +0100 (CET) Subject: SUSE-SU-2018:3625-1: moderate: Security update for accountsservice Message-ID: <20181105201435.CD28CFCBE@maintenance.suse.de> SUSE Security Update: Security update for accountsservice ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3625-1 Rating: moderate References: #1090003 #1095918 #1099699 Cross-References: CVE-2018-14036 Affected Products: SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for accountsservice fixes the following issues: This security issue was fixed: - CVE-2018-14036: Prevent directory traversal caused by an insufficient path check in user_change_icon_file_authorized_cb() (bsc#1099699) Thsese non-security issues were fixed: - Don't abort loading users when an /etc/shadow entry is missing. (bsc#1090003) - When user session type is wayland, act_user_is_logged_in can return TRUE if the user is logged in. (bsc#1095918) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2579=1 Package List: - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): accountsservice-0.6.45-6.7.6 accountsservice-debuginfo-0.6.45-6.7.6 accountsservice-debugsource-0.6.45-6.7.6 accountsservice-devel-0.6.45-6.7.6 libaccountsservice0-0.6.45-6.7.6 libaccountsservice0-debuginfo-0.6.45-6.7.6 typelib-1_0-AccountsService-1_0-0.6.45-6.7.6 - SUSE Linux Enterprise Module for Desktop Applications 15 (noarch): accountsservice-lang-0.6.45-6.7.6 References: https://www.suse.com/security/cve/CVE-2018-14036.html https://bugzilla.suse.com/1090003 https://bugzilla.suse.com/1095918 https://bugzilla.suse.com/1099699 From sle-security-updates at lists.suse.com Wed Nov 7 07:09:12 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 7 Nov 2018 15:09:12 +0100 (CET) Subject: SUSE-SU-2018:3640-1: moderate: Security update for libarchive Message-ID: <20181107140912.A9E95FCF0@maintenance.suse.de> SUSE Security Update: Security update for libarchive ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3640-1 Rating: moderate References: #1032089 #1037008 #1037009 #1057514 #1059100 #1059134 #1059139 Cross-References: CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for libarchive fixes the following issues: - CVE-2016-10209: The archive_wstring_append_from_mbs function in archive_string.c allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. (bsc#1032089) - CVE-2016-10349: The archive_le32dec function in archive_endian.h allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. (bsc#1037008) - CVE-2016-10350: The archive_read_format_cab_read_header function in archive_read_support_format_cab.c allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. (bsc#1037009) - CVE-2017-14166: libarchive allowed remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c. (bsc#1057514) - CVE-2017-14501: An out-of-bounds read flaw existed in parse_file_info in archive_read_support_format_iso9660.c when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. (bsc#1059139) - CVE-2017-14502: read_header in archive_read_support_format_rar.c suffered from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. (bsc#1059134) - CVE-2017-14503: libarchive suffered from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16. (bsc#1059100) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2594=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2594=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2594=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libarchive-debugsource-3.1.2-26.3.1 libarchive-devel-3.1.2-26.3.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libarchive-debugsource-3.1.2-26.3.1 libarchive13-3.1.2-26.3.1 libarchive13-debuginfo-3.1.2-26.3.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libarchive-debugsource-3.1.2-26.3.1 libarchive13-3.1.2-26.3.1 libarchive13-debuginfo-3.1.2-26.3.1 References: https://www.suse.com/security/cve/CVE-2016-10209.html https://www.suse.com/security/cve/CVE-2016-10349.html https://www.suse.com/security/cve/CVE-2016-10350.html https://www.suse.com/security/cve/CVE-2017-14166.html https://www.suse.com/security/cve/CVE-2017-14501.html https://www.suse.com/security/cve/CVE-2017-14502.html https://www.suse.com/security/cve/CVE-2017-14503.html https://bugzilla.suse.com/1032089 https://bugzilla.suse.com/1037008 https://bugzilla.suse.com/1037009 https://bugzilla.suse.com/1057514 https://bugzilla.suse.com/1059100 https://bugzilla.suse.com/1059134 https://bugzilla.suse.com/1059139 From sle-security-updates at lists.suse.com Wed Nov 7 07:13:07 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 7 Nov 2018 15:13:07 +0100 (CET) Subject: SUSE-SU-2018:3644-1: important: Security update for systemd Message-ID: <20181107141307.6D485FCBE@maintenance.suse.de> SUSE Security Update: Security update for systemd ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3644-1 Rating: important References: #1089761 #1090944 #1091677 #1093753 #1101040 #1102908 #1105031 #1107640 #1107941 #1109197 #1109252 #1110445 #1112024 #1113083 #1113632 #1113665 #1114135 #991901 Cross-References: CVE-2018-15686 CVE-2018-15688 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has 16 fixes is now available. Description: This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) - CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non security issues fixed: - dhcp6: split assert_return() to be more debuggable when hit - core: skip unit deserialization and move to the next one when unit_deserialize() fails - core: properly handle deserialization of unknown unit types (#6476) - core: don't create Requires for workdir if "missing ok" (bsc#1113083) - logind: use manager_get_user_by_pid() where appropriate - logind: rework manager_get_{user|session}_by_pid() a bit - login: fix user at .service case, so we don't allow nested sessions (#8051) (bsc#1112024) - core: be more defensive if we can't determine per-connection socket peer (#7329) - core: introduce systemd.early_core_pattern= kernel cmdline option - core: add missing 'continue' statement - core/mount: fstype may be NULL - journald: don't ship systemd-journald-audit.socket (bsc#1109252) - core: make "tmpfs" dependencies on swapfs a "default" dep, not an "implicit" (bsc#1110445) - mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) - detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197) - emergency: make sure console password agents don't interfere with the emergency shell - man: document that 'nofail' also has an effect on ordering - journald: take leading spaces into account in syslog_parse_identifier - journal: do not remove multiple spaces after identifier in syslog message - syslog: fix segfault in syslog_parse_priority() - journal: fix syslog_parse_identifier() - install: drop left-over debug message (#6913) - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. - Add udev.no-partlabel-links kernel command-line option. This option can be used to disable the generation of the by-partlabel symlinks regardless of the name used. (bsc#1089761) - man: SystemMaxUse= clarification in journald.conf(5). (bsc#1101040) - systemctl: load unit if needed in "systemctl is-active" (bsc#1102908) - core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944) - Enable or disable machines.target according to the presets (bsc#1107941) - cryptsetup: add support for sector-size= option (fate#325697) - nspawn: always use permission mode 555 for /sys (bsc#1107640) - Bugfix for a race condition between daemon-reload and other commands (bsc#1105031) - Fixes an issue where login with root credentials was not possible in init level 5 (bsc#1091677) - Fix an issue where services of type "notify" harmless DENIED log entries. (bsc#991901) - Does no longer adjust qgroups on existing subvolumes (bsc#1093753) - cryptsetup: add support for sector-size= option (#9936) (fate#325697 bsc#1114135) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2595=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2595=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): libsystemd0-mini-234-24.15.1 libsystemd0-mini-debuginfo-234-24.15.1 libudev-mini-devel-234-24.15.1 libudev-mini1-234-24.15.1 libudev-mini1-debuginfo-234-24.15.1 nss-myhostname-234-24.15.1 nss-myhostname-debuginfo-234-24.15.1 nss-mymachines-234-24.15.1 nss-mymachines-debuginfo-234-24.15.1 nss-systemd-234-24.15.1 nss-systemd-debuginfo-234-24.15.1 systemd-debuginfo-234-24.15.1 systemd-debugsource-234-24.15.1 systemd-logger-234-24.15.1 systemd-mini-234-24.15.1 systemd-mini-container-mini-234-24.15.1 systemd-mini-container-mini-debuginfo-234-24.15.1 systemd-mini-coredump-mini-234-24.15.1 systemd-mini-coredump-mini-debuginfo-234-24.15.1 systemd-mini-debuginfo-234-24.15.1 systemd-mini-debugsource-234-24.15.1 systemd-mini-devel-234-24.15.1 systemd-mini-sysvinit-234-24.15.1 udev-mini-234-24.15.1 udev-mini-debuginfo-234-24.15.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): systemd-mini-bash-completion-234-24.15.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): libsystemd0-234-24.15.1 libsystemd0-debuginfo-234-24.15.1 libudev-devel-234-24.15.1 libudev1-234-24.15.1 libudev1-debuginfo-234-24.15.1 systemd-234-24.15.1 systemd-container-234-24.15.1 systemd-container-debuginfo-234-24.15.1 systemd-coredump-234-24.15.1 systemd-coredump-debuginfo-234-24.15.1 systemd-debuginfo-234-24.15.1 systemd-debugsource-234-24.15.1 systemd-devel-234-24.15.1 systemd-sysvinit-234-24.15.1 udev-234-24.15.1 udev-debuginfo-234-24.15.1 - SUSE Linux Enterprise Module for Basesystem 15 (noarch): systemd-bash-completion-234-24.15.1 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): libsystemd0-32bit-234-24.15.1 libsystemd0-32bit-debuginfo-234-24.15.1 libudev1-32bit-234-24.15.1 libudev1-32bit-debuginfo-234-24.15.1 systemd-32bit-234-24.15.1 systemd-32bit-debuginfo-234-24.15.1 References: https://www.suse.com/security/cve/CVE-2018-15686.html https://www.suse.com/security/cve/CVE-2018-15688.html https://bugzilla.suse.com/1089761 https://bugzilla.suse.com/1090944 https://bugzilla.suse.com/1091677 https://bugzilla.suse.com/1093753 https://bugzilla.suse.com/1101040 https://bugzilla.suse.com/1102908 https://bugzilla.suse.com/1105031 https://bugzilla.suse.com/1107640 https://bugzilla.suse.com/1107941 https://bugzilla.suse.com/1109197 https://bugzilla.suse.com/1109252 https://bugzilla.suse.com/1110445 https://bugzilla.suse.com/1112024 https://bugzilla.suse.com/1113083 https://bugzilla.suse.com/1113632 https://bugzilla.suse.com/1113665 https://bugzilla.suse.com/1114135 https://bugzilla.suse.com/991901 From sle-security-updates at lists.suse.com Wed Nov 7 13:09:55 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 7 Nov 2018 21:09:55 +0100 (CET) Subject: SUSE-SU-2018:3656-1: important: Security update for MozillaFirefox Message-ID: <20181107200955.51552FCBE@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3656-1 Rating: important References: #1112852 Cross-References: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for MozillaFirefox fixes the following issues: Security issues fixed: - Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 (bsc#1112852) - CVE-2018-12392: Crash with nested event loops. - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript. - CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting. - CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts. - CVE-2018-12397: WebExtension local file access vulnerability. - CVE-2018-12389: Memory safety bugs fixed in Firefox ESR 60.3. - CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2609=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2609=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): MozillaFirefox-branding-upstream-60.3.0-3.17.1 MozillaFirefox-debuginfo-60.3.0-3.17.1 MozillaFirefox-debugsource-60.3.0-3.17.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): MozillaFirefox-60.3.0-3.17.1 MozillaFirefox-debuginfo-60.3.0-3.17.1 MozillaFirefox-debugsource-60.3.0-3.17.1 MozillaFirefox-translations-common-60.3.0-3.17.1 MozillaFirefox-translations-other-60.3.0-3.17.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le x86_64): MozillaFirefox-devel-60.3.0-3.17.1 References: https://www.suse.com/security/cve/CVE-2018-12389.html https://www.suse.com/security/cve/CVE-2018-12390.html https://www.suse.com/security/cve/CVE-2018-12392.html https://www.suse.com/security/cve/CVE-2018-12393.html https://www.suse.com/security/cve/CVE-2018-12395.html https://www.suse.com/security/cve/CVE-2018-12396.html https://www.suse.com/security/cve/CVE-2018-12397.html https://bugzilla.suse.com/1112852 From sle-security-updates at lists.suse.com Wed Nov 7 13:10:29 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 7 Nov 2018 21:10:29 +0100 (CET) Subject: SUSE-SU-2018:3657-1: moderate: Security update for SDL_image Message-ID: <20181107201029.15A2EFCBE@maintenance.suse.de> SUSE Security Update: Security update for SDL_image ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3657-1 Rating: moderate References: #1084256 #1084257 #1084288 #1084303 #1084304 #1089087 Cross-References: CVE-2017-12122 CVE-2017-14440 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450 CVE-2018-3839 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for SDL_image fixes the following issues: - CVE-2017-14442: A specially crafted BMP image could have caused a stack overflow for an attacker that can display a specially crafted image (bsc#1084304). - CVE-2017-14450: A specially crafted GIF image could have caused a buffer overflow on a global section for an attacker that can display an image (bsc#1084288). - CVE-2017-12122: An exploitable code execution vulnerability exists in the ILBM image rendering functionality. A specially crafted ILBM image can cause a heap overflow resulting in code execution. (bsc#1084256). - CVE-2017-14440: An exploitable code execution vulnerability exists in the ILBM image rendering functionality. A specially crafted ILBM image can cause a stack overflow resulting in code execution. (bsc#1084257). - CVE-2017-14448: An exploitable code execution vulnerability exists in the XCF image rendering functionality. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. (bsc#1084303). - CVE-2018-3839: An exploitable code execution vulnerability exists in the XCF image rendering functionality. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. (bsc#1089087). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-SDL_image-13859=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-SDL_image-13859=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): SDL_image-1.2.6-84.42.1 SDL_image-devel-1.2.6-84.42.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): SDL_image-debuginfo-1.2.6-84.42.1 SDL_image-debugsource-1.2.6-84.42.1 References: https://www.suse.com/security/cve/CVE-2017-12122.html https://www.suse.com/security/cve/CVE-2017-14440.html https://www.suse.com/security/cve/CVE-2017-14442.html https://www.suse.com/security/cve/CVE-2017-14448.html https://www.suse.com/security/cve/CVE-2017-14450.html https://www.suse.com/security/cve/CVE-2018-3839.html https://bugzilla.suse.com/1084256 https://bugzilla.suse.com/1084257 https://bugzilla.suse.com/1084288 https://bugzilla.suse.com/1084303 https://bugzilla.suse.com/1084304 https://bugzilla.suse.com/1089087 From sle-security-updates at lists.suse.com Wed Nov 7 13:26:44 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 7 Nov 2018 21:26:44 +0100 (CET) Subject: SUSE-SU-2018:3659-1: important: Security update for the Linux Kernel Message-ID: <20181107202644.AA648FCBE@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3659-1 Rating: important References: #1012382 #1042422 #1044189 #1050431 #1050549 #1053043 #1063026 #1065600 #1065726 #1066223 #1067906 #1079524 #1082519 #1082863 #1082979 #1084427 #1084536 #1084760 #1088087 #1089343 #1090535 #1091158 #1094244 #1094555 #1094562 #1094825 #1095344 #1095753 #1095805 #1096052 #1096547 #1099597 #1099810 #1101555 #1102495 #1102715 #1102870 #1102875 #1102877 #1102879 #1102882 #1102896 #1103156 #1103269 #1103308 #1103405 #1105428 #1105795 #1105931 #1106095 #1106105 #1106110 #1106240 #1106293 #1106359 #1106434 #1106512 #1106594 #1106913 #1106929 #1106934 #1107060 #1107299 #1107318 #1107535 #1107829 #1107924 #1108096 #1108170 #1108240 #1108315 #1108377 #1108399 #1108498 #1108803 #1108823 #1109158 #1109333 #1109336 #1109337 #1109441 #1109784 #1109806 #1109818 #1109907 #1109919 #1109923 #1110006 #1110297 #1110337 #1110363 #1110468 #1110600 #1110601 #1110602 #1110603 #1110604 #1110605 #1110606 #1110611 #1110612 #1110613 #1110614 #1110615 #1110616 #1110618 #1110619 #1110930 #1111363 #1111516 #1111870 #1112007 #1112262 #1112263 Cross-References: CVE-2018-14613 CVE-2018-14617 CVE-2018-14633 CVE-2018-16276 CVE-2018-16597 CVE-2018-17182 CVE-2018-18386 CVE-2018-7480 CVE-2018-7757 CVE-2018-9516 Affected Products: SUSE Linux Enterprise Real Time Extension 12-SP3 ______________________________________________________________________________ An update that solves 10 vulnerabilities and has 104 fixes is now available. Description: The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-7480: The blkcg_init_queue function in block/blk-cgroup.c allowed local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure (bnc#1082863). - CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536). - CVE-2018-14613: There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c (bnc#1102896). - CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870). - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829). - CVE-2018-16276: Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095). - CVE-2018-16597: Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem (bnc#1106512). - CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399). - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2018-9516: A lack of certain checks in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498). The following non-security bugs were fixed: - 6lowpan: iphc: reset mac_header after decompress to fix panic (bnc#1012382). - alsa: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bnc#1012382). - alsa: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bnc#1012382). - alsa: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bnc#1012382). - alsa: hda - Fix cancel_work_sync() stall from jackpoll work (bnc#1012382). - alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bnc#1012382). - alsa: msnd: Fix the default sample sizes (bnc#1012382). - alsa: pcm: Fix snd_interval_refine first/last with open min/max (bnc#1012382). - alsa: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bnc#1012382). - apparmor: remove no-op permission check in policy_unpack (git-fixes). - arc: build: Get rid of toolchain check (bnc#1012382). - arc: clone syscall to setp r25 as thread pointer (bnc#1012382). - arch/hexagon: fix kernel/dma.c build warning (bnc#1012382). - arc: [plat-axs*]: Enable SWAP (bnc#1012382). - arm64: bpf: jit JMP_JSET_{X,K} (bsc#1110613). - arm64: Correct type for PUD macros (bsc#1110600). - arm64: cpufeature: Track 32bit EL0 support (bnc#1012382). - arm64: dts: qcom: db410c: Fix Bluetooth LED trigger (bnc#1012382). - arm64: fix erroneous __raw_read_system_reg() cases (bsc#1110606). - arm64: Fix potential race with hardware DBM in ptep_set_access_flags() (bsc#1110605). - arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1110603). - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" (bnc#1012382). - arm64: kasan: avoid bad virt_to_pfn() (bsc#1110612). - arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1110619). - arm64/kasan: do not allocate extra shadow memory (bsc#1110611). - arm64: kernel: Update kerneldoc for cpu_suspend() rename (bsc#1110602). - arm64: kgdb: handle read-only text / modules (bsc#1110604). - arm64: kvm: Sanitize PSTATE.M when being set from userspace (bnc#1012382). - arm64: kvm: Tighten guest core register access from userspace (bnc#1012382). - arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1110618). - arm64: ptrace: Avoid setting compat FP[SC]R to garbage if get_user fails (bsc#1110601). - arm64: supported.conf: mark armmmci as not supported - arm64 Update config files. (bsc#1110468) Set MMC_QCOM_DML to build-in and delete driver from supported.conf - arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1110614). - arm: dts: at91: add new compatibility string for macb on sama5d3 (bnc#1012382). - arm: dts: dra7: fix DCAN node addresses (bnc#1012382). - arm: exynos: Clear global variable on init error path (bnc#1012382). - arm: hisi: check of_iomap and fix missing of_node_put (bnc#1012382). - arm: hisi: fix error handling and missing of_node_put (bnc#1012382). - arm: hisi: handle of_iomap and fix missing of_node_put (bnc#1012382). - arm: mvebu: declare asm symbols as character arrays in pmsu.c (bnc#1012382). - asm/sections: add helpers to check for section data (bsc#1063026). - asoc: cs4265: fix MMTLR Data switch control (bnc#1012382). - asoc: dapm: Fix potential DAI widget pointer deref when linking DAIs (bnc#1012382). - asoc: sigmadsp: safeload should not have lower byte limit (bnc#1012382). - asoc: wm8804: Add ACPI support (bnc#1012382). - asoc: wm8994: Fix missing break in switch (bnc#1012382). - ata: libahci: Correct setting of DEVSLP register (bnc#1012382). - ath10k: disable bundle mgmt tx completion event support (bnc#1012382). - ath10k: fix scan crash due to incorrect length calculation (bnc#1012382). - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bnc#1012382). - ath10k: prevent active scans on potential unusable channels (bnc#1012382). - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bnc#1012382). - audit: fix use-after-free in audit_add_watch (bnc#1012382). - autofs: fix autofs_sbi() does not check super block type (bnc#1012382). - binfmt_elf: Respect error return from `regset->active' (bnc#1012382). - block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979). - bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bnc#1012382). - bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bnc#1012382). - bluetooth: hidp: Fix handling of strncpy for hid->name information (bnc#1012382). - bnxt_en: Fix TX timeout during netpoll (bnc#1012382). - bonding: avoid possible dead-lock (bnc#1012382). - bpf: fix cb access in socket filter programs on tail calls (bsc#1012382). - bpf: fix map not being uncharged during map creation failure (bsc#1012382). - bpf: fix overflow in prog accounting (bsc#1012382). - bpf, s390: fix potential memleak when later bpf_jit_prog fails (git-fixes). - bpf, s390x: do not reload skb pointers in non-skb context (git-fixes). - btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: add missing initialization in btrfs_check_shared (Git-fixes bsc#1112262). - btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535). - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919). - btrfs: Fix race condition between delayed refs and blockgroup removal (Git-fixes bsc#1112263). - btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382). - btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382). - btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096). - btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382). - btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1112007). - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bnc#1012382). - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bnc#1012382). - cfq: Give a chance for arming slice idle timer in case of group_idle (bnc#1012382). - cgroup: Fix deadlock in cpu hotplug path (bnc#1012382). - cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382). - cifs: connect to servername instead of IP for IPC$ share (bsc#1106359). - cifs: fix wrapping bugs in num_entries() (bnc#1012382). - cifs: integer overflow in in SMB2_ioctl() (bsc#1012382). - cifs: prevent integer overflow in nxt_dir_entry() (bnc#1012382). - cifs: read overflow in is_valid_oplock_break() (bnc#1012382). - clk: imx6ul: fix missing of_node_put() (bnc#1012382). - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bnc#1012382). - config.sh: set BUGZILLA_PRODUCT for SLE12-SP3 - coresight: Handle errors in finding input/output ports (bnc#1012382). - coresight: tpiu: Fix disabling timeouts (bnc#1012382). - cpu/hotplug: Fix SMT supported evaluation (bsc#1089343). - crypto: clarify licensing of OpenSSL asm code (). - crypto: mxs-dcp - Fix wait logic on chan threads (bnc#1012382). - crypto: sharah - Unregister correct algorithms for SAHARA 3 (bnc#1012382). - crypto: skcipher - Fix -Wstringop-truncation warnings (bnc#1012382). - crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes). - debugobjects: Make stack check warning more informative (bnc#1012382). - define early_radix_enabled() (bsc#1094244). - dmaengine: pl330: fix irq race with terminate_all (bnc#1012382). - dm cache: fix resize crash if user does not reload cache table (bnc#1012382). - dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382). - dm-mpath: do not try to access NULL rq (bsc#1110337). - dm-mpath: finally fixup cmd_flags (bsc#1110930). - dm thin metadata: fix __udivdi3 undefined on 32-bit (bnc#1012382). - dm thin metadata: try to avoid ever aborting transactions (bnc#1012382). - drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config (bnc#1012382). - drivers: net: cpsw: fix segfault in case of bad phy-handle (bnc#1012382). - drivers/tty: add error handling for pcmcia_loop_config (bnc#1012382). - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bnc#1012382). - drm/amdkfd: Fix error codes in kfd_get_process (bnc#1012382). - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bnc#1012382). - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bnc#1012382). - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bnc#1012382). - e1000: check on netif_running() before calling e1000_up() (bnc#1012382). - e1000: ensure to free old tx/rx rings in set_ringparam() (bnc#1012382). - ebtables: arpreply: Add the standard target sanity check (bnc#1012382). - edac: Fix memleak in module init error path (bsc#1109441). - edac, i7core: Fix memleaks and use-after-free on probe and remove (1109441). - ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle (bnc#1012382). - ethtool: Remove trailing semicolon for static inline (bnc#1012382). - ext4: avoid divide by zero fault when deleting corrupted inline directories (bnc#1012382). - ext4: do not mark mmp buffer head dirty (bnc#1012382). - ext4: fix online resize's handling of a too-small final block group (bnc#1012382). - ext4: fix online resizing for bigalloc file systems with a 1k block size (bnc#1012382). - ext4: recalucate superblock checksum after updating free blocks/inodes (bnc#1012382). - f2fs: do not set free of current section (bnc#1012382). - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize (bnc#1012382). - fat: validate ->i_start before using (bnc#1012382). - fbdev: Distinguish between interlaced and progressive modes (bnc#1012382). - fbdev/omapfb: fix omapfb_memory_read infoleak (bnc#1012382). - fbdev/via: fix defined but not used warning (bnc#1012382). - fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated pages") (bnc#1012382). - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bnc#1012382). - follow-up fix for patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch. (bsc#1108803) - fork: do not copy inconsistent signal handler state to child (bnc#1012382). - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bnc#1012382). - fs/cifs: suppress a string overflow warning (bnc#1012382). - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382). - fs/eventpoll: loosen irq-safety when possible (bsc#1096052). - genirq: Delay incrementing interrupt count if it's disabled/pending (bnc#1012382). - gfs2: Special-case rindex for gfs2_grow (bnc#1012382). - gpio: adp5588: Fix sleep-in-atomic-context bug (bnc#1012382). - gpiolib: Mark gpio_suffixes array with __maybe_unused (bnc#1012382). - gpio: ml-ioh: Fix buffer underwrite on probe error path (bnc#1012382). - gpio: tegra: Move driver registration to subsys_init level (bnc#1012382). - gso_segment: Reset skb->mac_len after modifying network header (bnc#1012382). - hexagon: modify ffs() and fls() to return int (bnc#1012382). - hfsplus: do not return 0 when fill_super() failed (bnc#1012382). - hfs: prevent crash on exit from failed search (bnc#1012382). - hid: hid-ntrig: add error handling for sysfs_create_group (bnc#1012382). - hid: sony: Support DS4 dongle (bnc#1012382). - hid: sony: Update device ids (bnc#1012382). - hv: avoid crash in vmbus sysfs files (bnc#1108377). - hwmon: (adt7475) Make adt7475_read_word() return errors (bnc#1012382). - hwmon: (ina2xx) fix sysfs shunt resistor read access (bnc#1012382). - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bnc#1012382). - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bnc#1012382). - i2c: i801: fix DNV's SMBCTRL register offset (bnc#1012382). - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: xiic: Make the start and the byte count write atomic (bnc#1012382). - i2c: xlp9xx: Add support for SMBAlert (bsc#1103308). - i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1103308). - i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1103308). - i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1103308). - ib/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bnc#1012382). - ib/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop (bnc#1012382). - ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562). - input: atakbd - fix Atari CapsLock behaviour (bnc#1012382). - input: atakbd - fix Atari keymap (bnc#1012382). - input: atmel_mxt_ts - only use first T9 instance (bnc#1012382). - input: elantech - enable middle button of touchpad on ThinkPad P72 (bnc#1012382). - iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105). - iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bnc#1012382). - iommu/ipmmu-vmsa: Fix allocation in atomic context (bnc#1012382). - ip6_tunnel: be careful when accessing the inner header (bnc#1012382). - ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308). - ip_tunnel: be careful when accessing the inner header (bnc#1012382). - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (bnc#1012382). - ipv6: fix possible use-after-free in ip6_xmit() (bnc#1012382). - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382). - irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382). - irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382). - iw_cxgb4: only allow 1 flush on user qps (bnc#1012382). - ixgbe: pci_set_drvdata must be called before register_netdev (Git-fixes bsc#1109923). - jffs2: return -ERANGE when xattr buffer is too small (bnc#1012382). - kabi: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - kabi protect hnae_ae_ops (bsc#1107924). - kABI: protect struct hnae_desc_cb (kabi). - kbuild: add .DELETE_ON_ERROR special target (bnc#1012382). - kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382). - kernel/params.c: downgrade warning for unsafe parameters (bsc#1050549). - kprobes/x86: Release insn_slot in failure path (bsc#1110006). - kthread: fix boot hang (regression) on MIPS/OpenRISC (bnc#1012382). - kthread: Fix use-after-free if kthread fork fails (bnc#1012382). - kvm: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240). - kvm: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240). - kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bnc#1012382). - kvm: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240). - kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240). - kvm: x86: fix APIC page invalidation (bsc#1106240). - kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch (bnc#1012382). - kvm/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240). - kvm: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (bsc#1106240). - l2tp: cast l2tp traffic counter to unsigned (bsc#1099810). - lib/test_hexdump.c: fix failure on big endian cpu (bsc#1106110). - locking/osq_lock: Fix osq_lock queue corruption (bnc#1012382). - locking/rwsem-xadd: Fix missed wakeup due to reordering of load (bnc#1012382). - lpfc: fixup crash in lpfc_els_unsol_buffer() (bsc#1107318). - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: fix a race between restart and CSA flows (bnc#1012382). - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bnc#1012382). - mac80211: Fix station bandwidth setting after channel switch (bnc#1012382). - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: mesh: fix HWMP sequence numbering to follow standard (bnc#1012382). - mac80211: restrict delayed tailroom needed decrement (bnc#1012382). - mac80211: shorten the IBSS debug messages (bnc#1012382). - mach64: detect the dot clock divider correctly on sparc (bnc#1012382). - macintosh/via-pmu: Add missing mmio accessors (bnc#1012382). - md-cluster: clear another node's suspend_area after the copy is finished (bnc#1012382). - md/raid1: exit sync request if MD_RECOVERY_INTR is set (git-fixes). - md/raid5: fix data corruption of replacements after originals dropped (bnc#1012382). - media: af9035: prevent buffer overflow on write (bnc#1012382). - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bnc#1012382). - media: fsl-viu: fix error handling in viu_of_probe() (bnc#1012382). - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bnc#1012382). - media: omap_vout: Fix a possible null pointer dereference in omap_vout_open() (bsc#1050431). - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bnc#1012382). - media: soc_camera: ov772x: correct setting of banding filter (bnc#1012382). - media: tm6000: add error handling for dvb_register_adapter (bnc#1012382). - media: uvcvideo: Support realtek's UVC 1.5 device (bnc#1012382). - media: v4l: event: Prevent freeing event subscriptions while accessed (bnc#1012382). - media: videobuf2-core: check for q->error in vb2_core_qbuf() (bnc#1012382). - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1050431). - mei: bus: type promotion bug in mei_nfc_if_version() (bnc#1012382). - mei: me: allow runtime pm for platform with D0i3 (bnc#1012382). - mfd: omap-usb-host: Fix dts probe of children (bnc#1012382). - mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382). - mfd: ti_am335x_tscadc: Fix struct clk memory leak (bnc#1012382). - misc: hmc6352: fix potential Spectre v1 (bnc#1012382). - misc: mic: SCIF Fix scif_get_new_port() error handling (bnc#1012382). - misc: ti-st: Fix memory leak in the error path of probe() (bnc#1012382). - mmc: mmci: stop building qcom dml as module (bsc#1110468). - mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382). - mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1110006). - mm: get rid of vmacache_flush_all() entirely (bnc#1012382). - mm: madvise(MADV_DODUMP): allow hugetlbfs pages (bnc#1012382). - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907). - mm: shmem.c: Correctly annotate new inodes for lockdep (bnc#1012382). - mm/vmstat.c: fix outdated vmstat_text (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (git fixes). - module: exclude SHN_UNDEF symbols from kallsyms api (bnc#1012382). - mtdchar: fix overflows in adjustment of `count` (bnc#1012382). - mtd/maps: fix solutionengine.c printk format warnings (bnc#1012382). - neighbour: confirm neigh entries when ARP packet is received (bnc#1012382). - net/9p: fix error path of p9_virtio_probe (bnc#1012382). - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (bnc#1012382). - net: bcmgenet: use MAC link status for fixed phy (bnc#1012382). - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx() (bnc#1012382). - net: dcb: For wild-card lookups, use priority -1, not 0 (bnc#1012382). - net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240). - net: ena: fix device destruction to gracefully free resources (bsc#1108240). - net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240). - net: ena: fix incorrect usage of memory barriers (bsc#1108240). - net: ena: fix missing calls to READ_ONCE (bsc#1108240). - net: ena: fix missing lock during device destruction (bsc#1108240). - net: ena: fix potential double ena_destroy_device() (bsc#1108240). - net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240). - net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (bsc#1110616). - net: ethernet: ti: cpsw: fix mdio device reference leak (bnc#1012382). - netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user (bnc#1012382). - net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924). - net: hns: add the code for cleaning pkt in chip (bsc#1107924). - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES (bnc#1012382). - net: hp100: fix always-true check for link up state (bnc#1012382). - net: ipv4: update fnhe_pmtu when first hop's MTU changes (bnc#1012382). - net/ipv6: Display all addresses in output of /proc/net/if_inet6 (bnc#1012382). - netlabel: check for IPV4MASK in addrinfo_get (bnc#1012382). - net: macb: disable scatter-gather for macb on sama5d3 (bnc#1012382). - net/mlx4: Use cpumask_available for eq->affinity_mask (bnc#1012382). - net: mvneta: fix mtu change on port without link (bnc#1012382). - net: mvneta: fix mvneta_config_rss on armada 3700 (bsc#1110615). - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (bnc#1012382). - net: systemport: Fix wake-up interrupt race during resume (bnc#1012382). - net/usb: cancel pending work when unbinding smsc75xx (bnc#1012382). - nfc: Fix possible memory corruption when handling SHDLC I-Frame commands (bnc#1012382). - nfc: Fix the number of pipes (bnc#1012382). - nfs: add nostatflush mount option (bsc#1065726). - nfs: Avoid quadratic search when freeing delegations (bsc#1084760). - nfsd: fix corrupted reply to badly ordered compound (bnc#1012382). - nfs: Use an appropriate work queue for direct-write completion (bsc#1082519). - nfsv4.0 fix client reference leak in callback (bnc#1012382). - nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189). - nvmet: fixup crash on NULL device path (bsc#1082979). - ocfs2: fix locking for res->tracking and dlm->tracking_list (bnc#1012382). - ocfs2: fix ocfs2 read block panic (bnc#1012382). - of: unittest: Disable interrupt node tests for old world MAC systems (bnc#1012382). - ovl: Copy inode attributes after setting xattr (bsc#1107299). - ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512) - ovl: proper cleanup of workdir (bnc#1012382). - ovl: rename is_merge to is_lowest (bnc#1012382). - parport: sunbpp: fix error return code (bnc#1012382). - partitions/aix: append null character to print data from disk (bnc#1012382). - partitions/aix: fix usage of uninitialized lv_info and lvname structures (bnc#1012382). - pci: altera: Fix bool initialization in tlp_read_packet() (bsc#1109806). - pci: designware: Fix I/O space page leak (bsc#1109806). - pci: designware: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: mvebu: Fix I/O space end address calculation (bnc#1012382). - pci: OF: Fix I/O space page leak (bsc#1109806). - pci: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1109806). - pci: Reprogram bridge prefetch registers on resume (bnc#1012382). - pci: shpchp: Fix AMD POGO identification (bsc#1109806). - pci: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806). - pci: versatile: Fix I/O space page leak (bsc#1109806). - pci: versatile: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: xgene: Fix I/O space page leak (bsc#1109806). - pci: xilinx: Add missing of_node_put() (bsc#1109806). - perf powerpc: Fix callchain ip filtering (bnc#1012382). - perf powerpc: Fix callchain ip filtering when return address is in a register (bnc#1012382). - perf probe powerpc: Ignore SyS symbols irrespective of endianness (bnc#1012382). - perf script python: Fix export-to-postgresql.py occasional failure (bnc#1012382). - perf tools: Allow overriding MAX_NR_CPUS at compile time (bnc#1012382). - phy: qcom-ufs: add MODULE_LICENSE tag (bsc#1110468). - pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant (bnc#1012382). - pipe: actually allow root to exceed the pipe buffer limit (git-fixes). - platform/x86: alienware-wmi: Correct a memory leak (bnc#1012382). - platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382). - platform/x86: toshiba_acpi: Fix defined but not used build warnings (bnc#1012382). - pm / core: Clear the direct_complete flag on errors (bnc#1012382). - powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244). - powerpc/fadump: cleanup crash memory ranges support (bsc#1103269). - powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823). - powerpc: Fix size calculation using resource_size() (bnc#1012382). - powerpc/kdump: Handle crashkernel memory reservation failure (bnc#1012382). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244). - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784). - powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363). - powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes). - powerpc/perf/hv-24x7: Fix passing of catalog version number (bsc#1053043). - powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223). - powerpc/powernv: opal_put_chars partial write fix (bnc#1012382). - powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244). - powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Define MCE error event section (bsc#1094244). - powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223). - powerpc/pseries: Display machine check error details (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes). - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158). - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337). - powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337). - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870). - powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333). - powerpc/tm: Fix userspace r13 corruption (bsc#1109333). - power: vexpress: fix corruption in notifier registration (bnc#1012382). - printk: do not spin in printk when in nmi (bsc#1094244). - proc: restrict kernel stack dumps to root (bnc#1012382). - pstore: Fix incorrect persistent ram buffer mapping (bnc#1012382). - qlcnic: fix Tx descriptor corruption on 82xx devices (bnc#1012382). - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bnc#1012382). - raid10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (bnc#1012382). - rculist: add list_for_each_entry_from_rcu() (bsc#1084760). - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760). - rdma/cma: Do not ignore net namespace for unbound cm_id (bnc#1012382). - rdma/cma: Protect cma dev list with lock (bnc#1012382). - rdma/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979). - rdma/ucma: check fd type in ucma_migrate_id() (bnc#1012382). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: change j_timestamp type to time64_t (bnc#1012382). - reiserfs: do not panic on bad directory entries (bsc#1109818). - Revert "arm: imx_v6_v7_defconfig: Select ULPI support" (bnc#1012382). - Revert "dma-buf/sync-file: Avoid enable fence signaling if poll(.timeout=0)" (bsc#1111363). - Revert "drm: Do not pass negative delta to ktime_sub_ns()" (bsc#1106929) - Revert "drm/i915: Initialize HWS page address after GPU reset" (bsc#1106929) - Revert "Drop kernel trampoline stack." This reverts commit 85dead31706c1c1755adff90405ff9861c39c704. - Revert "kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)" This reverts commit edde1f21880e3bfe244c6f98a3733b05b13533dc. - Revert "KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch" (kabi). - Revert "media: v4l: event: Prevent freeing event subscriptions while accessed" (kabi). - Revert "Skip intel_crt_init for Dell XPS 8700" (bsc#1106929) - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" (bnc#1012382). - ring-buffer: Allow for rescheduling when removing pages (bnc#1012382). - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bnc#1012382). - rtc: bq4802: add error handling for devm_ioremap (bnc#1012382). - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (bnc#1012382). - s390/chsc: Add exception handler for CHSC instruction (git-fixes). - s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382). - s390/extmem: fix gcc 8 stringop-overflow warning (bnc#1012382). - s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108315, LTC#171326). - s390/kdump: Fix elfcorehdr size calculation (git-fixes). - s390/kdump: Make elfcorehdr size calculation ABI compliant (git-fixes). - s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934). - s390/mm: correct allocate_pgste proc_handler callback (git-fixes). - s390/qeth: do not dump past end of unknown HW header (bnc#1012382). - s390/qeth: fix race in used-buffer accounting (bnc#1012382). - s390/qeth: handle failure on workqueue creation (git-fixes). - s390/qeth: reset layer2 attribute on layer switch (bnc#1012382). - s390/qeth: use vzalloc for QUERY OAT buffer (bnc#1108315, LTC#171527). - s390: revert ELF_ET_DYN_BASE base changes (git-fixes). - s390/stacktrace: fix address ranges for asynchronous and panic stack (git-fixes). - sched/fair: Fix bandwidth timer clock drift condition (Git-fixes). - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (Git-fixes). - sch_hhf: fix null pointer dereference on init failure (bnc#1012382). - sch_htb: fix crash on init failure (bnc#1012382). - sch_multiq: fix double free on init failure (bnc#1012382). - sch_netem: avoid null pointer deref on init failure (bnc#1012382). - sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382). - scripts: modpost: check memory allocation results (bnc#1012382). - scsi: 3ware: fix return 0 on the error path of probe (bnc#1012382). - scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382). - scsi: bnx2i: add error handling for ioremap_nocache (bnc#1012382). - scsi: ibmvscsi: Improve strings handling (bnc#1012382). - scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336). - scsi: klist: Make it safe to use klists in atomic context (bnc#1012382). - scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427). - scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427). - scsi: qla2xxx: Add longer window for chip reset (bsc#1094555). - scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555). - scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427). - scsi: qla2xxx: Cleanup for N2N code (bsc#1094555). - scsi: qla2xxx: correctly shift host byte (bsc#1094555). - scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555). - scsi: qla2xxx: Delete session for nport id change (bsc#1094555). - scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427). - scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555). - scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555). - scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555). - scsi: qla2xxx: fix error message on cpu_partial unsigned int (bnc#1012382). - smb2: fix missing files in root share directory listing (bnc#1012382). - smb3: fix reset of bytes read and written stats (bnc#1012382). - smb3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382). - sound: enable interrupt after dma buffer initialization (bnc#1012382). - spi: rspi: Fix interrupted DMA transfers (bnc#1012382). - spi: rspi: Fix invalid SPI use during system suspend (bnc#1012382). - spi: sh-msiof: Fix handling of write value for SISTR register (bnc#1012382). - spi: sh-msiof: Fix invalid SPI use during system suspend (bnc#1012382). - spi: tegra20-slink: explicitly enable/disable clock (bnc#1012382). - srcu: Allow use of Tiny/Tree SRCU from both process and interrupt context (bsc#1050549). - staging: android: ashmem: Fix mmap size validation (bnc#1012382). - staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free (bnc#1012382). - staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bnc#1012382). - staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page (bnc#1012382). - staging: rts5208: fix missing error check on call to rtsx_write_register (bnc#1012382). - staging/rts5208: Fix read overflow in memcpy (bnc#1012382). - stmmac: fix valid numbers of unicast filter entries (bnc#1012382). - stop_machine: Atomically queue and wake stopper threads (git-fixes). - target: log Data-Out timeouts as errors (bsc#1095805). - target: log NOP ping timeouts as errors (bsc#1095805). - target: split out helper for cxn timeout error stashing (bsc#1095805). - target: stash sess_err_stats on Data-Out timeout (bsc#1095805). - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805). - tcp: add tcp_ooo_try_coalesce() helper (bnc#1012382). - tcp: call tcp_drop() from tcp_data_queue_ofo() (bnc#1012382). - tcp: do not restart timewait timer on rst reception (bnc#1012382). - tcp: fix a stale ooo_last_skb after a replace (bnc#1012382). - tcp: free batches of packets in tcp_prune_ofo_queue() (bnc#1012382). - tcp: increment sk_drops for dropped rx packets (bnc#1012382). - tcp: use an RB tree for ooo receive queue (bnc#1012382). - team: Forbid enslaving team device to itself (bnc#1012382). - thermal: of-thermal: disable passive polling when thermal zone is disabled (bnc#1012382). - tools: hv: Fix a bug in the key delete code (bnc#1012382). - tools/vm/page-types.c: fix "defined but not used" warning (bnc#1012382). - tools/vm/slabinfo.c: fix sign-compare warning (bnc#1012382). - tsl2550: fix lux1_input error in low light (bnc#1012382). - tty: Drop tty->count on tty_reopen() failure (bnc#1105428). - tty: rocket: Fix possible buffer overwrite on register_PCI (bnc#1012382). - tty: vt_ioctl: fix potential Spectre v1 (bnc#1012382). - ubifs: Check for name being NULL while mounting (bnc#1012382). - ucma: fix a use-after-free in ucma_resolve_ip() (bnc#1012382). - uio: potential double frees if __uio_register_device() fails (bnc#1012382). - Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156). - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bnc#1012382). - usb: Add quirk to support DJI CineSSD (bnc#1012382). - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bnc#1012382). - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() (bnc#1012382). - usb: Do not die twice if PCI xhci host is not responding in resume (bnc#1012382). - usb: fix error handling in usb_driver_claim_interface() (bnc#1012382). - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bnc#1012382). - usb: gadget: serial: fix oops when data rx'd after close (bnc#1012382). - usb: handle NULL config in usb_find_alt_setting() (bnc#1012382). - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bnc#1012382). - usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547). - usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bnc#1012382). - usb: net2280: Fix erroneous synchronization change (bnc#1012382). - usb: remove LPM management from usb_driver_claim_interface() (bnc#1012382). - usb: serial: io_ti: fix array underflow in completion handler (bnc#1012382). - usb: serial: kobil_sct: fix modem-status error handling (bnc#1012382). - usb: serial: simple: add Motorola Tetra MTP6550 id (bnc#1012382). - usb: serial: ti_usb_3410_5052: fix array underflow in completion handler (bnc#1012382). - usb: usbdevfs: restore warning for nonsensical flags (bnc#1012382). - usb: usbdevfs: sanitize flags more (bnc#1012382). - usb: wusbcore: security: cast sizeof to int for comparison (bnc#1012382). - usb: yurex: Check for truncation in yurex_read() (bnc#1012382). - usb: yurex: Fix buffer over-read in yurex_write() (bnc#1012382). - Use upstream version of pci-hyperv change 35a88a18d7 - uwb: hwa-rc: fix memory leak at probe (bnc#1012382). - vfs: do not test owner for NFS in set_posix_acl() (bsc#1103405). - video: goldfishfb: fix memory leak on driver remove (bnc#1012382). - vmci: type promotion bug in qp_host_get_user_memory() (bnc#1012382). - vmw_balloon: include asm/io.h (bnc#1012382). - vti6: remove !skb->ignore_df check from vti6_xmit() (bnc#1012382). - watchdog: w83627hf: Added NCT6102D support (bsc#1106434). - watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434). - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bnc#1012382). - wlcore: Fix memory leak in wlcore_cmd_wait_for_event_or_timeout (git-fixes). - x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006). - x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006). - x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006). - x86/boot: Fix "run_size" calculation (bsc#1110006). - x86/cpufeature: deduplicate X86_FEATURE_L1TF_PTEINV (kabi). - x86/entry/64: Add two more instruction suffixes (bnc#1012382). - x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931). - x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715). - x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931). - x86/fpu: Finish excising 'eagerfpu' (bnc#1012382). - x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006). - x86/fpu: Remove struct fpu::counter (bnc#1012382). - x86/fpu: Remove use_eager_fpu() (bnc#1012382). - x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597). - x86/mm: Remove in_nmi() warning from vmalloc_fault() (bnc#1012382). - x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006). - x86/numa_emulation: Fix emulated-to-physical node mapping (bnc#1012382). - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555). - x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516). - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913). - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913). - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382). - x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913). - x86/time: Correct the attribute on jiffies' definition (bsc#1110006). - x86/tsc: Add missing header to tsc_msr.c (bnc#1012382). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). - x86/vdso: Fix vDSO build if a retpoline is emitted (bsc#1110006). - x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006). - x86/vdso: Only enable vDSO retpolines when enabled and supported (bsc#1110006). - xen: avoid crash in disable_hotplug_cpu (bnc#1012382 bsc#1106594 bsc#1042422). - xen: avoid crash in disable_hotplug_cpu (bsc#1106594). - xen/blkfront: correct purging of persistent grants (bnc#1065600). - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (bnc#1012382). - xen: issue warning message when out of grant maptrack entries (bsc#1105795). - xen/manage: do not complain about an empty value in control/sysrq node (bnc#1012382). - xen/netfront: do not bug in case of too many frags (bnc#1012382). - xen-netfront: fix queue name setting (bnc#1012382). - xen/netfront: fix waiting for xenbus state change (bnc#1012382). - xen-netfront: fix warn message as irq device name has '/' (bnc#1012382). - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bnc#1012382). - xfrm: fix 'passing zero to ERR_PTR()' warning (bnc#1012382). - xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344). - xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344). - xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344). - xfs: add a xfs_iext_update_extent helper (bsc#1095344). - xfs: add comments documenting the rebalance algorithm (bsc#1095344). - xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344). - xfs: add xfs_trim_extent (bsc#1095344). - xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344). - xfs: borrow indirect blocks from freed extent when available (bsc#1095344). - xfs: cleanup xfs_bmap_last_before (bsc#1095344). - xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344). - xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344). - xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344). - xfs: during btree split, save new block key & ptr for future insertion (bsc#1095344). - xfs: factor out a helper to initialize a local format inode fork (bsc#1095344). - xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344). - xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344). - xfs: fix transaction allocation deadlock in IO path (bsc#1090535). - xfs: handle indlen shortage on delalloc extent merge (bsc#1095344). - xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344). - xfs: improve kmem_realloc (bsc#1095344). - xfs: inline xfs_shift_file_space into callers (bsc#1095344). - xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344). - xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344). - xfs: iterate over extents in xfs_iextents_copy (bsc#1095344). - xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344). - xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344). - xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344). - xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344). - xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344). - xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344). - xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344). - xfs: new inode extent list lookup helpers (bsc#1095344). - xfs: only run torn log write detection on dirty logs (bsc#1095753). - xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344). - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344). - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344). - xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344). - xfs: provide helper for counting extents from if_bytes (bsc#1095344). - xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: refactor delalloc indlen reservation split into helper (bsc#1095344). - xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344). - xfs: refactor in-core log state update to helper (bsc#1095753). - xfs: refactor unmount record detection into helper (bsc#1095753). - xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344). - xfs: refactor xfs_bunmapi_cow (bsc#1095344). - xfs: refactor xfs_del_extent_real (bsc#1095344). - xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344). - xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344). - xfs: remove if_rdev (bsc#1095344). - xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344). - xfs: remove support for inlining data/extents into the inode fork (bsc#1095344). - xfs: remove the never fully implemented UUID fork format (bsc#1095344). - xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344). - xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344). - xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344). - xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344). - xfs: remove xfs_bmbt_get_state (bsc#1095344). - xfs: remove xfs_bmse_shift_one (bsc#1095344). - xfs: rename bno to end in __xfs_bunmapi (bsc#1095344). - xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344). - xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344). - xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344). - xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344). - xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344). - xfs: separate log head record discovery from verification (bsc#1095753). - xfs: simplify the xfs_getbmap interface (bsc#1095344). - xfs: simplify validation of the unwritten extent bit (bsc#1095344). - xfs: split indlen reservations fairly when under reserved (bsc#1095344). - xfs: split xfs_bmap_shift_extents (bsc#1095344). - xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344). - xfs: update freeblocks counter after extent deletion (bsc#1095344). - xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344). - xfs: use a b+tree for the in-core extent list (bsc#1095344). - xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344). - xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344). - xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344). - xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344). - xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344). - xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344). - xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344). - xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344). - xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344). - xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344). - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bnc#1012382). - xhci: Do not print a warning when setting link state for disabled ports (bnc#1012382). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 12-SP3: zypper in -t patch SUSE-SLE-RT-12-SP3-2018-2610=1 Package List: - SUSE Linux Enterprise Real Time Extension 12-SP3 (x86_64): cluster-md-kmp-rt-4.4.162-3.26.1 cluster-md-kmp-rt-debuginfo-4.4.162-3.26.1 dlm-kmp-rt-4.4.162-3.26.1 dlm-kmp-rt-debuginfo-4.4.162-3.26.1 gfs2-kmp-rt-4.4.162-3.26.1 gfs2-kmp-rt-debuginfo-4.4.162-3.26.1 kernel-rt-4.4.162-3.26.1 kernel-rt-base-4.4.162-3.26.1 kernel-rt-base-debuginfo-4.4.162-3.26.1 kernel-rt-debuginfo-4.4.162-3.26.1 kernel-rt-debugsource-4.4.162-3.26.1 kernel-rt-devel-4.4.162-3.26.1 kernel-rt_debug-debuginfo-4.4.162-3.26.1 kernel-rt_debug-debugsource-4.4.162-3.26.1 kernel-rt_debug-devel-4.4.162-3.26.1 kernel-rt_debug-devel-debuginfo-4.4.162-3.26.1 kernel-syms-rt-4.4.162-3.26.1 ocfs2-kmp-rt-4.4.162-3.26.1 ocfs2-kmp-rt-debuginfo-4.4.162-3.26.1 - SUSE Linux Enterprise Real Time Extension 12-SP3 (noarch): kernel-devel-rt-4.4.162-3.26.1 kernel-source-rt-4.4.162-3.26.1 References: https://www.suse.com/security/cve/CVE-2018-14613.html https://www.suse.com/security/cve/CVE-2018-14617.html https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-16276.html https://www.suse.com/security/cve/CVE-2018-16597.html https://www.suse.com/security/cve/CVE-2018-17182.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-7480.html https://www.suse.com/security/cve/CVE-2018-7757.html https://www.suse.com/security/cve/CVE-2018-9516.html https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1042422 https://bugzilla.suse.com/1044189 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1050549 https://bugzilla.suse.com/1053043 https://bugzilla.suse.com/1063026 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065726 https://bugzilla.suse.com/1066223 https://bugzilla.suse.com/1067906 https://bugzilla.suse.com/1079524 https://bugzilla.suse.com/1082519 https://bugzilla.suse.com/1082863 https://bugzilla.suse.com/1082979 https://bugzilla.suse.com/1084427 https://bugzilla.suse.com/1084536 https://bugzilla.suse.com/1084760 https://bugzilla.suse.com/1088087 https://bugzilla.suse.com/1089343 https://bugzilla.suse.com/1090535 https://bugzilla.suse.com/1091158 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094555 https://bugzilla.suse.com/1094562 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1095344 https://bugzilla.suse.com/1095753 https://bugzilla.suse.com/1095805 https://bugzilla.suse.com/1096052 https://bugzilla.suse.com/1096547 https://bugzilla.suse.com/1099597 https://bugzilla.suse.com/1099810 https://bugzilla.suse.com/1101555 https://bugzilla.suse.com/1102495 https://bugzilla.suse.com/1102715 https://bugzilla.suse.com/1102870 https://bugzilla.suse.com/1102875 https://bugzilla.suse.com/1102877 https://bugzilla.suse.com/1102879 https://bugzilla.suse.com/1102882 https://bugzilla.suse.com/1102896 https://bugzilla.suse.com/1103156 https://bugzilla.suse.com/1103269 https://bugzilla.suse.com/1103308 https://bugzilla.suse.com/1103405 https://bugzilla.suse.com/1105428 https://bugzilla.suse.com/1105795 https://bugzilla.suse.com/1105931 https://bugzilla.suse.com/1106095 https://bugzilla.suse.com/1106105 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1106293 https://bugzilla.suse.com/1106359 https://bugzilla.suse.com/1106434 https://bugzilla.suse.com/1106512 https://bugzilla.suse.com/1106594 https://bugzilla.suse.com/1106913 https://bugzilla.suse.com/1106929 https://bugzilla.suse.com/1106934 https://bugzilla.suse.com/1107060 https://bugzilla.suse.com/1107299 https://bugzilla.suse.com/1107318 https://bugzilla.suse.com/1107535 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107924 https://bugzilla.suse.com/1108096 https://bugzilla.suse.com/1108170 https://bugzilla.suse.com/1108240 https://bugzilla.suse.com/1108315 https://bugzilla.suse.com/1108377 https://bugzilla.suse.com/1108399 https://bugzilla.suse.com/1108498 https://bugzilla.suse.com/1108803 https://bugzilla.suse.com/1108823 https://bugzilla.suse.com/1109158 https://bugzilla.suse.com/1109333 https://bugzilla.suse.com/1109336 https://bugzilla.suse.com/1109337 https://bugzilla.suse.com/1109441 https://bugzilla.suse.com/1109784 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1109907 https://bugzilla.suse.com/1109919 https://bugzilla.suse.com/1109923 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110297 https://bugzilla.suse.com/1110337 https://bugzilla.suse.com/1110363 https://bugzilla.suse.com/1110468 https://bugzilla.suse.com/1110600 https://bugzilla.suse.com/1110601 https://bugzilla.suse.com/1110602 https://bugzilla.suse.com/1110603 https://bugzilla.suse.com/1110604 https://bugzilla.suse.com/1110605 https://bugzilla.suse.com/1110606 https://bugzilla.suse.com/1110611 https://bugzilla.suse.com/1110612 https://bugzilla.suse.com/1110613 https://bugzilla.suse.com/1110614 https://bugzilla.suse.com/1110615 https://bugzilla.suse.com/1110616 https://bugzilla.suse.com/1110618 https://bugzilla.suse.com/1110619 https://bugzilla.suse.com/1110930 https://bugzilla.suse.com/1111363 https://bugzilla.suse.com/1111516 https://bugzilla.suse.com/1111870 https://bugzilla.suse.com/1112007 https://bugzilla.suse.com/1112262 https://bugzilla.suse.com/1112263 From sle-security-updates at lists.suse.com Thu Nov 8 13:09:16 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 8 Nov 2018 21:09:16 +0100 (CET) Subject: SUSE-SU-2018:3680-1: moderate: Security update for xorg-x11-server Message-ID: <20181108200916.6E987FFD6@maintenance.suse.de> SUSE Security Update: Security update for xorg-x11-server ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3680-1 Rating: moderate References: #1112020 Cross-References: CVE-2018-14665 Affected Products: SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xorg-x11-server fixes the following issues: - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges (bsc#1112020, Note that SUSE by default does not run with elevated privileges, so the default installation is not affected by this problem. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2018-2617=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2617=1 - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2617=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2617=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (x86_64): xorg-x11-server-debuginfo-1.19.6-8.3.2 xorg-x11-server-debugsource-1.19.6-8.3.2 xorg-x11-server-wayland-1.19.6-8.3.2 xorg-x11-server-wayland-debuginfo-1.19.6-8.3.2 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): xorg-x11-server-debuginfo-1.19.6-8.3.2 xorg-x11-server-debugsource-1.19.6-8.3.2 xorg-x11-server-source-1.19.6-8.3.2 - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64): xorg-x11-server-debuginfo-1.19.6-8.3.2 xorg-x11-server-debugsource-1.19.6-8.3.2 xorg-x11-server-sdk-1.19.6-8.3.2 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): xorg-x11-server-1.19.6-8.3.2 xorg-x11-server-debuginfo-1.19.6-8.3.2 xorg-x11-server-debugsource-1.19.6-8.3.2 xorg-x11-server-extra-1.19.6-8.3.2 xorg-x11-server-extra-debuginfo-1.19.6-8.3.2 References: https://www.suse.com/security/cve/CVE-2018-14665.html https://bugzilla.suse.com/1112020 From sle-security-updates at lists.suse.com Thu Nov 8 13:09:52 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 8 Nov 2018 21:09:52 +0100 (CET) Subject: SUSE-SU-2018:3681-1: moderate: Security update for curl Message-ID: <20181108200952.955C7FFD6@maintenance.suse.de> SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3681-1 Rating: moderate References: #1112758 #1113660 Cross-References: CVE-2018-16840 CVE-2018-16842 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for curl fixes the following issues: - CVE-2018-16840: A use-after-free in SASL handle close was fixed (bsc#1112758) - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-curl-13861=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-curl-13861=1 - SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-curl-13861=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-curl-13861=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libcurl-devel-7.37.0-70.38.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): curl-7.37.0-70.38.1 libcurl4-7.37.0-70.38.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libcurl4-32bit-7.37.0-70.38.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libcurl4-x86-7.37.0-70.38.1 - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): curl-openssl1-7.37.0-70.38.1 libcurl4-openssl1-7.37.0-70.38.1 - SUSE Linux Enterprise Server 11-SECURITY (ppc64 s390x x86_64): libcurl4-openssl1-32bit-7.37.0-70.38.1 - SUSE Linux Enterprise Server 11-SECURITY (ia64): libcurl4-openssl1-x86-7.37.0-70.38.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): curl-debuginfo-7.37.0-70.38.1 curl-debugsource-7.37.0-70.38.1 References: https://www.suse.com/security/cve/CVE-2018-16840.html https://www.suse.com/security/cve/CVE-2018-16842.html https://bugzilla.suse.com/1112758 https://bugzilla.suse.com/1113660 From sle-security-updates at lists.suse.com Thu Nov 8 13:11:16 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 8 Nov 2018 21:11:16 +0100 (CET) Subject: SUSE-SU-2018:3683-1: moderate: Security update for libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1 Message-ID: <20181108201116.9B154FFD6@maintenance.suse.de> SUSE Security Update: Security update for libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3683-1 Rating: moderate References: #1050305 #1088263 #1091606 #1094779 #1095601 #1095639 #1096360 #1098891 #1104876 Cross-References: CVE-2018-10583 Affected Products: SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Packagehub Subpackages 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves one vulnerability and has 8 fixes is now available. Description: This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues: LibreOffice was updated to 6.1.3.2 (fate#326624) and contains new features and lots of bugfixes: The full changelog can be found on: https://wiki.documentfoundation.org/ReleaseNotes/6.1 Bugfixes: - bsc#1095639 Exporting to PPTX results in vertical labels being shown horizontally - bsc#1098891 Table in PPTX misplaced and partly blue - bsc#1088263 Labels in chart change (from white and other colors) to black when saving as PPTX - bsc#1095601 Exporting to PPTX shifts arrow shapes quite a bit - Add more translations: * Belarusian * Bodo * Dogri * Frisian * Gaelic * Paraguayan_Guaran * Upper_Sorbian * Konkani * Kashmiri * Luxembourgish * Monglolian * Manipuri * Burnese * Occitan * Kinyarwanda * Santali * Sanskrit * Sindhi * Sidamo * Tatar * Uzbek * Upper Sorbian * Venetian * Amharic * Asturian * Tibetian * Bosnian * English GB * English ZA * Indonesian * Icelandic * Georgian * Khmer * Lao * Macedonian * Nepali * Oromo * Albanian * Tajik * Uyghur * Vietnamese * Kurdish - Try to build all languages see bsc#1096360 - Make sure to install the KDE5/Qt5 UI/filepicker - Try to implement safeguarding to avoid bsc#1050305 - Disable base-drivers-mysql as it needs mysqlcppcon that is only for mysql and not mariadb, causes issues bsc#1094779 * Users can still connect using jdbc/odbc - Fix java detection on machines with too many cpus - CVE-2018-10583: An information disclosure vulnerability occured when LibreOffice automatically processed and initiated an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. (bsc#1091606) libepubgen was updated to 0.1.1: - Avoid
inside

or . - Avoid writin vertical-align attribute without a value. - Fix generation of invalid XHTML when there is a link starting at the beginning of a footnote. - Handle relative width for images. - Fixed layout: write chapter names to improve navigation. - Support writing mode. - Start a new HTML file at every page span in addition to the splits induced by the chosen split method. This is to ensure that specified writing mode works correctly, as it is HTML attribute. liblangtag was updated to 0.6.2: - use standard function - fix leak in test libmwaw was updated to 0.3.14: - Support MS Multiplan 1.1 files libnumbertext was update to 1.0.5: - Various fixes in numerical calculations and issues reported on libreoffice tracker libstaroffice was updated to 0.0.6: - retrieve some StarMath's formula, - retrieve some charts as graphic, - retrieve some fields in sda/sdc/sdp text-boxes, - .sdw: retrieve more attachments. libwps was updated to 0.4.9: - QuattroPro: add parser to .wb3 files - Multiplan: add parser to DOS v1-v3 files - charts: try to retrieve charts in .wk*, .wq* files - QuattroPro: add parser to .wb[12] files myspell-dictionaries was updated to 20181025: - Turkish dictionary added - Updated French dictionary xmlsec1 was updated to 1.2.26: - Added xmlsec-mscng module based on Microsoft Cryptography API: Next Generation - Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R 34.10-2001 in xmlsec-mscrypto Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2018-2616=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2616=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2616=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2616=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (x86_64): libepubgen-0_1-1-0.1.1-3.3.1 libepubgen-0_1-1-debuginfo-0.1.1-3.3.1 libepubgen-debugsource-0.1.1-3.3.1 libepubgen-devel-0.1.1-3.3.1 liblangtag-debugsource-0.6.2-3.3.1 liblangtag-devel-0.6.2-3.3.1 liblangtag1-0.6.2-3.3.1 liblangtag1-debuginfo-0.6.2-3.3.1 libmwaw-0_3-3-0.3.14-4.3.1 libmwaw-0_3-3-debuginfo-0.3.14-4.3.1 libmwaw-debuginfo-0.3.14-4.3.1 libmwaw-debugsource-0.3.14-4.3.1 libnumbertext-1_0-0-1.0.5-1.3.1 libnumbertext-data-1.0.5-1.3.1 libnumbertext-debuginfo-1.0.5-1.3.1 libnumbertext-debugsource-1.0.5-1.3.1 libreoffice-6.1.3.2-3.7.3 libreoffice-base-6.1.3.2-3.7.3 libreoffice-base-debuginfo-6.1.3.2-3.7.3 libreoffice-base-drivers-postgresql-6.1.3.2-3.7.3 libreoffice-base-drivers-postgresql-debuginfo-6.1.3.2-3.7.3 libreoffice-calc-6.1.3.2-3.7.3 libreoffice-calc-debuginfo-6.1.3.2-3.7.3 libreoffice-calc-extensions-6.1.3.2-3.7.3 libreoffice-debuginfo-6.1.3.2-3.7.3 libreoffice-debugsource-6.1.3.2-3.7.3 libreoffice-draw-6.1.3.2-3.7.3 libreoffice-draw-debuginfo-6.1.3.2-3.7.3 libreoffice-filters-optional-6.1.3.2-3.7.3 libreoffice-gnome-6.1.3.2-3.7.3 libreoffice-gnome-debuginfo-6.1.3.2-3.7.3 libreoffice-gtk3-6.1.3.2-3.7.3 libreoffice-gtk3-debuginfo-6.1.3.2-3.7.3 libreoffice-impress-6.1.3.2-3.7.3 libreoffice-impress-debuginfo-6.1.3.2-3.7.3 libreoffice-mailmerge-6.1.3.2-3.7.3 libreoffice-math-6.1.3.2-3.7.3 libreoffice-math-debuginfo-6.1.3.2-3.7.3 libreoffice-officebean-6.1.3.2-3.7.3 libreoffice-officebean-debuginfo-6.1.3.2-3.7.3 libreoffice-pyuno-6.1.3.2-3.7.3 libreoffice-pyuno-debuginfo-6.1.3.2-3.7.3 libreoffice-writer-6.1.3.2-3.7.3 libreoffice-writer-debuginfo-6.1.3.2-3.7.3 libreoffice-writer-extensions-6.1.3.2-3.7.3 libreofficekit-6.1.3.2-3.7.3 libstaroffice-0_0-0-0.0.6-3.3.1 libstaroffice-0_0-0-debuginfo-0.0.6-3.3.1 libstaroffice-debuginfo-0.0.6-3.3.1 libstaroffice-debugsource-0.0.6-3.3.1 libwps-0_4-4-0.4.9-3.3.1 libwps-0_4-4-debuginfo-0.4.9-3.3.1 libwps-debuginfo-0.4.9-3.3.1 libwps-debugsource-0.4.9-3.3.1 libwps-devel-0.4.9-3.3.1 libxmlsec1-1-1.2.26-3.3.1 libxmlsec1-1-debuginfo-1.2.26-3.3.1 libxmlsec1-nss1-1.2.26-3.3.1 libxmlsec1-nss1-debuginfo-1.2.26-3.3.1 libxmlsec1-openssl1-1.2.26-3.3.1 libxmlsec1-openssl1-debuginfo-1.2.26-3.3.1 xmlsec1-debuginfo-1.2.26-3.3.1 xmlsec1-debugsource-1.2.26-3.3.1 xmlsec1-devel-1.2.26-3.3.1 xmlsec1-nss-devel-1.2.26-3.3.1 xmlsec1-openssl-devel-1.2.26-3.3.1 - SUSE Linux Enterprise Workstation Extension 15 (noarch): libreoffice-branding-upstream-6.1.3.2-3.7.3 libreoffice-icon-themes-6.1.3.2-3.7.3 libreoffice-l10n-af-6.1.3.2-3.7.3 libreoffice-l10n-ar-6.1.3.2-3.7.3 libreoffice-l10n-as-6.1.3.2-3.7.3 libreoffice-l10n-bg-6.1.3.2-3.7.3 libreoffice-l10n-bn-6.1.3.2-3.7.3 libreoffice-l10n-br-6.1.3.2-3.7.3 libreoffice-l10n-ca-6.1.3.2-3.7.3 libreoffice-l10n-cs-6.1.3.2-3.7.3 libreoffice-l10n-cy-6.1.3.2-3.7.3 libreoffice-l10n-da-6.1.3.2-3.7.3 libreoffice-l10n-de-6.1.3.2-3.7.3 libreoffice-l10n-dz-6.1.3.2-3.7.3 libreoffice-l10n-el-6.1.3.2-3.7.3 libreoffice-l10n-en-6.1.3.2-3.7.3 libreoffice-l10n-eo-6.1.3.2-3.7.3 libreoffice-l10n-es-6.1.3.2-3.7.3 libreoffice-l10n-et-6.1.3.2-3.7.3 libreoffice-l10n-eu-6.1.3.2-3.7.3 libreoffice-l10n-fa-6.1.3.2-3.7.3 libreoffice-l10n-fi-6.1.3.2-3.7.3 libreoffice-l10n-fr-6.1.3.2-3.7.3 libreoffice-l10n-ga-6.1.3.2-3.7.3 libreoffice-l10n-gl-6.1.3.2-3.7.3 libreoffice-l10n-gu-6.1.3.2-3.7.3 libreoffice-l10n-he-6.1.3.2-3.7.3 libreoffice-l10n-hi-6.1.3.2-3.7.3 libreoffice-l10n-hr-6.1.3.2-3.7.3 libreoffice-l10n-hu-6.1.3.2-3.7.3 libreoffice-l10n-it-6.1.3.2-3.7.3 libreoffice-l10n-ja-6.1.3.2-3.7.3 libreoffice-l10n-kk-6.1.3.2-3.7.3 libreoffice-l10n-kn-6.1.3.2-3.7.3 libreoffice-l10n-ko-6.1.3.2-3.7.3 libreoffice-l10n-lt-6.1.3.2-3.7.3 libreoffice-l10n-lv-6.1.3.2-3.7.3 libreoffice-l10n-mai-6.1.3.2-3.7.3 libreoffice-l10n-ml-6.1.3.2-3.7.3 libreoffice-l10n-mr-6.1.3.2-3.7.3 libreoffice-l10n-nb-6.1.3.2-3.7.3 libreoffice-l10n-nl-6.1.3.2-3.7.3 libreoffice-l10n-nn-6.1.3.2-3.7.3 libreoffice-l10n-nr-6.1.3.2-3.7.3 libreoffice-l10n-nso-6.1.3.2-3.7.3 libreoffice-l10n-or-6.1.3.2-3.7.3 libreoffice-l10n-pa-6.1.3.2-3.7.3 libreoffice-l10n-pl-6.1.3.2-3.7.3 libreoffice-l10n-pt_BR-6.1.3.2-3.7.3 libreoffice-l10n-pt_PT-6.1.3.2-3.7.3 libreoffice-l10n-ro-6.1.3.2-3.7.3 libreoffice-l10n-ru-6.1.3.2-3.7.3 libreoffice-l10n-si-6.1.3.2-3.7.3 libreoffice-l10n-sk-6.1.3.2-3.7.3 libreoffice-l10n-sl-6.1.3.2-3.7.3 libreoffice-l10n-sr-6.1.3.2-3.7.3 libreoffice-l10n-ss-6.1.3.2-3.7.3 libreoffice-l10n-st-6.1.3.2-3.7.3 libreoffice-l10n-sv-6.1.3.2-3.7.3 libreoffice-l10n-ta-6.1.3.2-3.7.3 libreoffice-l10n-te-6.1.3.2-3.7.3 libreoffice-l10n-th-6.1.3.2-3.7.3 libreoffice-l10n-tn-6.1.3.2-3.7.3 libreoffice-l10n-tr-6.1.3.2-3.7.3 libreoffice-l10n-ts-6.1.3.2-3.7.3 libreoffice-l10n-uk-6.1.3.2-3.7.3 libreoffice-l10n-ve-6.1.3.2-3.7.3 libreoffice-l10n-xh-6.1.3.2-3.7.3 libreoffice-l10n-zh_CN-6.1.3.2-3.7.3 libreoffice-l10n-zh_TW-6.1.3.2-3.7.3 libreoffice-l10n-zu-6.1.3.2-3.7.3 myspell-af_ZA-20181025-3.6.1 myspell-ar-20181025-3.6.1 myspell-bg_BG-20181025-3.6.1 myspell-bn_BD-20181025-3.6.1 myspell-br_FR-20181025-3.6.1 myspell-ca-20181025-3.6.1 myspell-cs_CZ-20181025-3.6.1 myspell-da_DK-20181025-3.6.1 myspell-el_GR-20181025-3.6.1 myspell-et_EE-20181025-3.6.1 myspell-fr_FR-20181025-3.6.1 myspell-gl-20181025-3.6.1 myspell-gu_IN-20181025-3.6.1 myspell-he_IL-20181025-3.6.1 myspell-hi_IN-20181025-3.6.1 myspell-hr_HR-20181025-3.6.1 myspell-it_IT-20181025-3.6.1 myspell-lt_LT-20181025-3.6.1 myspell-lv_LV-20181025-3.6.1 myspell-nl_NL-20181025-3.6.1 myspell-nn_NO-20181025-3.6.1 myspell-pl_PL-20181025-3.6.1 myspell-pt_PT-20181025-3.6.1 myspell-si_LK-20181025-3.6.1 myspell-sk_SK-20181025-3.6.1 myspell-sl_SI-20181025-3.6.1 myspell-sr-20181025-3.6.1 myspell-sv_SE-20181025-3.6.1 myspell-te_IN-20181025-3.6.1 myspell-th_TH-20181025-3.6.1 myspell-tr_TR-20181025-3.6.1 myspell-uk_UA-20181025-3.6.1 myspell-zu_ZA-20181025-3.6.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64): libxmlsec1-gcrypt1-1.2.26-3.3.1 libxmlsec1-gcrypt1-debuginfo-1.2.26-3.3.1 libxmlsec1-gnutls1-1.2.26-3.3.1 libxmlsec1-gnutls1-debuginfo-1.2.26-3.3.1 libxmlsec1-openssl1-1.2.26-3.3.1 libxmlsec1-openssl1-debuginfo-1.2.26-3.3.1 xmlsec1-debuginfo-1.2.26-3.3.1 xmlsec1-debugsource-1.2.26-3.3.1 xmlsec1-gnutls-devel-1.2.26-3.3.1 xmlsec1-openssl-devel-1.2.26-3.3.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): libmwaw-debuginfo-0.3.14-4.3.1 libmwaw-debugsource-0.3.14-4.3.1 libmwaw-devel-0.3.14-4.3.1 libmwaw-tools-0.3.14-4.3.1 libmwaw-tools-debuginfo-0.3.14-4.3.1 libstaroffice-debuginfo-0.0.6-3.3.1 libstaroffice-debugsource-0.0.6-3.3.1 libstaroffice-devel-0.0.6-3.3.1 libstaroffice-tools-0.0.6-3.3.1 libstaroffice-tools-debuginfo-0.0.6-3.3.1 libwps-debuginfo-0.4.9-3.3.1 libwps-debugsource-0.4.9-3.3.1 libwps-tools-0.4.9-3.3.1 libwps-tools-debuginfo-0.4.9-3.3.1 libxmlsec1-gcrypt1-1.2.26-3.3.1 libxmlsec1-gcrypt1-debuginfo-1.2.26-3.3.1 libxmlsec1-gnutls1-1.2.26-3.3.1 libxmlsec1-gnutls1-debuginfo-1.2.26-3.3.1 libxmlsec1-openssl1-1.2.26-3.3.1 libxmlsec1-openssl1-debuginfo-1.2.26-3.3.1 xmlsec1-1.2.26-3.3.1 xmlsec1-debuginfo-1.2.26-3.3.1 xmlsec1-debugsource-1.2.26-3.3.1 xmlsec1-gcrypt-devel-1.2.26-3.3.1 xmlsec1-gnutls-devel-1.2.26-3.3.1 xmlsec1-openssl-devel-1.2.26-3.3.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): libepubgen-devel-doc-0.1.1-3.3.1 liblangtag-doc-0.6.2-3.3.1 libmwaw-devel-doc-0.3.14-4.3.1 libstaroffice-devel-doc-0.0.6-3.3.1 myspell-af_NA-20181025-3.6.1 myspell-an-20181025-3.6.1 myspell-an_ES-20181025-3.6.1 myspell-ar_AE-20181025-3.6.1 myspell-ar_BH-20181025-3.6.1 myspell-ar_DZ-20181025-3.6.1 myspell-ar_EG-20181025-3.6.1 myspell-ar_IQ-20181025-3.6.1 myspell-ar_JO-20181025-3.6.1 myspell-ar_KW-20181025-3.6.1 myspell-ar_LB-20181025-3.6.1 myspell-ar_LY-20181025-3.6.1 myspell-ar_MA-20181025-3.6.1 myspell-ar_OM-20181025-3.6.1 myspell-ar_QA-20181025-3.6.1 myspell-ar_SA-20181025-3.6.1 myspell-ar_SD-20181025-3.6.1 myspell-ar_SY-20181025-3.6.1 myspell-ar_TN-20181025-3.6.1 myspell-ar_YE-20181025-3.6.1 myspell-be_BY-20181025-3.6.1 myspell-bn_IN-20181025-3.6.1 myspell-bo-20181025-3.6.1 myspell-bo_CN-20181025-3.6.1 myspell-bo_IN-20181025-3.6.1 myspell-bs-20181025-3.6.1 myspell-bs_BA-20181025-3.6.1 myspell-ca_AD-20181025-3.6.1 myspell-ca_ES-20181025-3.6.1 myspell-ca_ES_valencia-20181025-3.6.1 myspell-ca_FR-20181025-3.6.1 myspell-ca_IT-20181025-3.6.1 myspell-de_AT-20181025-3.6.1 myspell-de_CH-20181025-3.6.1 myspell-en_AU-20181025-3.6.1 myspell-en_BS-20181025-3.6.1 myspell-en_BZ-20181025-3.6.1 myspell-en_CA-20181025-3.6.1 myspell-en_GB-20181025-3.6.1 myspell-en_GH-20181025-3.6.1 myspell-en_IE-20181025-3.6.1 myspell-en_IN-20181025-3.6.1 myspell-en_JM-20181025-3.6.1 myspell-en_MW-20181025-3.6.1 myspell-en_NA-20181025-3.6.1 myspell-en_NZ-20181025-3.6.1 myspell-en_PH-20181025-3.6.1 myspell-en_TT-20181025-3.6.1 myspell-en_ZA-20181025-3.6.1 myspell-en_ZW-20181025-3.6.1 myspell-es_AR-20181025-3.6.1 myspell-es_BO-20181025-3.6.1 myspell-es_CL-20181025-3.6.1 myspell-es_CO-20181025-3.6.1 myspell-es_CR-20181025-3.6.1 myspell-es_CU-20181025-3.6.1 myspell-es_DO-20181025-3.6.1 myspell-es_EC-20181025-3.6.1 myspell-es_GT-20181025-3.6.1 myspell-es_HN-20181025-3.6.1 myspell-es_MX-20181025-3.6.1 myspell-es_NI-20181025-3.6.1 myspell-es_PA-20181025-3.6.1 myspell-es_PE-20181025-3.6.1 myspell-es_PR-20181025-3.6.1 myspell-es_PY-20181025-3.6.1 myspell-es_SV-20181025-3.6.1 myspell-es_UY-20181025-3.6.1 myspell-es_VE-20181025-3.6.1 myspell-fr_BE-20181025-3.6.1 myspell-fr_CA-20181025-3.6.1 myspell-fr_CH-20181025-3.6.1 myspell-fr_LU-20181025-3.6.1 myspell-fr_MC-20181025-3.6.1 myspell-gd_GB-20181025-3.6.1 myspell-gl_ES-20181025-3.6.1 myspell-gug-20181025-3.6.1 myspell-gug_PY-20181025-3.6.1 myspell-is-20181025-3.6.1 myspell-is_IS-20181025-3.6.1 myspell-kmr_Latn-20181025-3.6.1 myspell-kmr_Latn_SY-20181025-3.6.1 myspell-kmr_Latn_TR-20181025-3.6.1 myspell-lo_LA-20181025-3.6.1 myspell-ne_NP-20181025-3.6.1 myspell-nl_BE-20181025-3.6.1 myspell-nn_NO-20181025-3.6.1 myspell-oc_FR-20181025-3.6.1 myspell-pt_AO-20181025-3.6.1 myspell-sq_AL-20181025-3.6.1 myspell-sr_CS-20181025-3.6.1 myspell-sr_Latn_CS-20181025-3.6.1 myspell-sr_Latn_RS-20181025-3.6.1 myspell-sr_RS-20181025-3.6.1 myspell-sv_FI-20181025-3.6.1 myspell-sw_TZ-20181025-3.6.1 myspell-te-20181025-3.6.1 myspell-vi-20181025-3.6.1 myspell-vi_VN-20181025-3.6.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): myspell-dictionaries-20181025-3.6.1 myspell-lightproof-en-20181025-3.6.1 myspell-lightproof-hu_HU-20181025-3.6.1 myspell-lightproof-pt_BR-20181025-3.6.1 myspell-lightproof-ru_RU-20181025-3.6.1 - SUSE Linux Enterprise Module for Basesystem 15 (noarch): myspell-de-20181025-3.6.1 myspell-de_DE-20181025-3.6.1 myspell-en-20181025-3.6.1 myspell-en_US-20181025-3.6.1 myspell-es-20181025-3.6.1 myspell-es_ES-20181025-3.6.1 myspell-hu_HU-20181025-3.6.1 myspell-nb_NO-20181025-3.6.1 myspell-no-20181025-3.6.1 myspell-pt_BR-20181025-3.6.1 myspell-ro-20181025-3.6.1 myspell-ro_RO-20181025-3.6.1 myspell-ru_RU-20181025-3.6.1 References: https://www.suse.com/security/cve/CVE-2018-10583.html https://bugzilla.suse.com/1050305 https://bugzilla.suse.com/1088263 https://bugzilla.suse.com/1091606 https://bugzilla.suse.com/1094779 https://bugzilla.suse.com/1095601 https://bugzilla.suse.com/1095639 https://bugzilla.suse.com/1096360 https://bugzilla.suse.com/1098891 https://bugzilla.suse.com/1104876 From sle-security-updates at lists.suse.com Thu Nov 8 13:13:52 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 8 Nov 2018 21:13:52 +0100 (CET) Subject: SUSE-SU-2018:3685-1: Security update for libxkbcommon Message-ID: <20181108201352.887A4FFD6@maintenance.suse.de> SUSE Security Update: Security update for libxkbcommon ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3685-1 Rating: low References: #1105832 Cross-References: CVE-2018-15853 CVE-2018-15854 CVE-2018-15855 CVE-2018-15856 CVE-2018-15857 CVE-2018-15858 CVE-2018-15859 CVE-2018-15861 CVE-2018-15862 CVE-2018-15863 CVE-2018-15864 Affected Products: SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for libxkbcommon to version 0.8.2 fixes the following issues: - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser. - CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation (bsc#1105832). - CVE-2018-15854: Unchecked NULL pointer usage could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly (bsc#1105832). - CVE-2018-15855: Unchecked NULL pointer usage could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled (bsc#1105832). - CVE-2018-15856: An infinite loop when reaching EOL unexpectedly could be used by local attackers to cause a denial of service during parsing of crafted keymap files (bsc#1105832). - CVE-2018-15857: An invalid free in ExprAppendMultiKeysymList could have been used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file (bsc#1105832). - CVE-2018-15858: Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file (bsc#1105832). - CVE-2018-15859: Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled (bsc#1105832). - CVE-2018-15861: Unchecked NULL pointer usage in ExprResolveLhs could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure (bsc#1105832). - CVE-2018-15862: Unchecked NULL pointer usage in LookupModMask could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers (bsc#1105832). - CVE-2018-15863: Unchecked NULL pointer usage in ResolveStateAndPredicate could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression (bsc#1105832). - CVE-2018-15864: Unchecked NULL pointer usage in resolve_keysym could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created (bsc#1105832). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2620=1 Package List: - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): libxkbcommon-debugsource-0.8.2-3.3.1 libxkbcommon-devel-0.8.2-3.3.1 libxkbcommon-x11-0-0.8.2-3.3.1 libxkbcommon-x11-0-debuginfo-0.8.2-3.3.1 libxkbcommon-x11-devel-0.8.2-3.3.1 libxkbcommon0-0.8.2-3.3.1 libxkbcommon0-debuginfo-0.8.2-3.3.1 References: https://www.suse.com/security/cve/CVE-2018-15853.html https://www.suse.com/security/cve/CVE-2018-15854.html https://www.suse.com/security/cve/CVE-2018-15855.html https://www.suse.com/security/cve/CVE-2018-15856.html https://www.suse.com/security/cve/CVE-2018-15857.html https://www.suse.com/security/cve/CVE-2018-15858.html https://www.suse.com/security/cve/CVE-2018-15859.html https://www.suse.com/security/cve/CVE-2018-15861.html https://www.suse.com/security/cve/CVE-2018-15862.html https://www.suse.com/security/cve/CVE-2018-15863.html https://www.suse.com/security/cve/CVE-2018-15864.html https://bugzilla.suse.com/1105832 From sle-security-updates at lists.suse.com Thu Nov 8 13:14:28 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 8 Nov 2018 21:14:28 +0100 (CET) Subject: SUSE-SU-2018:3686-1: moderate: Security update for openssh Message-ID: <20181108201428.2621EFFD6@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3686-1 Rating: moderate References: #1081947 #1091396 #1105010 #1106163 #964336 Cross-References: CVE-2018-15473 CVE-2018-15919 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for openssh fixes the following issues: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability. (bsc#1106163) - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010) The following non-security issues were fixed: - Stop leaking File descriptors (bsc#964336) - sftp-client.c returns wrong error code upon failure (bsc#1091396) - added pam_keyinit to pam configuration file (bsc#1081947) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2018-2619=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2619=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2619=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2619=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): openssh-debuginfo-7.6p1-9.3.1 openssh-debugsource-7.6p1-9.3.1 openssh-fips-7.6p1-9.3.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): openssh-cavs-7.6p1-9.3.1 openssh-cavs-debuginfo-7.6p1-9.3.1 openssh-debuginfo-7.6p1-9.3.1 openssh-debugsource-7.6p1-9.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): openssh-askpass-gnome-7.6p1-9.3.1 openssh-askpass-gnome-debuginfo-7.6p1-9.3.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): openssh-7.6p1-9.3.1 openssh-debuginfo-7.6p1-9.3.1 openssh-debugsource-7.6p1-9.3.1 openssh-helpers-7.6p1-9.3.1 openssh-helpers-debuginfo-7.6p1-9.3.1 References: https://www.suse.com/security/cve/CVE-2018-15473.html https://www.suse.com/security/cve/CVE-2018-15919.html https://bugzilla.suse.com/1081947 https://bugzilla.suse.com/1091396 https://bugzilla.suse.com/1105010 https://bugzilla.suse.com/1106163 https://bugzilla.suse.com/964336 From sle-security-updates at lists.suse.com Fri Nov 9 13:10:53 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 9 Nov 2018 21:10:53 +0100 (CET) Subject: SUSE-SU-2018:3688-1: important: Security update for the Linux Kernel Message-ID: <20181109201053.70550FD4E@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3688-1 Rating: important References: #1011920 #1012382 #1012422 #1020645 #1031392 #1035053 #1042422 #1043591 #1048129 #1050431 #1050549 #1053043 #1054239 #1057199 #1065600 #1065726 #1067906 #1073579 #1076393 #1078788 #1079524 #1082519 #1083215 #1083527 #1084760 #1089343 #1091158 #1093118 #1094244 #1094825 #1095805 #1096052 #1098050 #1098996 #1099597 #1101555 #1103308 #1103405 #1104124 #1105025 #1105428 #1105795 #1105931 #1106105 #1106110 #1106240 #1106293 #1106359 #1106434 #1106594 #1106913 #1106929 #1107060 #1107299 #1107318 #1107535 #1107829 #1107870 #1108315 #1108377 #1108498 #1109158 #1109333 #1109772 #1109784 #1109806 #1109818 #1109907 #1109919 #1109923 #1110006 #1110363 #1110468 #1110600 #1110601 #1110602 #1110603 #1110604 #1110605 #1110606 #1110611 #1110612 #1110613 #1110614 #1110615 #1110616 #1110618 #1110619 #1111363 #1111516 #1111870 #1112007 #1112262 #1112263 #1112894 #1112902 #1112903 #1112905 #1113667 #1113751 #1113769 #1114178 #1114229 #1114648 #981083 #997172 Cross-References: CVE-2018-14633 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-9516 Affected Products: SUSE Linux Enterprise Live Patching 12-SP3 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 100 fixes is now available. Description: The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829). - CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769). - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025). - CVE-2018-18710: An issue was discovered in the Linux kernel An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-9516: A lack of certain checks in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498). The following non-security bugs were fixed: - 6lowpan: iphc: reset mac_header after decompress to fix panic (bnc#1012382). - alsa: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bnc#1012382). - alsa: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bnc#1012382). - alsa: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bnc#1012382). - alsa: hda - Fix cancel_work_sync() stall from jackpoll work (bnc#1012382). - alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bnc#1012382). - alsa: msnd: Fix the default sample sizes (bnc#1012382). - alsa: pcm: Fix snd_interval_refine first/last with open min/max (bnc#1012382). - alsa: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bnc#1012382). - apparmor: remove no-op permission check in policy_unpack (git-fixes). - arc: build: Get rid of toolchain check (bnc#1012382). - arc: clone syscall to setp r25 as thread pointer (bnc#1012382). - arch/hexagon: fix kernel/dma.c build warning (bnc#1012382). - arc: [plat-axs*]: Enable SWAP (bnc#1012382). - arm64: bpf: jit JMP_JSET_{X,K} (bsc#1110613). - arm64: Correct type for PUD macros (bsc#1110600). - arm64: cpufeature: Track 32bit EL0 support (bnc#1012382). - arm64: dts: qcom: db410c: Fix Bluetooth LED trigger (bnc#1012382). - arm64: fix erroneous __raw_read_system_reg() cases (bsc#1110606). - arm64: Fix potential race with hardware DBM in ptep_set_access_flags() (bsc#1110605). - arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1110603). - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" (bnc#1012382). - arm64: kasan: avoid bad virt_to_pfn() (bsc#1110612). - arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1110619). - arm64/kasan: do not allocate extra shadow memory (bsc#1110611). - arm64: kernel: Update kerneldoc for cpu_suspend() rename (bsc#1110602). - arm64: kgdb: handle read-only text / modules (bsc#1110604). - arm64: kvm: Sanitize PSTATE.M when being set from userspace (bnc#1012382). - arm64: kvm: Tighten guest core register access from userspace (bnc#1012382). - arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1110618). - arm64: ptrace: Avoid setting compat FP[SC]R to garbage if get_user fails (bsc#1110601). - arm64: supported.conf: mark armmmci as not supported - arm64 Update config files. (bsc#1110468) Set MMC_QCOM_DML to build-in and delete driver from supported.conf - arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1110614). - arm: dts: at91: add new compatibility string for macb on sama5d3 (bnc#1012382). - arm: dts: dra7: fix DCAN node addresses (bnc#1012382). - arm: exynos: Clear global variable on init error path (bnc#1012382). - arm: hisi: check of_iomap and fix missing of_node_put (bnc#1012382). - arm: hisi: fix error handling and missing of_node_put (bnc#1012382). - arm: hisi: handle of_iomap and fix missing of_node_put (bnc#1012382). - arm: mvebu: declare asm symbols as character arrays in pmsu.c (bnc#1012382). - ASoC: cs4265: fix MMTLR Data switch control (bnc#1012382). - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bnc#1012382). - ASoC: sigmadsp: safeload should not have lower byte limit (bnc#1012382). - ASoC: wm8804: Add ACPI support (bnc#1012382). - ata: libahci: Correct setting of DEVSLP register (bnc#1012382). - ath10k: disable bundle mgmt tx completion event support (bnc#1012382). - ath10k: fix scan crash due to incorrect length calculation (bnc#1012382). - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bnc#1012382). - ath10k: prevent active scans on potential unusable channels (bnc#1012382). - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bnc#1012382). - audit: fix use-after-free in audit_add_watch (bnc#1012382). - autofs: fix autofs_sbi() does not check super block type (bnc#1012382). - binfmt_elf: Respect error return from `regset->active' (bnc#1012382). - bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bnc#1012382). - bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bnc#1012382). - bluetooth: hidp: Fix handling of strncpy for hid->name information (bnc#1012382). - bnxt_en: Fix TX timeout during netpoll (bnc#1012382). - bonding: avoid possible dead-lock (bnc#1012382). - bpf: fix cb access in socket filter programs on tail calls (bsc#1012382). - bpf: fix map not being uncharged during map creation failure (bsc#1012382). - bpf, s390: fix potential memleak when later bpf_jit_prog fails (git-fixes). - bpf, s390x: do not reload skb pointers in non-skb context (git-fixes). - bsc#1106913: Replace with upstream variants - btrfs: add a comp_refs() helper (dependency for bsc#1031392). - btrfs: add missing initialization in btrfs_check_shared (Git-fixes bsc#1112262). - btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392). - btrfs: add wrapper for counting BTRFS_MAX_EXTENT_SIZE (dependency for bsc#1031392). - btrfs: cleanup extent locking sequence (dependency for bsc#1031392). - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (Follow up fixes for bsc#1031392). - btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392). - btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392). - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667). - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667). - btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535). - btrfs: fix invalid attempt to free reserved space on failure to cow range (dependency for bsc#1031392). - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919). - btrfs: Fix race condition between delayed refs and blockgroup removal (Git-fixes bsc#1112263). - btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392). - btrfs: kill trans in run_delalloc_nocow and btrfs_cross_ref_exist (dependency for bsc#1031392). - btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392). - btrfs: pass delayed_refs directly to btrfs_find_delayed_ref_head (dependency for bsc#1031392). - btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392). - btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392). - btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392). - btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392). - btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392). - btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392). - btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392). - btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392). - btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392). - btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392). - btrfs: qgroups: opencode qgroup_free helper (dependency for bsc#1031392). - btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392). - btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392). - btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392). - btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392). - btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392). - btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392). - btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392). - btrfs: rework outstanding_extents (dependency for bsc#1031392). - btrfs: switch args for comp_*_refs (dependency for bsc#1031392). - btrfs: Take trans lock before access running trans in check_delayed_ref (Follow up fixes for bsc#1031392). - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1112007). - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bnc#1012382). - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bnc#1012382). - cfq: Give a chance for arming slice idle timer in case of group_idle (bnc#1012382). - cgroup: Fix deadlock in cpu hotplug path (bnc#1012382). - cgroup, netclassid: add a preemption point to write_classid (bnc#1098996). - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902). - cifs: connect to servername instead of IP for IPC$ share (bsc#1106359). - cifs: fix memory leak in SMB2_open() (bsc#1112894). - cifs: Fix use after free of a mid_q_entry (bsc#1112903). - cifs: fix wrapping bugs in num_entries() (bnc#1012382). - cifs: integer overflow in in SMB2_ioctl() (bsc#1012382). - cifs: prevent integer overflow in nxt_dir_entry() (bnc#1012382). - cifs: read overflow in is_valid_oplock_break() (bnc#1012382). - clk: imx6ul: fix missing of_node_put() (bnc#1012382). - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bnc#1012382). - config.sh: set BUGZILLA_PRODUCT for SLE12-SP3 - coresight: Handle errors in finding input/output ports (bnc#1012382). - coresight: tpiu: Fix disabling timeouts (bnc#1012382). - cpu/hotplug: Fix SMT supported evaluation (bsc#1089343). - crypto: mxs-dcp - Fix wait logic on chan threads (bnc#1012382). - crypto: sharah - Unregister correct algorithms for SAHARA 3 (bnc#1012382). - crypto: skcipher - Fix -Wstringop-truncation warnings (bnc#1012382). - Define dependencies of in-kernel KMPs statically This allows us to use rpm's internal dependency generator (bsc#981083). - Define early_radix_enabled() (bsc#1094244). - dmaengine: pl330: fix irq race with terminate_all (bnc#1012382). - dm cache: fix resize crash if user does not reload cache table (bnc#1012382). - dm thin metadata: fix __udivdi3 undefined on 32-bit (bnc#1012382). - dm thin metadata: try to avoid ever aborting transactions (bnc#1012382). - Do not ship firmware (bsc#1054239). Pull firmware from kernel-firmware instead. - drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config (bnc#1012382). - drivers: net: cpsw: fix segfault in case of bad phy-handle (bnc#1012382). - drivers/tty: add error handling for pcmcia_loop_config (bnc#1012382). - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bnc#1012382). - drm/amdkfd: Fix error codes in kfd_get_process (bnc#1012382). - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bnc#1012382). - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bnc#1012382). - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bnc#1012382). - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1106929) - Drop dtb-source.spec and move the sources to kernel-source (bsc#1011920) - e1000: check on netif_running() before calling e1000_up() (bnc#1012382). - e1000: ensure to free old tx/rx rings in set_ringparam() (bnc#1012382). - ebtables: arpreply: Add the standard target sanity check (bnc#1012382). - edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114648). - ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle (bnc#1012382). - ethtool: Remove trailing semicolon for static inline (bnc#1012382). - ethtool: restore erroneously removed break in dev_ethtool (bsc#1114229). - ext4: avoid divide by zero fault when deleting corrupted inline directories (bnc#1012382). - ext4: do not mark mmp buffer head dirty (bnc#1012382). - ext4: fix online resize's handling of a too-small final block group (bnc#1012382). - ext4: fix online resizing for bigalloc file systems with a 1k block size (bnc#1012382). - ext4: recalucate superblock checksum after updating free blocks/inodes (bnc#1012382). - f2fs: do not set free of current section (bnc#1012382). - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize (bnc#1012382). - fbdev: Distinguish between interlaced and progressive modes (bnc#1012382). - fbdev: fix broken menu dependencies (bsc#1106929) - fbdev/omapfb: fix omapfb_memory_read infoleak (bnc#1012382). - fbdev/via: fix defined but not used warning (bnc#1012382). - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bnc#1012382). - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bnc#1012382). - fs/cifs: suppress a string overflow warning (bnc#1012382). - fs/eventpoll: loosen irq-safety when possible (bsc#1096052). - gfs2: Special-case rindex for gfs2_grow (bnc#1012382). - gpio: adp5588: Fix sleep-in-atomic-context bug (bnc#1012382). - gpiolib: Mark gpio_suffixes array with __maybe_unused (bnc#1012382). - gpio: ml-ioh: Fix buffer underwrite on probe error path (bnc#1012382). - gpio: tegra: Move driver registration to subsys_init level (bnc#1012382). - gso_segment: Reset skb->mac_len after modifying network header (bnc#1012382). - hexagon: modify ffs() and fls() to return int (bnc#1012382). - hid: hid-ntrig: add error handling for sysfs_create_group (bnc#1012382). - hid: sony: Support DS4 dongle (bnc#1012382). - hid: sony: Update device ids (bnc#1012382). - hv: avoid crash in vmbus sysfs files (bnc#1108377). - hwmon: (adt7475) Make adt7475_read_word() return errors (bnc#1012382). - hwmon: (ina2xx) fix sysfs shunt resistor read access (bnc#1012382). - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bnc#1012382). - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bnc#1012382). - i2c: i801: fix DNV's SMBCTRL register offset (bnc#1012382). - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: xiic: Make the start and the byte count write atomic (bnc#1012382). - i2c: xlp9xx: Add support for SMBAlert (bsc#1103308). - i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1103308). - i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1103308). - i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1103308). - ib/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bnc#1012382). - ib/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop (bnc#1012382). - input: atakbd - fix Atari CapsLock behaviour (bnc#1012382). - input: atakbd - fix Atari keymap (bnc#1012382). - input: atmel_mxt_ts - only use first T9 instance (bnc#1012382). - input: elantech - enable middle button of touchpad on ThinkPad P72 (bnc#1012382). - iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105). - iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bnc#1012382). - iommu/ipmmu-vmsa: Fix allocation in atomic context (bnc#1012382). - ip6_tunnel: be careful when accessing the inner header (bnc#1012382). - ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308). - ip_tunnel: be careful when accessing the inner header (bnc#1012382). - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (bnc#1012382). - ipv6: fix possible use-after-free in ip6_xmit() (bnc#1012382). - iw_cxgb4: only allow 1 flush on user qps (bnc#1012382). - ixgbe: pci_set_drvdata must be called before register_netdev (Git-fixes bsc#1109923). - jffs2: return -ERANGE when xattr buffer is too small (bnc#1012382). - KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - kABI: protect struct hnae_desc_cb (kabi). - kbuild: add .DELETE_ON_ERROR special target (bnc#1012382). - kernel-obs-build.spec.in: add --no-hostonly-cmdline to dracut invocation (boo#1062303). call dracut with --no-hostonly-cmdline to avoid the random rootfs UUID being added into the initrd's /etc/cmdline.d/95root-dev.conf - kernel-obs-build: use pae and lpae kernels where available (bsc#1073579). - kernel/params.c: downgrade warning for unsafe parameters (bsc#1050549). - kprobes/x86: Release insn_slot in failure path (bsc#1110006). - kthread: fix boot hang (regression) on MIPS/OpenRISC (bnc#1012382). - kthread: Fix use-after-free if kthread fork fails (bnc#1012382). - kvm: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240). - kvm: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240). - kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bnc#1012382). - kvm: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240). - kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240). - kvm: x86: fix APIC page invalidation (bsc#1106240). - kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch (bnc#1012382). - kvm/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240). - kvm: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (bsc#1106240). - lib/test_hexdump.c: fix failure on big endian cpu (bsc#1106110). - locking/osq_lock: Fix osq_lock queue corruption (bnc#1012382). - locking/rwsem-xadd: Fix missed wakeup due to reordering of load (bnc#1012382). - lpfc: fixup crash in lpfc_els_unsol_buffer() (bsc#1107318). - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: fix a race between restart and CSA flows (bnc#1012382). - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bnc#1012382). - mac80211: Fix station bandwidth setting after channel switch (bnc#1012382). - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: mesh: fix HWMP sequence numbering to follow standard (bnc#1012382). - mac80211: restrict delayed tailroom needed decrement (bnc#1012382). - mac80211: shorten the IBSS debug messages (bnc#1012382). - mach64: detect the dot clock divider correctly on sparc (bnc#1012382). - macintosh/via-pmu: Add missing mmio accessors (bnc#1012382). - macros.kernel-source: define linux_arch for KMPs (boo#1098050). CONFIG_64BIT is no longer defined so KMP spec files need to include %{?linux_make_arch} in any make call to build modules or descent into the kernel directory for any reason. - macros.kernel-source: pass -b properly in kernel module package (bsc#1107870). - macros.kernel-source: pass -f properly in module subpackage (boo#1076393). - md-cluster: clear another node's suspend_area after the copy is finished (bnc#1012382). - md/raid1: exit sync request if MD_RECOVERY_INTR is set (git-fixes). - md/raid5: fix data corruption of replacements after originals dropped (bnc#1012382). - media: af9035: prevent buffer overflow on write (bnc#1012382). - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bnc#1012382). - media: fsl-viu: fix error handling in viu_of_probe() (bnc#1012382). - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bnc#1012382). - media: omap_vout: Fix a possible null pointer dereference in omap_vout_open() (bsc#1050431). - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bnc#1012382). - media: soc_camera: ov772x: correct setting of banding filter (bnc#1012382). - media: tm6000: add error handling for dvb_register_adapter (bnc#1012382). - media: uvcvideo: Support realtek's UVC 1.5 device (bnc#1012382). - media: v4l: event: Prevent freeing event subscriptions while accessed (bnc#1012382). - media: videobuf2-core: check for q->error in vb2_core_qbuf() (bnc#1012382). - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1050431). - mei: bus: type promotion bug in mei_nfc_if_version() (bnc#1012382). - memory_hotplug: cond_resched in __remove_pages (bnc#1114178). - mfd: omap-usb-host: Fix dts probe of children (bnc#1012382). - mfd: ti_am335x_tscadc: Fix struct clk memory leak (bnc#1012382). - misc: hmc6352: fix potential Spectre v1 (bnc#1012382). - misc: mic: SCIF Fix scif_get_new_port() error handling (bnc#1012382). - misc: ti-st: Fix memory leak in the error path of probe() (bnc#1012382). - mmc: mmci: stop building qcom dml as module (bsc#1110468). - mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1110006). - mm: get rid of vmacache_flush_all() entirely (bnc#1012382). - mm: madvise(MADV_DODUMP): allow hugetlbfs pages (bnc#1012382). - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907). - mm: shmem.c: Correctly annotate new inodes for lockdep (bnc#1012382). - mm/vmstat.c: fix outdated vmstat_text (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (git fixes). - module: exclude SHN_UNDEF symbols from kallsyms api (bnc#1012382). - mtdchar: fix overflows in adjustment of `count` (bnc#1012382). - mtd/maps: fix solutionengine.c printk format warnings (bnc#1012382). - neighbour: confirm neigh entries when ARP packet is received (bnc#1012382). - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (bnc#1012382). - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx() (bnc#1012382). - net: dcb: For wild-card lookups, use priority -1, not 0 (bnc#1012382). - net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (bsc#1110616). - net: ethernet: ti: cpsw: fix mdio device reference leak (bnc#1012382). - netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user (bnc#1012382). - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES (bnc#1012382). - net: hp100: fix always-true check for link up state (bnc#1012382). - net: ipv4: update fnhe_pmtu when first hop's MTU changes (bnc#1012382). - net/ipv6: Display all addresses in output of /proc/net/if_inet6 (bnc#1012382). - netlabel: check for IPV4MASK in addrinfo_get (bnc#1012382). - net: macb: disable scatter-gather for macb on sama5d3 (bnc#1012382). - net/mlx4: Use cpumask_available for eq->affinity_mask (bnc#1012382). - net: mvneta: fix mtu change on port without link (bnc#1012382). - net: mvneta: fix mvneta_config_rss on armada 3700 (bsc#1110615). - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (bnc#1012382). - net: systemport: Fix wake-up interrupt race during resume (bnc#1012382). - net/usb: cancel pending work when unbinding smsc75xx (bnc#1012382). - nfc: Fix possible memory corruption when handling SHDLC I-Frame commands (bnc#1012382). - nfc: Fix the number of pipes (bnc#1012382). - nfs: add nostatflush mount option (bsc#1065726). - nfs: Avoid quadratic search when freeing delegations (bsc#1084760). - nfsd: fix corrupted reply to badly ordered compound (bnc#1012382). - nfs: Use an appropriate work queue for direct-write completion (bsc#1082519). - nfsv4.0 fix client reference leak in callback (bnc#1012382). - ocfs2: fix locking for res->tracking and dlm->tracking_list (bnc#1012382). - ocfs2: fix ocfs2 read block panic (bnc#1012382). - of: unittest: Disable interrupt node tests for old world MAC systems (bnc#1012382). - ovl: Copy inode attributes after setting xattr (bsc#1107299). - parport: sunbpp: fix error return code (bnc#1012382). - partitions/aix: append null character to print data from disk (bnc#1012382). - partitions/aix: fix usage of uninitialized lv_info and lvname structures (bnc#1012382). - Pass x86 as architecture on x86_64 and i386 (bsc#1093118). - pci: altera: Fix bool initialization in tlp_read_packet() (bsc#1109806). - pci: designware: Fix I/O space page leak (bsc#1109806). - pci: designware: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: hv: Use effective affinity mask (bsc#1109772). - pci: OF: Fix I/O space page leak (bsc#1109806). - pci: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1109806). - pci: Reprogram bridge prefetch registers on resume (bnc#1012382). - pci: shpchp: Fix AMD POGO identification (bsc#1109806). - pci: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806). - pci: versatile: Fix I/O space page leak (bsc#1109806). - pci: versatile: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: xgene: Fix I/O space page leak (bsc#1109806). - pci: xilinx: Add missing of_node_put() (bsc#1109806). - perf powerpc: Fix callchain ip filtering (bnc#1012382). - perf powerpc: Fix callchain ip filtering when return address is in a register (bnc#1012382). - perf probe powerpc: Ignore SyS symbols irrespective of endianness (bnc#1012382). - perf script python: Fix export-to-postgresql.py occasional failure (bnc#1012382). - perf tools: Allow overriding MAX_NR_CPUS at compile time (bnc#1012382). - phy: qcom-ufs: add MODULE_LICENSE tag (bsc#1110468). - pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant (bnc#1012382). - pipe: actually allow root to exceed the pipe buffer limit (git-fixes). - platform/x86: alienware-wmi: Correct a memory leak (bnc#1012382). - platform/x86: toshiba_acpi: Fix defined but not used build warnings (bnc#1012382). - pm / core: Clear the direct_complete flag on errors (bnc#1012382). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/kdump: Handle crashkernel memory reservation failure (bnc#1012382). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784). - powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363). - powerpc/perf/hv-24x7: Fix passing of catalog version number (bsc#1053043). - powerpc/powernv: opal_put_chars partial write fix (bnc#1012382). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Define MCE error event section (bsc#1094244). - powerpc/pseries: Display machine check error details (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes). - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158). - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158). - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870). - powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333). - power: vexpress: fix corruption in notifier registration (bnc#1012382). - printk: do not spin in printk when in nmi (bsc#1094244). - proc: restrict kernel stack dumps to root (bnc#1012382). - pstore: Fix incorrect persistent ram buffer mapping (bnc#1012382). - qlcnic: fix Tx descriptor corruption on 82xx devices (bnc#1012382). - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bnc#1012382). - raid10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (bnc#1012382). - rculist: add list_for_each_entry_from_rcu() (bsc#1084760). - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760). - rdma/cma: Do not ignore net namespace for unbound cm_id (bnc#1012382). - rdma/cma: Protect cma dev list with lock (bnc#1012382). - rdma/ucma: check fd type in ucma_migrate_id() (bnc#1012382). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - resource: Include resource end in walk_*() interfaces (bsc#1114648). - Revert "btrfs: qgroups: Retry after commit on getting EDQUOT" (bsc#1031392). - Revert "dma-buf/sync-file: Avoid enable fence signaling if poll(.timeout=0)" (bsc#1111363). - Revert "drm: Do not pass negative delta to ktime_sub_ns()" (bsc#1106929) - Revert "drm/i915: Initialize HWS page address after GPU reset" (bsc#1106929) - Revert "Drop kernel trampoline stack." This reverts commit 85dead31706c1c1755adff90405ff9861c39c704. - Revert "kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)" This reverts commit edde1f21880e3bfe244c6f98a3733b05b13533dc. - Revert "kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch" (kabi). - Revert "media: v4l: event: Prevent freeing event subscriptions while accessed" (kabi). - Revert "mm: get rid of vmacache_flush_all() entirely" (kabi). - Revert "NFC: Fix the number of pipes" (kabi). - Revert "proc: restrict kernel stack dumps to root" (kabi). - Revert "Skip intel_crt_init for Dell XPS 8700" (bsc#1106929) - Revert "tcp: add tcp_ooo_try_coalesce() helper" (kabi). - Revert "tcp: call tcp_drop() from tcp_data_queue_ofo()" (kabi). - Revert "tcp: fix a stale ooo_last_skb after a replace" (kabi). - Revert "tcp: free batches of packets in tcp_prune_ofo_queue()" (kabi). - Revert "tcp: use an RB tree for ooo receive queue" (kabi). - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" (bnc#1012382). - Revert "x86/fpu: Finish excising 'eagerfpu'" (kabi). - Revert "x86/fpu: Remove struct fpu::counter" (kabi). - Revert "x86/fpu: Remove use_eager_fpu()" (kabi). - ring-buffer: Allow for rescheduling when removing pages (bnc#1012382). - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bnc#1012382). - rpm/kernel-binary.spec.in: Check module licenses (bsc#1083215,bsc#1083527) - rpm/kernel-binary.spec.in: Do not sign modules if CONFIG_MODULE_SIG=n (bsc#1035053) - rpm/kernel-binary.spec.in: Obsolete ftsteutates KMP (boo#997172) - rpm/kernel-binary.spec.in: Only kernel-syzkaller needs gcc-devel (boo#1043591). - rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199) - rpm/kernel-docs.spec.in: Fix and cleanup for 4.13 doc build (bsc#1048129) The whole DocBook stuff has been deleted. The PDF build still non-working thus the sub-packaging disabled so far. - rpm/kernel-docs.spec.in: refresh dependencies for PDF build (bsc#1048129) But it still does not work with Tex Live 2017, thus disabled yet. Also add texlive-anyfontsize for HTML math handling. - rpm/kernel-module-subpackage: Generate proper supplements in the template ... instead of relying on find-provides.ksyms to do it (bsc#981083). - rpm/kernel-source.spec.in: Do not list deleted depdendency helpers (bsc#981083). - rpm/kernel-spec-macros: Try harder to detect Build Service environment (bsc#1078788) - rtc: bq4802: add error handling for devm_ioremap (bnc#1012382). - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (bnc#1012382). - s390/chsc: Add exception handler for CHSC instruction (git-fixes). - s390/extmem: fix gcc 8 stringop-overflow warning (bnc#1012382). - s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108315, LTC#171326). - s390/kdump: Fix elfcorehdr size calculation (git-fixes). - s390/kdump: Make elfcorehdr size calculation ABI compliant (git-fixes). - s390/mm: correct allocate_pgste proc_handler callback (git-fixes). - s390/qeth: do not dump past end of unknown HW header (bnc#1012382). - s390/qeth: fix race in used-buffer accounting (bnc#1012382). - s390/qeth: handle failure on workqueue creation (git-fixes). - s390/qeth: reset layer2 attribute on layer switch (bnc#1012382). - s390/qeth: use vzalloc for QUERY OAT buffer (bnc#1108315, LTC#171527). - s390: revert ELF_ET_DYN_BASE base changes (git-fixes). - s390/stacktrace: fix address ranges for asynchronous and panic stack (git-fixes). - sched/fair: Fix bandwidth timer clock drift condition (Git-fixes). - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (Git-fixes). - scsi: 3ware: fix return 0 on the error path of probe (bnc#1012382). - scsi: bnx2i: add error handling for ioremap_nocache (bnc#1012382). - scsi: ibmvscsi: Improve strings handling (bnc#1012382). - scsi: klist: Make it safe to use klists in atomic context (bnc#1012382). - scsi: target: fix __transport_register_session locking (bnc#1012382). - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size (bnc#1012382). - selftests/efivarfs: add required kernel configs (bnc#1012382). - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock adjustments are in progress (bnc#1012382). - selinux: use GFP_NOWAIT in the AVC kmem_caches (bnc#1012382). - serial: cpm_uart: return immediately from console poll (bnc#1012382). - serial: imx: restore handshaking irq for imx1 (bnc#1012382). - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006). - slub: make ->cpu_partial unsigned int (bnc#1012382). - smb2: fix missing files in root share directory listing (bnc#1012382). - smb3: fill in statfs fsid and correct namelen (bsc#1112905). - sound: enable interrupt after dma buffer initialization (bnc#1012382). - spi: rspi: Fix interrupted DMA transfers (bnc#1012382). - spi: rspi: Fix invalid SPI use during system suspend (bnc#1012382). - spi: sh-msiof: Fix handling of write value for SISTR register (bnc#1012382). - spi: sh-msiof: Fix invalid SPI use during system suspend (bnc#1012382). - spi: tegra20-slink: explicitly enable/disable clock (bnc#1012382). - srcu: Allow use of Tiny/Tree SRCU from both process and interrupt context (bsc#1050549). - staging: android: ashmem: Fix mmap size validation (bnc#1012382). - staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page (bnc#1012382). - staging: rts5208: fix missing error check on call to rtsx_write_register (bnc#1012382). - staging/rts5208: Fix read overflow in memcpy (bnc#1012382). - stmmac: fix valid numbers of unicast filter entries (bnc#1012382). - stop_machine: Atomically queue and wake stopper threads (git-fixes). - target: log Data-Out timeouts as errors (bsc#1095805). - target: log NOP ping timeouts as errors (bsc#1095805). - target: split out helper for cxn timeout error stashing (bsc#1095805). - target: stash sess_err_stats on Data-Out timeout (bsc#1095805). - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805). - tcp: add tcp_ooo_try_coalesce() helper (bnc#1012382). - tcp: call tcp_drop() from tcp_data_queue_ofo() (bnc#1012382). - tcp: fix a stale ooo_last_skb after a replace (bnc#1012382). - tcp: free batches of packets in tcp_prune_ofo_queue() (bnc#1012382). - tcp: increment sk_drops for dropped rx packets (bnc#1012382). - tcp: use an RB tree for ooo receive queue (bnc#1012382). - team: Forbid enslaving team device to itself (bnc#1012382). - thermal: of-thermal: disable passive polling when thermal zone is disabled (bnc#1012382). - Tools: hv: Fix a bug in the key delete code (bnc#1012382). - tools/vm/page-types.c: fix "defined but not used" warning (bnc#1012382). - tools/vm/slabinfo.c: fix sign-compare warning (bnc#1012382). - tpm: Restore functionality to xen vtpm driver (bsc#1020645, git-fixes). - tsl2550: fix lux1_input error in low light (bnc#1012382). - tty: Drop tty->count on tty_reopen() failure (bnc#1105428). - tty: rocket: Fix possible buffer overwrite on register_PCI (bnc#1012382). - tty: vt_ioctl: fix potential Spectre v1 (bnc#1012382). - ubifs: Check for name being NULL while mounting (bnc#1012382). - ucma: fix a use-after-free in ucma_resolve_ip() (bnc#1012382). - uio: potential double frees if __uio_register_device() fails (bnc#1012382). - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bnc#1012382). - usb: Add quirk to support DJI CineSSD (bnc#1012382). - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bnc#1012382). - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() (bnc#1012382). - usb: Do not die twice if PCI xhci host is not responding in resume (bnc#1012382). - usb: fix error handling in usb_driver_claim_interface() (bnc#1012382). - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bnc#1012382). - usb: gadget: serial: fix oops when data rx'd after close (bnc#1012382). - usb: handle NULL config in usb_find_alt_setting() (bnc#1012382). - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bnc#1012382). - usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bnc#1012382). - usb: net2280: Fix erroneous synchronization change (bnc#1012382). - usb: remove LPM management from usb_driver_claim_interface() (bnc#1012382). - usb: serial: io_ti: fix array underflow in completion handler (bnc#1012382). - usb: serial: kobil_sct: fix modem-status error handling (bnc#1012382). - usb: serial: simple: add Motorola Tetra MTP6550 id (bnc#1012382). - usb: serial: ti_usb_3410_5052: fix array underflow in completion handler (bnc#1012382). - usb: usbdevfs: restore warning for nonsensical flags (bnc#1012382). - usb: usbdevfs: sanitize flags more (bnc#1012382). - usb: wusbcore: security: cast sizeof to int for comparison (bnc#1012382). - usb: yurex: Check for truncation in yurex_read() (bnc#1012382). - usb: yurex: Fix buffer over-read in yurex_write() (bnc#1012382). - Use upstream version of pci-hyperv change 35a88a18d7 - uwb: hwa-rc: fix memory leak at probe (bnc#1012382). - vfs: do not test owner for NFS in set_posix_acl() (bsc#1103405). - video: goldfishfb: fix memory leak on driver remove (bnc#1012382). - vmci: type promotion bug in qp_host_get_user_memory() (bnc#1012382). - vmw_balloon: include asm/io.h (bnc#1012382). - watchdog: w83627hf: Added NCT6102D support (bsc#1106434). - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bnc#1012382). - wlcore: Fix memory leak in wlcore_cmd_wait_for_event_or_timeout (git-fixes). - x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006). - x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006). - x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006). - x86/boot: Fix "run_size" calculation (bsc#1110006). - x86/cpufeature: deduplicate X86_FEATURE_L1TF_PTEINV (kabi). - x86/entry/64: Add two more instruction suffixes (bnc#1012382). - x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931). - x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931). - x86/fpu: Finish excising 'eagerfpu' (bnc#1012382). - x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006). - x86/fpu: Remove struct fpu::counter (bnc#1012382). - x86/fpu: Remove use_eager_fpu() (bnc#1012382). - x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772). - x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597). - x86/mm: Remove in_nmi() warning from vmalloc_fault() (bnc#1012382). - x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006). - x86/numa_emulation: Fix emulated-to-physical node mapping (bnc#1012382). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555). - x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516). - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913). - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913). - x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913). - x86/time: Correct the attribute on jiffies' definition (bsc#1110006). - x86/tsc: Add missing header to tsc_msr.c (bnc#1012382). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). - x86/vdso: Fix vDSO build if a retpoline is emitted (bsc#1110006). - x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006). - x86/vdso: Only enable vDSO retpolines when enabled and supported (bsc#1110006). - xen: avoid crash in disable_hotplug_cpu (bnc#1012382 bsc#1106594 bsc#1042422). - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (bnc#1012382). - xen: issue warning message when out of grant maptrack entries (bsc#1105795). - xen/manage: do not complain about an empty value in control/sysrq node (bnc#1012382). - xen/netfront: do not bug in case of too many frags (bnc#1012382). - xen-netfront: fix queue name setting (bnc#1012382). - xen/netfront: fix waiting for xenbus state change (bnc#1012382). - xen-netfront: fix warn message as irq device name has '/' (bnc#1012382). - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bnc#1012382). - xfrm: fix 'passing zero to ERR_PTR()' warning (bnc#1012382). - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bnc#1012382). - xhci: Do not print a warning when setting link state for disabled ports (bnc#1012382). - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114648). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12-SP3: zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-2621=1 Package List: - SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64): kgraft-patch-4_4_162-94_69-default-1-4.5.2 kgraft-patch-4_4_162-94_69-default-debuginfo-1-4.5.2 References: https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-18281.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18690.html https://www.suse.com/security/cve/CVE-2018-18710.html https://www.suse.com/security/cve/CVE-2018-9516.html https://bugzilla.suse.com/1011920 https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1020645 https://bugzilla.suse.com/1031392 https://bugzilla.suse.com/1035053 https://bugzilla.suse.com/1042422 https://bugzilla.suse.com/1043591 https://bugzilla.suse.com/1048129 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1050549 https://bugzilla.suse.com/1053043 https://bugzilla.suse.com/1054239 https://bugzilla.suse.com/1057199 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065726 https://bugzilla.suse.com/1067906 https://bugzilla.suse.com/1073579 https://bugzilla.suse.com/1076393 https://bugzilla.suse.com/1078788 https://bugzilla.suse.com/1079524 https://bugzilla.suse.com/1082519 https://bugzilla.suse.com/1083215 https://bugzilla.suse.com/1083527 https://bugzilla.suse.com/1084760 https://bugzilla.suse.com/1089343 https://bugzilla.suse.com/1091158 https://bugzilla.suse.com/1093118 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1095805 https://bugzilla.suse.com/1096052 https://bugzilla.suse.com/1098050 https://bugzilla.suse.com/1098996 https://bugzilla.suse.com/1099597 https://bugzilla.suse.com/1101555 https://bugzilla.suse.com/1103308 https://bugzilla.suse.com/1103405 https://bugzilla.suse.com/1104124 https://bugzilla.suse.com/1105025 https://bugzilla.suse.com/1105428 https://bugzilla.suse.com/1105795 https://bugzilla.suse.com/1105931 https://bugzilla.suse.com/1106105 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1106293 https://bugzilla.suse.com/1106359 https://bugzilla.suse.com/1106434 https://bugzilla.suse.com/1106594 https://bugzilla.suse.com/1106913 https://bugzilla.suse.com/1106929 https://bugzilla.suse.com/1107060 https://bugzilla.suse.com/1107299 https://bugzilla.suse.com/1107318 https://bugzilla.suse.com/1107535 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107870 https://bugzilla.suse.com/1108315 https://bugzilla.suse.com/1108377 https://bugzilla.suse.com/1108498 https://bugzilla.suse.com/1109158 https://bugzilla.suse.com/1109333 https://bugzilla.suse.com/1109772 https://bugzilla.suse.com/1109784 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1109907 https://bugzilla.suse.com/1109919 https://bugzilla.suse.com/1109923 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110363 https://bugzilla.suse.com/1110468 https://bugzilla.suse.com/1110600 https://bugzilla.suse.com/1110601 https://bugzilla.suse.com/1110602 https://bugzilla.suse.com/1110603 https://bugzilla.suse.com/1110604 https://bugzilla.suse.com/1110605 https://bugzilla.suse.com/1110606 https://bugzilla.suse.com/1110611 https://bugzilla.suse.com/1110612 https://bugzilla.suse.com/1110613 https://bugzilla.suse.com/1110614 https://bugzilla.suse.com/1110615 https://bugzilla.suse.com/1110616 https://bugzilla.suse.com/1110618 https://bugzilla.suse.com/1110619 https://bugzilla.suse.com/1111363 https://bugzilla.suse.com/1111516 https://bugzilla.suse.com/1111870 https://bugzilla.suse.com/1112007 https://bugzilla.suse.com/1112262 https://bugzilla.suse.com/1112263 https://bugzilla.suse.com/1112894 https://bugzilla.suse.com/1112902 https://bugzilla.suse.com/1112903 https://bugzilla.suse.com/1112905 https://bugzilla.suse.com/1113667 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113769 https://bugzilla.suse.com/1114178 https://bugzilla.suse.com/1114229 https://bugzilla.suse.com/1114648 https://bugzilla.suse.com/981083 https://bugzilla.suse.com/997172 From sle-security-updates at lists.suse.com Fri Nov 9 13:46:39 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 9 Nov 2018 21:46:39 +0100 (CET) Subject: SUSE-SU-2018:3689-1: important: Security update for the Linux Kernel Message-ID: <20181109204639.B729AFFD6@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3689-1 Rating: important References: #1011920 #1012382 #1012422 #1020645 #1031392 #1035053 #1042422 #1043591 #1048129 #1050431 #1050549 #1053043 #1054239 #1057199 #1065600 #1065726 #1067906 #1073579 #1076393 #1078788 #1079524 #1082519 #1083215 #1083527 #1084760 #1089343 #1091158 #1093118 #1094244 #1094825 #1095805 #1096052 #1098050 #1098996 #1099597 #1101555 #1103308 #1103405 #1104124 #1105025 #1105428 #1105795 #1105931 #1106105 #1106110 #1106240 #1106293 #1106359 #1106434 #1106594 #1106913 #1106929 #1107060 #1107299 #1107318 #1107535 #1107829 #1107870 #1108315 #1108377 #1108498 #1109158 #1109333 #1109772 #1109784 #1109806 #1109818 #1109907 #1109919 #1109923 #1110006 #1110363 #1110468 #1110600 #1110601 #1110602 #1110603 #1110604 #1110605 #1110606 #1110611 #1110612 #1110613 #1110614 #1110615 #1110616 #1110618 #1110619 #1111363 #1111516 #1111870 #1112007 #1112262 #1112263 #1112894 #1112902 #1112903 #1112905 #1113667 #1113751 #1113769 #1114178 #1114229 #1114648 #981083 #997172 Cross-References: CVE-2018-14633 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-9516 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise High Availability 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 100 fixes is now available. Description: The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829). - CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769). - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025). - CVE-2018-18710: An issue was discovered in the Linux kernel An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-9516: A lack of certain checks in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498). The following non-security bugs were fixed: - 6lowpan: iphc: reset mac_header after decompress to fix panic (bnc#1012382). - alsa: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bnc#1012382). - alsa: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bnc#1012382). - alsa: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bnc#1012382). - alsa: hda - Fix cancel_work_sync() stall from jackpoll work (bnc#1012382). - alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bnc#1012382). - alsa: msnd: Fix the default sample sizes (bnc#1012382). - alsa: pcm: Fix snd_interval_refine first/last with open min/max (bnc#1012382). - alsa: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bnc#1012382). - apparmor: remove no-op permission check in policy_unpack (git-fixes). - arc: build: Get rid of toolchain check (bnc#1012382). - arc: clone syscall to setp r25 as thread pointer (bnc#1012382). - arch/hexagon: fix kernel/dma.c build warning (bnc#1012382). - arc: [plat-axs*]: Enable SWAP (bnc#1012382). - arm64: bpf: jit JMP_JSET_{X,K} (bsc#1110613). - arm64: Correct type for PUD macros (bsc#1110600). - arm64: cpufeature: Track 32bit EL0 support (bnc#1012382). - arm64: dts: qcom: db410c: Fix Bluetooth LED trigger (bnc#1012382). - arm64: fix erroneous __raw_read_system_reg() cases (bsc#1110606). - arm64: Fix potential race with hardware DBM in ptep_set_access_flags() (bsc#1110605). - arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1110603). - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" (bnc#1012382). - arm64: kasan: avoid bad virt_to_pfn() (bsc#1110612). - arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1110619). - arm64/kasan: do not allocate extra shadow memory (bsc#1110611). - arm64: kernel: Update kerneldoc for cpu_suspend() rename (bsc#1110602). - arm64: kgdb: handle read-only text / modules (bsc#1110604). - arm64: kvm: Sanitize PSTATE.M when being set from userspace (bnc#1012382). - arm64: kvm: Tighten guest core register access from userspace (bnc#1012382). - arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1110618). - arm64: ptrace: Avoid setting compat FP[SC]R to garbage if get_user fails (bsc#1110601). - arm64: supported.conf: mark armmmci as not supported - arm64 Update config files. (bsc#1110468) Set MMC_QCOM_DML to build-in and delete driver from supported.conf - arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1110614). - arm: dts: at91: add new compatibility string for macb on sama5d3 (bnc#1012382). - arm: dts: dra7: fix DCAN node addresses (bnc#1012382). - arm: exynos: Clear global variable on init error path (bnc#1012382). - arm: hisi: check of_iomap and fix missing of_node_put (bnc#1012382). - arm: hisi: fix error handling and missing of_node_put (bnc#1012382). - arm: hisi: handle of_iomap and fix missing of_node_put (bnc#1012382). - arm: mvebu: declare asm symbols as character arrays in pmsu.c (bnc#1012382). - ASoC: cs4265: fix MMTLR Data switch control (bnc#1012382). - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bnc#1012382). - ASoC: sigmadsp: safeload should not have lower byte limit (bnc#1012382). - ASoC: wm8804: Add ACPI support (bnc#1012382). - ata: libahci: Correct setting of DEVSLP register (bnc#1012382). - ath10k: disable bundle mgmt tx completion event support (bnc#1012382). - ath10k: fix scan crash due to incorrect length calculation (bnc#1012382). - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bnc#1012382). - ath10k: prevent active scans on potential unusable channels (bnc#1012382). - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bnc#1012382). - audit: fix use-after-free in audit_add_watch (bnc#1012382). - autofs: fix autofs_sbi() does not check super block type (bnc#1012382). - binfmt_elf: Respect error return from `regset->active' (bnc#1012382). - bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bnc#1012382). - bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bnc#1012382). - bluetooth: hidp: Fix handling of strncpy for hid->name information (bnc#1012382). - bnxt_en: Fix TX timeout during netpoll (bnc#1012382). - bonding: avoid possible dead-lock (bnc#1012382). - bpf: fix cb access in socket filter programs on tail calls (bsc#1012382). - bpf: fix map not being uncharged during map creation failure (bsc#1012382). - bpf, s390: fix potential memleak when later bpf_jit_prog fails (git-fixes). - bpf, s390x: do not reload skb pointers in non-skb context (git-fixes). - bsc#1106913: Replace with upstream variants - btrfs: add a comp_refs() helper (dependency for bsc#1031392). - btrfs: add missing initialization in btrfs_check_shared (Git-fixes bsc#1112262). - btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392). - btrfs: add wrapper for counting BTRFS_MAX_EXTENT_SIZE (dependency for bsc#1031392). - btrfs: cleanup extent locking sequence (dependency for bsc#1031392). - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (Follow up fixes for bsc#1031392). - btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392). - btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392). - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667). - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667). - btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535). - btrfs: fix invalid attempt to free reserved space on failure to cow range (dependency for bsc#1031392). - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919). - btrfs: Fix race condition between delayed refs and blockgroup removal (Git-fixes bsc#1112263). - btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392). - btrfs: kill trans in run_delalloc_nocow and btrfs_cross_ref_exist (dependency for bsc#1031392). - btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392). - btrfs: pass delayed_refs directly to btrfs_find_delayed_ref_head (dependency for bsc#1031392). - btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392). - btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392). - btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392). - btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392). - btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392). - btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392). - btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392). - btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392). - btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392). - btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392). - btrfs: qgroups: opencode qgroup_free helper (dependency for bsc#1031392). - btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392). - btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392). - btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392). - btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392). - btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392). - btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392). - btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392). - btrfs: rework outstanding_extents (dependency for bsc#1031392). - btrfs: switch args for comp_*_refs (dependency for bsc#1031392). - btrfs: Take trans lock before access running trans in check_delayed_ref (Follow up fixes for bsc#1031392). - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1112007). - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bnc#1012382). - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bnc#1012382). - cfq: Give a chance for arming slice idle timer in case of group_idle (bnc#1012382). - cgroup: Fix deadlock in cpu hotplug path (bnc#1012382). - cgroup, netclassid: add a preemption point to write_classid (bnc#1098996). - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902). - cifs: connect to servername instead of IP for IPC$ share (bsc#1106359). - cifs: fix memory leak in SMB2_open() (bsc#1112894). - cifs: Fix use after free of a mid_q_entry (bsc#1112903). - cifs: fix wrapping bugs in num_entries() (bnc#1012382). - cifs: integer overflow in in SMB2_ioctl() (bsc#1012382). - cifs: prevent integer overflow in nxt_dir_entry() (bnc#1012382). - cifs: read overflow in is_valid_oplock_break() (bnc#1012382). - clk: imx6ul: fix missing of_node_put() (bnc#1012382). - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bnc#1012382). - config.sh: set BUGZILLA_PRODUCT for SLE12-SP3 - coresight: Handle errors in finding input/output ports (bnc#1012382). - coresight: tpiu: Fix disabling timeouts (bnc#1012382). - cpu/hotplug: Fix SMT supported evaluation (bsc#1089343). - crypto: mxs-dcp - Fix wait logic on chan threads (bnc#1012382). - crypto: sharah - Unregister correct algorithms for SAHARA 3 (bnc#1012382). - crypto: skcipher - Fix -Wstringop-truncation warnings (bnc#1012382). - Define dependencies of in-kernel KMPs statically This allows us to use rpm's internal dependency generator (bsc#981083). - Define early_radix_enabled() (bsc#1094244). - dmaengine: pl330: fix irq race with terminate_all (bnc#1012382). - dm cache: fix resize crash if user does not reload cache table (bnc#1012382). - dm thin metadata: fix __udivdi3 undefined on 32-bit (bnc#1012382). - dm thin metadata: try to avoid ever aborting transactions (bnc#1012382). - Do not ship firmware (bsc#1054239). Pull firmware from kernel-firmware instead. - drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config (bnc#1012382). - drivers: net: cpsw: fix segfault in case of bad phy-handle (bnc#1012382). - drivers/tty: add error handling for pcmcia_loop_config (bnc#1012382). - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bnc#1012382). - drm/amdkfd: Fix error codes in kfd_get_process (bnc#1012382). - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bnc#1012382). - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bnc#1012382). - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bnc#1012382). - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1106929) - Drop dtb-source.spec and move the sources to kernel-source (bsc#1011920) - e1000: check on netif_running() before calling e1000_up() (bnc#1012382). - e1000: ensure to free old tx/rx rings in set_ringparam() (bnc#1012382). - ebtables: arpreply: Add the standard target sanity check (bnc#1012382). - edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114648). - ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle (bnc#1012382). - ethtool: Remove trailing semicolon for static inline (bnc#1012382). - ethtool: restore erroneously removed break in dev_ethtool (bsc#1114229). - ext4: avoid divide by zero fault when deleting corrupted inline directories (bnc#1012382). - ext4: do not mark mmp buffer head dirty (bnc#1012382). - ext4: fix online resize's handling of a too-small final block group (bnc#1012382). - ext4: fix online resizing for bigalloc file systems with a 1k block size (bnc#1012382). - ext4: recalucate superblock checksum after updating free blocks/inodes (bnc#1012382). - f2fs: do not set free of current section (bnc#1012382). - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize (bnc#1012382). - fbdev: Distinguish between interlaced and progressive modes (bnc#1012382). - fbdev: fix broken menu dependencies (bsc#1106929) - fbdev/omapfb: fix omapfb_memory_read infoleak (bnc#1012382). - fbdev/via: fix defined but not used warning (bnc#1012382). - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bnc#1012382). - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bnc#1012382). - fs/cifs: suppress a string overflow warning (bnc#1012382). - fs/eventpoll: loosen irq-safety when possible (bsc#1096052). - gfs2: Special-case rindex for gfs2_grow (bnc#1012382). - gpio: adp5588: Fix sleep-in-atomic-context bug (bnc#1012382). - gpiolib: Mark gpio_suffixes array with __maybe_unused (bnc#1012382). - gpio: ml-ioh: Fix buffer underwrite on probe error path (bnc#1012382). - gpio: tegra: Move driver registration to subsys_init level (bnc#1012382). - gso_segment: Reset skb->mac_len after modifying network header (bnc#1012382). - hexagon: modify ffs() and fls() to return int (bnc#1012382). - hid: hid-ntrig: add error handling for sysfs_create_group (bnc#1012382). - hid: sony: Support DS4 dongle (bnc#1012382). - hid: sony: Update device ids (bnc#1012382). - hv: avoid crash in vmbus sysfs files (bnc#1108377). - hwmon: (adt7475) Make adt7475_read_word() return errors (bnc#1012382). - hwmon: (ina2xx) fix sysfs shunt resistor read access (bnc#1012382). - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bnc#1012382). - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bnc#1012382). - i2c: i801: fix DNV's SMBCTRL register offset (bnc#1012382). - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: xiic: Make the start and the byte count write atomic (bnc#1012382). - i2c: xlp9xx: Add support for SMBAlert (bsc#1103308). - i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1103308). - i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1103308). - i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1103308). - ib/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bnc#1012382). - ib/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop (bnc#1012382). - input: atakbd - fix Atari CapsLock behaviour (bnc#1012382). - input: atakbd - fix Atari keymap (bnc#1012382). - input: atmel_mxt_ts - only use first T9 instance (bnc#1012382). - input: elantech - enable middle button of touchpad on ThinkPad P72 (bnc#1012382). - iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105). - iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bnc#1012382). - iommu/ipmmu-vmsa: Fix allocation in atomic context (bnc#1012382). - ip6_tunnel: be careful when accessing the inner header (bnc#1012382). - ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308). - ip_tunnel: be careful when accessing the inner header (bnc#1012382). - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (bnc#1012382). - ipv6: fix possible use-after-free in ip6_xmit() (bnc#1012382). - iw_cxgb4: only allow 1 flush on user qps (bnc#1012382). - ixgbe: pci_set_drvdata must be called before register_netdev (Git-fixes bsc#1109923). - jffs2: return -ERANGE when xattr buffer is too small (bnc#1012382). - KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - kABI: protect struct hnae_desc_cb (kabi). - kbuild: add .DELETE_ON_ERROR special target (bnc#1012382). - kernel-obs-build.spec.in: add --no-hostonly-cmdline to dracut invocation (boo#1062303). call dracut with --no-hostonly-cmdline to avoid the random rootfs UUID being added into the initrd's /etc/cmdline.d/95root-dev.conf - kernel-obs-build: use pae and lpae kernels where available (bsc#1073579). - kernel/params.c: downgrade warning for unsafe parameters (bsc#1050549). - kprobes/x86: Release insn_slot in failure path (bsc#1110006). - kthread: fix boot hang (regression) on MIPS/OpenRISC (bnc#1012382). - kthread: Fix use-after-free if kthread fork fails (bnc#1012382). - kvm: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240). - kvm: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240). - kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bnc#1012382). - kvm: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240). - kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240). - kvm: x86: fix APIC page invalidation (bsc#1106240). - kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch (bnc#1012382). - kvm/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240). - kvm: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (bsc#1106240). - lib/test_hexdump.c: fix failure on big endian cpu (bsc#1106110). - locking/osq_lock: Fix osq_lock queue corruption (bnc#1012382). - locking/rwsem-xadd: Fix missed wakeup due to reordering of load (bnc#1012382). - lpfc: fixup crash in lpfc_els_unsol_buffer() (bsc#1107318). - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: fix a race between restart and CSA flows (bnc#1012382). - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bnc#1012382). - mac80211: Fix station bandwidth setting after channel switch (bnc#1012382). - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: mesh: fix HWMP sequence numbering to follow standard (bnc#1012382). - mac80211: restrict delayed tailroom needed decrement (bnc#1012382). - mac80211: shorten the IBSS debug messages (bnc#1012382). - mach64: detect the dot clock divider correctly on sparc (bnc#1012382). - macintosh/via-pmu: Add missing mmio accessors (bnc#1012382). - macros.kernel-source: define linux_arch for KMPs (boo#1098050). CONFIG_64BIT is no longer defined so KMP spec files need to include %{?linux_make_arch} in any make call to build modules or descent into the kernel directory for any reason. - macros.kernel-source: pass -b properly in kernel module package (bsc#1107870). - macros.kernel-source: pass -f properly in module subpackage (boo#1076393). - md-cluster: clear another node's suspend_area after the copy is finished (bnc#1012382). - md/raid1: exit sync request if MD_RECOVERY_INTR is set (git-fixes). - md/raid5: fix data corruption of replacements after originals dropped (bnc#1012382). - media: af9035: prevent buffer overflow on write (bnc#1012382). - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bnc#1012382). - media: fsl-viu: fix error handling in viu_of_probe() (bnc#1012382). - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bnc#1012382). - media: omap_vout: Fix a possible null pointer dereference in omap_vout_open() (bsc#1050431). - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bnc#1012382). - media: soc_camera: ov772x: correct setting of banding filter (bnc#1012382). - media: tm6000: add error handling for dvb_register_adapter (bnc#1012382). - media: uvcvideo: Support realtek's UVC 1.5 device (bnc#1012382). - media: v4l: event: Prevent freeing event subscriptions while accessed (bnc#1012382). - media: videobuf2-core: check for q->error in vb2_core_qbuf() (bnc#1012382). - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1050431). - mei: bus: type promotion bug in mei_nfc_if_version() (bnc#1012382). - memory_hotplug: cond_resched in __remove_pages (bnc#1114178). - mfd: omap-usb-host: Fix dts probe of children (bnc#1012382). - mfd: ti_am335x_tscadc: Fix struct clk memory leak (bnc#1012382). - misc: hmc6352: fix potential Spectre v1 (bnc#1012382). - misc: mic: SCIF Fix scif_get_new_port() error handling (bnc#1012382). - misc: ti-st: Fix memory leak in the error path of probe() (bnc#1012382). - mmc: mmci: stop building qcom dml as module (bsc#1110468). - mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1110006). - mm: get rid of vmacache_flush_all() entirely (bnc#1012382). - mm: madvise(MADV_DODUMP): allow hugetlbfs pages (bnc#1012382). - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907). - mm: shmem.c: Correctly annotate new inodes for lockdep (bnc#1012382). - mm/vmstat.c: fix outdated vmstat_text (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (git fixes). - module: exclude SHN_UNDEF symbols from kallsyms api (bnc#1012382). - mtdchar: fix overflows in adjustment of `count` (bnc#1012382). - mtd/maps: fix solutionengine.c printk format warnings (bnc#1012382). - neighbour: confirm neigh entries when ARP packet is received (bnc#1012382). - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (bnc#1012382). - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx() (bnc#1012382). - net: dcb: For wild-card lookups, use priority -1, not 0 (bnc#1012382). - net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (bsc#1110616). - net: ethernet: ti: cpsw: fix mdio device reference leak (bnc#1012382). - netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user (bnc#1012382). - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES (bnc#1012382). - net: hp100: fix always-true check for link up state (bnc#1012382). - net: ipv4: update fnhe_pmtu when first hop's MTU changes (bnc#1012382). - net/ipv6: Display all addresses in output of /proc/net/if_inet6 (bnc#1012382). - netlabel: check for IPV4MASK in addrinfo_get (bnc#1012382). - net: macb: disable scatter-gather for macb on sama5d3 (bnc#1012382). - net/mlx4: Use cpumask_available for eq->affinity_mask (bnc#1012382). - net: mvneta: fix mtu change on port without link (bnc#1012382). - net: mvneta: fix mvneta_config_rss on armada 3700 (bsc#1110615). - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (bnc#1012382). - net: systemport: Fix wake-up interrupt race during resume (bnc#1012382). - net/usb: cancel pending work when unbinding smsc75xx (bnc#1012382). - nfc: Fix possible memory corruption when handling SHDLC I-Frame commands (bnc#1012382). - nfc: Fix the number of pipes (bnc#1012382). - nfs: add nostatflush mount option (bsc#1065726). - nfs: Avoid quadratic search when freeing delegations (bsc#1084760). - nfsd: fix corrupted reply to badly ordered compound (bnc#1012382). - nfs: Use an appropriate work queue for direct-write completion (bsc#1082519). - nfsv4.0 fix client reference leak in callback (bnc#1012382). - ocfs2: fix locking for res->tracking and dlm->tracking_list (bnc#1012382). - ocfs2: fix ocfs2 read block panic (bnc#1012382). - of: unittest: Disable interrupt node tests for old world MAC systems (bnc#1012382). - ovl: Copy inode attributes after setting xattr (bsc#1107299). - parport: sunbpp: fix error return code (bnc#1012382). - partitions/aix: append null character to print data from disk (bnc#1012382). - partitions/aix: fix usage of uninitialized lv_info and lvname structures (bnc#1012382). - Pass x86 as architecture on x86_64 and i386 (bsc#1093118). - pci: altera: Fix bool initialization in tlp_read_packet() (bsc#1109806). - pci: designware: Fix I/O space page leak (bsc#1109806). - pci: designware: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: hv: Use effective affinity mask (bsc#1109772). - pci: OF: Fix I/O space page leak (bsc#1109806). - pci: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1109806). - pci: Reprogram bridge prefetch registers on resume (bnc#1012382). - pci: shpchp: Fix AMD POGO identification (bsc#1109806). - pci: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806). - pci: versatile: Fix I/O space page leak (bsc#1109806). - pci: versatile: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: xgene: Fix I/O space page leak (bsc#1109806). - pci: xilinx: Add missing of_node_put() (bsc#1109806). - perf powerpc: Fix callchain ip filtering (bnc#1012382). - perf powerpc: Fix callchain ip filtering when return address is in a register (bnc#1012382). - perf probe powerpc: Ignore SyS symbols irrespective of endianness (bnc#1012382). - perf script python: Fix export-to-postgresql.py occasional failure (bnc#1012382). - perf tools: Allow overriding MAX_NR_CPUS at compile time (bnc#1012382). - phy: qcom-ufs: add MODULE_LICENSE tag (bsc#1110468). - pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant (bnc#1012382). - pipe: actually allow root to exceed the pipe buffer limit (git-fixes). - platform/x86: alienware-wmi: Correct a memory leak (bnc#1012382). - platform/x86: toshiba_acpi: Fix defined but not used build warnings (bnc#1012382). - pm / core: Clear the direct_complete flag on errors (bnc#1012382). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/kdump: Handle crashkernel memory reservation failure (bnc#1012382). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784). - powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363). - powerpc/perf/hv-24x7: Fix passing of catalog version number (bsc#1053043). - powerpc/powernv: opal_put_chars partial write fix (bnc#1012382). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Define MCE error event section (bsc#1094244). - powerpc/pseries: Display machine check error details (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes). - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158). - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158). - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870). - powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333). - power: vexpress: fix corruption in notifier registration (bnc#1012382). - printk: do not spin in printk when in nmi (bsc#1094244). - proc: restrict kernel stack dumps to root (bnc#1012382). - pstore: Fix incorrect persistent ram buffer mapping (bnc#1012382). - qlcnic: fix Tx descriptor corruption on 82xx devices (bnc#1012382). - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bnc#1012382). - raid10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (bnc#1012382). - rculist: add list_for_each_entry_from_rcu() (bsc#1084760). - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760). - rdma/cma: Do not ignore net namespace for unbound cm_id (bnc#1012382). - rdma/cma: Protect cma dev list with lock (bnc#1012382). - rdma/ucma: check fd type in ucma_migrate_id() (bnc#1012382). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - resource: Include resource end in walk_*() interfaces (bsc#1114648). - Revert "btrfs: qgroups: Retry after commit on getting EDQUOT" (bsc#1031392). - Revert "dma-buf/sync-file: Avoid enable fence signaling if poll(.timeout=0)" (bsc#1111363). - Revert "drm: Do not pass negative delta to ktime_sub_ns()" (bsc#1106929) - Revert "drm/i915: Initialize HWS page address after GPU reset" (bsc#1106929) - Revert "Drop kernel trampoline stack." This reverts commit 85dead31706c1c1755adff90405ff9861c39c704. - Revert "kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)" This reverts commit edde1f21880e3bfe244c6f98a3733b05b13533dc. - Revert "kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch" (kabi). - Revert "media: v4l: event: Prevent freeing event subscriptions while accessed" (kabi). - Revert "mm: get rid of vmacache_flush_all() entirely" (kabi). - Revert "NFC: Fix the number of pipes" (kabi). - Revert "proc: restrict kernel stack dumps to root" (kabi). - Revert "Skip intel_crt_init for Dell XPS 8700" (bsc#1106929) - Revert "tcp: add tcp_ooo_try_coalesce() helper" (kabi). - Revert "tcp: call tcp_drop() from tcp_data_queue_ofo()" (kabi). - Revert "tcp: fix a stale ooo_last_skb after a replace" (kabi). - Revert "tcp: free batches of packets in tcp_prune_ofo_queue()" (kabi). - Revert "tcp: use an RB tree for ooo receive queue" (kabi). - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" (bnc#1012382). - Revert "x86/fpu: Finish excising 'eagerfpu'" (kabi). - Revert "x86/fpu: Remove struct fpu::counter" (kabi). - Revert "x86/fpu: Remove use_eager_fpu()" (kabi). - ring-buffer: Allow for rescheduling when removing pages (bnc#1012382). - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bnc#1012382). - rpm/kernel-binary.spec.in: Check module licenses (bsc#1083215,bsc#1083527) - rpm/kernel-binary.spec.in: Do not sign modules if CONFIG_MODULE_SIG=n (bsc#1035053) - rpm/kernel-binary.spec.in: Obsolete ftsteutates KMP (boo#997172) - rpm/kernel-binary.spec.in: Only kernel-syzkaller needs gcc-devel (boo#1043591). - rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199) - rpm/kernel-docs.spec.in: Fix and cleanup for 4.13 doc build (bsc#1048129) The whole DocBook stuff has been deleted. The PDF build still non-working thus the sub-packaging disabled so far. - rpm/kernel-docs.spec.in: refresh dependencies for PDF build (bsc#1048129) But it still does not work with Tex Live 2017, thus disabled yet. Also add texlive-anyfontsize for HTML math handling. - rpm/kernel-module-subpackage: Generate proper supplements in the template ... instead of relying on find-provides.ksyms to do it (bsc#981083). - rpm/kernel-source.spec.in: Do not list deleted depdendency helpers (bsc#981083). - rpm/kernel-spec-macros: Try harder to detect Build Service environment (bsc#1078788) - rtc: bq4802: add error handling for devm_ioremap (bnc#1012382). - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (bnc#1012382). - s390/chsc: Add exception handler for CHSC instruction (git-fixes). - s390/extmem: fix gcc 8 stringop-overflow warning (bnc#1012382). - s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108315, LTC#171326). - s390/kdump: Fix elfcorehdr size calculation (git-fixes). - s390/kdump: Make elfcorehdr size calculation ABI compliant (git-fixes). - s390/mm: correct allocate_pgste proc_handler callback (git-fixes). - s390/qeth: do not dump past end of unknown HW header (bnc#1012382). - s390/qeth: fix race in used-buffer accounting (bnc#1012382). - s390/qeth: handle failure on workqueue creation (git-fixes). - s390/qeth: reset layer2 attribute on layer switch (bnc#1012382). - s390/qeth: use vzalloc for QUERY OAT buffer (bnc#1108315, LTC#171527). - s390: revert ELF_ET_DYN_BASE base changes (git-fixes). - s390/stacktrace: fix address ranges for asynchronous and panic stack (git-fixes). - sched/fair: Fix bandwidth timer clock drift condition (Git-fixes). - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (Git-fixes). - scsi: 3ware: fix return 0 on the error path of probe (bnc#1012382). - scsi: bnx2i: add error handling for ioremap_nocache (bnc#1012382). - scsi: ibmvscsi: Improve strings handling (bnc#1012382). - scsi: klist: Make it safe to use klists in atomic context (bnc#1012382). - scsi: target: fix __transport_register_session locking (bnc#1012382). - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size (bnc#1012382). - selftests/efivarfs: add required kernel configs (bnc#1012382). - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock adjustments are in progress (bnc#1012382). - selinux: use GFP_NOWAIT in the AVC kmem_caches (bnc#1012382). - serial: cpm_uart: return immediately from console poll (bnc#1012382). - serial: imx: restore handshaking irq for imx1 (bnc#1012382). - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006). - slub: make ->cpu_partial unsigned int (bnc#1012382). - smb2: fix missing files in root share directory listing (bnc#1012382). - smb3: fill in statfs fsid and correct namelen (bsc#1112905). - sound: enable interrupt after dma buffer initialization (bnc#1012382). - spi: rspi: Fix interrupted DMA transfers (bnc#1012382). - spi: rspi: Fix invalid SPI use during system suspend (bnc#1012382). - spi: sh-msiof: Fix handling of write value for SISTR register (bnc#1012382). - spi: sh-msiof: Fix invalid SPI use during system suspend (bnc#1012382). - spi: tegra20-slink: explicitly enable/disable clock (bnc#1012382). - srcu: Allow use of Tiny/Tree SRCU from both process and interrupt context (bsc#1050549). - staging: android: ashmem: Fix mmap size validation (bnc#1012382). - staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page (bnc#1012382). - staging: rts5208: fix missing error check on call to rtsx_write_register (bnc#1012382). - staging/rts5208: Fix read overflow in memcpy (bnc#1012382). - stmmac: fix valid numbers of unicast filter entries (bnc#1012382). - stop_machine: Atomically queue and wake stopper threads (git-fixes). - target: log Data-Out timeouts as errors (bsc#1095805). - target: log NOP ping timeouts as errors (bsc#1095805). - target: split out helper for cxn timeout error stashing (bsc#1095805). - target: stash sess_err_stats on Data-Out timeout (bsc#1095805). - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805). - tcp: add tcp_ooo_try_coalesce() helper (bnc#1012382). - tcp: call tcp_drop() from tcp_data_queue_ofo() (bnc#1012382). - tcp: fix a stale ooo_last_skb after a replace (bnc#1012382). - tcp: free batches of packets in tcp_prune_ofo_queue() (bnc#1012382). - tcp: increment sk_drops for dropped rx packets (bnc#1012382). - tcp: use an RB tree for ooo receive queue (bnc#1012382). - team: Forbid enslaving team device to itself (bnc#1012382). - thermal: of-thermal: disable passive polling when thermal zone is disabled (bnc#1012382). - Tools: hv: Fix a bug in the key delete code (bnc#1012382). - tools/vm/page-types.c: fix "defined but not used" warning (bnc#1012382). - tools/vm/slabinfo.c: fix sign-compare warning (bnc#1012382). - tpm: Restore functionality to xen vtpm driver (bsc#1020645, git-fixes). - tsl2550: fix lux1_input error in low light (bnc#1012382). - tty: Drop tty->count on tty_reopen() failure (bnc#1105428). - tty: rocket: Fix possible buffer overwrite on register_PCI (bnc#1012382). - tty: vt_ioctl: fix potential Spectre v1 (bnc#1012382). - ubifs: Check for name being NULL while mounting (bnc#1012382). - ucma: fix a use-after-free in ucma_resolve_ip() (bnc#1012382). - uio: potential double frees if __uio_register_device() fails (bnc#1012382). - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bnc#1012382). - usb: Add quirk to support DJI CineSSD (bnc#1012382). - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bnc#1012382). - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() (bnc#1012382). - usb: Do not die twice if PCI xhci host is not responding in resume (bnc#1012382). - usb: fix error handling in usb_driver_claim_interface() (bnc#1012382). - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bnc#1012382). - usb: gadget: serial: fix oops when data rx'd after close (bnc#1012382). - usb: handle NULL config in usb_find_alt_setting() (bnc#1012382). - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bnc#1012382). - usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bnc#1012382). - usb: net2280: Fix erroneous synchronization change (bnc#1012382). - usb: remove LPM management from usb_driver_claim_interface() (bnc#1012382). - usb: serial: io_ti: fix array underflow in completion handler (bnc#1012382). - usb: serial: kobil_sct: fix modem-status error handling (bnc#1012382). - usb: serial: simple: add Motorola Tetra MTP6550 id (bnc#1012382). - usb: serial: ti_usb_3410_5052: fix array underflow in completion handler (bnc#1012382). - usb: usbdevfs: restore warning for nonsensical flags (bnc#1012382). - usb: usbdevfs: sanitize flags more (bnc#1012382). - usb: wusbcore: security: cast sizeof to int for comparison (bnc#1012382). - usb: yurex: Check for truncation in yurex_read() (bnc#1012382). - usb: yurex: Fix buffer over-read in yurex_write() (bnc#1012382). - Use upstream version of pci-hyperv change 35a88a18d7 - uwb: hwa-rc: fix memory leak at probe (bnc#1012382). - vfs: do not test owner for NFS in set_posix_acl() (bsc#1103405). - video: goldfishfb: fix memory leak on driver remove (bnc#1012382). - vmci: type promotion bug in qp_host_get_user_memory() (bnc#1012382). - vmw_balloon: include asm/io.h (bnc#1012382). - watchdog: w83627hf: Added NCT6102D support (bsc#1106434). - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bnc#1012382). - wlcore: Fix memory leak in wlcore_cmd_wait_for_event_or_timeout (git-fixes). - x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006). - x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006). - x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006). - x86/boot: Fix "run_size" calculation (bsc#1110006). - x86/cpufeature: deduplicate X86_FEATURE_L1TF_PTEINV (kabi). - x86/entry/64: Add two more instruction suffixes (bnc#1012382). - x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931). - x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931). - x86/fpu: Finish excising 'eagerfpu' (bnc#1012382). - x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006). - x86/fpu: Remove struct fpu::counter (bnc#1012382). - x86/fpu: Remove use_eager_fpu() (bnc#1012382). - x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772). - x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597). - x86/mm: Remove in_nmi() warning from vmalloc_fault() (bnc#1012382). - x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006). - x86/numa_emulation: Fix emulated-to-physical node mapping (bnc#1012382). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555). - x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516). - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913). - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913). - x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913). - x86/time: Correct the attribute on jiffies' definition (bsc#1110006). - x86/tsc: Add missing header to tsc_msr.c (bnc#1012382). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). - x86/vdso: Fix vDSO build if a retpoline is emitted (bsc#1110006). - x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006). - x86/vdso: Only enable vDSO retpolines when enabled and supported (bsc#1110006). - xen: avoid crash in disable_hotplug_cpu (bnc#1012382 bsc#1106594 bsc#1042422). - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (bnc#1012382). - xen: issue warning message when out of grant maptrack entries (bsc#1105795). - xen/manage: do not complain about an empty value in control/sysrq node (bnc#1012382). - xen/netfront: do not bug in case of too many frags (bnc#1012382). - xen-netfront: fix queue name setting (bnc#1012382). - xen/netfront: fix waiting for xenbus state change (bnc#1012382). - xen-netfront: fix warn message as irq device name has '/' (bnc#1012382). - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bnc#1012382). - xfrm: fix 'passing zero to ERR_PTR()' warning (bnc#1012382). - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bnc#1012382). - xhci: Do not print a warning when setting link state for disabled ports (bnc#1012382). - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114648). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP3: zypper in -t patch SUSE-SLE-WE-12-SP3-2018-2621=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2621=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2621=1 - SUSE Linux Enterprise High Availability 12-SP3: zypper in -t patch SUSE-SLE-HA-12-SP3-2018-2621=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2621=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64): kernel-default-debuginfo-4.4.162-94.69.2 kernel-default-debugsource-4.4.162-94.69.2 kernel-default-extra-4.4.162-94.69.2 kernel-default-extra-debuginfo-4.4.162-94.69.2 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): kernel-obs-build-4.4.162-94.69.2 kernel-obs-build-debugsource-4.4.162-94.69.2 - SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch): kernel-docs-4.4.162-94.69.2 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): kernel-default-4.4.162-94.69.2 kernel-default-base-4.4.162-94.69.2 kernel-default-base-debuginfo-4.4.162-94.69.2 kernel-default-debuginfo-4.4.162-94.69.2 kernel-default-debugsource-4.4.162-94.69.2 kernel-default-devel-4.4.162-94.69.2 kernel-syms-4.4.162-94.69.2 - SUSE Linux Enterprise Server 12-SP3 (noarch): kernel-devel-4.4.162-94.69.2 kernel-macros-4.4.162-94.69.2 kernel-source-4.4.162-94.69.2 - SUSE Linux Enterprise Server 12-SP3 (x86_64): lttng-modules-2.7.1-8.6.1 lttng-modules-debugsource-2.7.1-8.6.1 lttng-modules-kmp-default-2.7.1_k4.4.162_94.69-8.6.1 lttng-modules-kmp-default-debuginfo-2.7.1_k4.4.162_94.69-8.6.1 - SUSE Linux Enterprise Server 12-SP3 (s390x): kernel-default-man-4.4.162-94.69.2 - SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64): cluster-md-kmp-default-4.4.162-94.69.2 cluster-md-kmp-default-debuginfo-4.4.162-94.69.2 dlm-kmp-default-4.4.162-94.69.2 dlm-kmp-default-debuginfo-4.4.162-94.69.2 gfs2-kmp-default-4.4.162-94.69.2 gfs2-kmp-default-debuginfo-4.4.162-94.69.2 kernel-default-debuginfo-4.4.162-94.69.2 kernel-default-debugsource-4.4.162-94.69.2 ocfs2-kmp-default-4.4.162-94.69.2 ocfs2-kmp-default-debuginfo-4.4.162-94.69.2 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): kernel-devel-4.4.162-94.69.2 kernel-macros-4.4.162-94.69.2 kernel-source-4.4.162-94.69.2 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): kernel-default-4.4.162-94.69.2 kernel-default-debuginfo-4.4.162-94.69.2 kernel-default-debugsource-4.4.162-94.69.2 kernel-default-devel-4.4.162-94.69.2 kernel-default-extra-4.4.162-94.69.2 kernel-default-extra-debuginfo-4.4.162-94.69.2 kernel-syms-4.4.162-94.69.2 - SUSE CaaS Platform ALL (x86_64): kernel-default-4.4.162-94.69.2 kernel-default-debuginfo-4.4.162-94.69.2 kernel-default-debugsource-4.4.162-94.69.2 - SUSE CaaS Platform 3.0 (x86_64): kernel-default-4.4.162-94.69.2 kernel-default-debuginfo-4.4.162-94.69.2 kernel-default-debugsource-4.4.162-94.69.2 References: https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-18281.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18690.html https://www.suse.com/security/cve/CVE-2018-18710.html https://www.suse.com/security/cve/CVE-2018-9516.html https://bugzilla.suse.com/1011920 https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1020645 https://bugzilla.suse.com/1031392 https://bugzilla.suse.com/1035053 https://bugzilla.suse.com/1042422 https://bugzilla.suse.com/1043591 https://bugzilla.suse.com/1048129 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1050549 https://bugzilla.suse.com/1053043 https://bugzilla.suse.com/1054239 https://bugzilla.suse.com/1057199 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065726 https://bugzilla.suse.com/1067906 https://bugzilla.suse.com/1073579 https://bugzilla.suse.com/1076393 https://bugzilla.suse.com/1078788 https://bugzilla.suse.com/1079524 https://bugzilla.suse.com/1082519 https://bugzilla.suse.com/1083215 https://bugzilla.suse.com/1083527 https://bugzilla.suse.com/1084760 https://bugzilla.suse.com/1089343 https://bugzilla.suse.com/1091158 https://bugzilla.suse.com/1093118 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1095805 https://bugzilla.suse.com/1096052 https://bugzilla.suse.com/1098050 https://bugzilla.suse.com/1098996 https://bugzilla.suse.com/1099597 https://bugzilla.suse.com/1101555 https://bugzilla.suse.com/1103308 https://bugzilla.suse.com/1103405 https://bugzilla.suse.com/1104124 https://bugzilla.suse.com/1105025 https://bugzilla.suse.com/1105428 https://bugzilla.suse.com/1105795 https://bugzilla.suse.com/1105931 https://bugzilla.suse.com/1106105 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1106293 https://bugzilla.suse.com/1106359 https://bugzilla.suse.com/1106434 https://bugzilla.suse.com/1106594 https://bugzilla.suse.com/1106913 https://bugzilla.suse.com/1106929 https://bugzilla.suse.com/1107060 https://bugzilla.suse.com/1107299 https://bugzilla.suse.com/1107318 https://bugzilla.suse.com/1107535 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107870 https://bugzilla.suse.com/1108315 https://bugzilla.suse.com/1108377 https://bugzilla.suse.com/1108498 https://bugzilla.suse.com/1109158 https://bugzilla.suse.com/1109333 https://bugzilla.suse.com/1109772 https://bugzilla.suse.com/1109784 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1109907 https://bugzilla.suse.com/1109919 https://bugzilla.suse.com/1109923 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110363 https://bugzilla.suse.com/1110468 https://bugzilla.suse.com/1110600 https://bugzilla.suse.com/1110601 https://bugzilla.suse.com/1110602 https://bugzilla.suse.com/1110603 https://bugzilla.suse.com/1110604 https://bugzilla.suse.com/1110605 https://bugzilla.suse.com/1110606 https://bugzilla.suse.com/1110611 https://bugzilla.suse.com/1110612 https://bugzilla.suse.com/1110613 https://bugzilla.suse.com/1110614 https://bugzilla.suse.com/1110615 https://bugzilla.suse.com/1110616 https://bugzilla.suse.com/1110618 https://bugzilla.suse.com/1110619 https://bugzilla.suse.com/1111363 https://bugzilla.suse.com/1111516 https://bugzilla.suse.com/1111870 https://bugzilla.suse.com/1112007 https://bugzilla.suse.com/1112262 https://bugzilla.suse.com/1112263 https://bugzilla.suse.com/1112894 https://bugzilla.suse.com/1112902 https://bugzilla.suse.com/1112903 https://bugzilla.suse.com/1112905 https://bugzilla.suse.com/1113667 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113769 https://bugzilla.suse.com/1114178 https://bugzilla.suse.com/1114229 https://bugzilla.suse.com/1114648 https://bugzilla.suse.com/981083 https://bugzilla.suse.com/997172 From sle-security-updates at lists.suse.com Tue Nov 13 04:11:14 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 13 Nov 2018 12:11:14 +0100 (CET) Subject: SUSE-SU-2018:3746-1: important: Security update for the Linux Kernel Message-ID: <20181113111114.D3153FD4E@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3746-1 Rating: important References: #1031240 #1047027 #1049128 #1050431 #1064861 #1065600 #1066674 #1071021 #1081680 #1094244 #1094825 #1103145 #1105799 #1106139 #1106240 #1107371 #1107829 #1107849 #1108314 #1108498 #1109806 #1109818 #1110006 #1110247 #1113337 #1113751 #1113769 #1114460 #923775 Cross-References: CVE-2017-1000407 CVE-2017-16533 CVE-2017-7273 CVE-2018-14633 CVE-2018-18281 CVE-2018-18386 CVE-2018-18710 CVE-2018-9516 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 21 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to 3.0.101-108.81 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18281: An issue was discovered in the Linux kernel, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused (bnc#1113769). - CVE-2018-18710: An issue was discovered in the Linux kernel, an information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240). - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674). - CVE-2017-1000407: An denial of service issue was discovered in the Linux kernel, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic (bnc#1071021). - CVE-2018-9516: An issue was discovered in the Linux kernel, the copy_to_user() inside the HID code does not correctly check the length before executing (bsc#1108498). - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bnc#1107829). The following non-security bugs were fixed: - Btrfs: fix deadlock when finalizing block group creation (bsc#1107849). - Btrfs: fix quick exhaustion of the system array in the superblock (bsc#1107849). - FS-Cache: Synchronise object death state change vs operation submission (bsc#1107371). - KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - KVM: Disable irq while unregistering user notifier (bsc#1106240). - KVM: SVM: obey guest PAT (bsc#1106240). - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (bsc#1106240). - KVM: emulate: fix CMPXCHG8B on 32-bit hosts (bsc#1106240). - KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bsc#1106240). - KVM: x86: fix use of uninitialized memory as segment descriptor in emulator (bsc#1106240). - KVM: x86: zero base3 of unusable segments (bsc#1106240). - NFS - do not hang if xdr decoded username is bad (bsc#1105799). - NFSv4.1 - Do not leak IO size from one mount to another (bsc#1103145). - PCI/AER: Report non-fatal errors only to the affected endpoint (bsc#1109806). - PCI: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806). - PCI: shpchp: Check bridge's secondary (not primary) bus speed (bsc#1109806). - PCI: shpchp: Fix AMD POGO identification (bsc#1109806). - add kernel parameter to disable failfast on block devices (bsc#1081680). - block: add flag QUEUE_FLAG_REGISTERED (bsc#1047027). - block: allow gendisk's request_queue registration to be deferred (bsc#1047027). - crypto: ghash-clmulni-intel - use C implementation for setkey() (bsc#1110006). - dm: fix incomplete request_queue initialization (bsc#1047027). - dm: only initialize the request_queue once (bsc#1047027). - firmware/ihex2fw.c: restore missing default in switch statement (bsc#1114460). - kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (git-fixes). - locks: fix unlock when fcntl_setlk races with a close (git-fixes). - media: Fix invalid free in the fix for mceusb (bsc#1050431). - media: cx25821: prevent out-of-bounds read on array card (bsc#1050431). - media: ite-cir: initialize use_demodulator before using it (bsc#1050431). - media: mceusb: fix NULL-deref at probe (bsc#1050431). - media: mceusb: fix memory leaks in error path. - percpu: make pcpu_alloc_chunk() use pcpu_mem_free() instead of kfree() (git fixes). - powerpc, KVM: Rework KVM checks in first-level interrupt handlers (bsc#1094244). - powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244). - powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bsc#1064861). - powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244). - powerpc/64s: Exception macro for stack frame and initial register save (bsc#1094244). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/asm: Mark cr0 as clobbered in mftb() (bsc#1049128). - powerpc/book3s: Introduce a early machine check hook in cpu_spec (bsc#1094244). - powerpc/book3s: Introduce exclusive emergency stack for machine check exception (bsc#1094244). - powerpc/book3s: Split the common exception prolog logic into two section (bsc#1094244). - powerpc/book3s: handle machine check in Linux host (bsc#1094244). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/pseries: Avoid using the size greater than (bsc#1094244). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc: Add a symbol for hypervisor trampolines (bsc#1094244). - powerpc: Fix smp_mb__before_spinlock() (bsc#1110247). - powerpc: Make load_hander handle upto 64k offset (bsc#1094244). - powerpc: Rework runlatch code (bsc#1094244). - powerpc: Save CFAR before branching in interrupt entry paths (bsc#1094244). - powerpc: cputable: KABI - hide new cpu_spec member from genksyms (bsc#1094244). - powerpc: move MCE handler out-of-line and consolidate with machine_check_fwnmi (bsc#1094244). - powerpc: move stab code into #ifndef CONFIG_POWER4_ONLY (bsc#1094244). - powerpc: replace open-coded EXCEPTION_PROLOG_1 with the macro in slb miss handlers (bsc#1094244). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - retpoline: Introduce start/end markers of indirect thunk (bsc#1113337). - s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108314, LTC#171326). - s390/sclp: Change SCLP console default buffer-full behavior (bnc#1108314, LTC#171049). - scsi: libfc: Do not drop down to FLOGI for fc_rport_login() (bsc#1106139). - scsi: libfc: Do not login if the port is already started (bsc#1106139). - scsi: libfc: do not advance state machine for incoming FLOGI (bsc#1106139). - scsi: storvsc: fix memory leak on ring buffer busy (bnc#923775). - signals: avoid unnecessary taking of sighand->siglock (bsc#1110247). - x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006). - x86/mm/32: Set the '__vmalloc_start_set' flag in initmem_init() (bsc#1110006). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86/process: Re-export start_thread() (bsc#1110006). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-source-13863=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-source-13863=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-source-13863=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-source-13863=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-108.81.1 kernel-default-base-3.0.101-108.81.1 kernel-default-devel-3.0.101-108.81.1 kernel-source-3.0.101-108.81.1 kernel-syms-3.0.101-108.81.1 kernel-trace-3.0.101-108.81.1 kernel-trace-base-3.0.101-108.81.1 kernel-trace-devel-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-108.81.1 kernel-ec2-base-3.0.101-108.81.1 kernel-ec2-devel-3.0.101-108.81.1 kernel-xen-3.0.101-108.81.1 kernel-xen-base-3.0.101-108.81.1 kernel-xen-devel-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-108.81.1 kernel-bigmem-base-3.0.101-108.81.1 kernel-bigmem-devel-3.0.101-108.81.1 kernel-ppc64-3.0.101-108.81.1 kernel-ppc64-base-3.0.101-108.81.1 kernel-ppc64-devel-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-108.81.1 kernel-pae-base-3.0.101-108.81.1 kernel-pae-devel-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-108.81.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-108.81.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-108.81.1 kernel-default-debugsource-3.0.101-108.81.1 kernel-trace-debuginfo-3.0.101-108.81.1 kernel-trace-debugsource-3.0.101-108.81.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-108.81.1 kernel-trace-devel-debuginfo-3.0.101-108.81.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-108.81.1 kernel-ec2-debugsource-3.0.101-108.81.1 kernel-xen-debuginfo-3.0.101-108.81.1 kernel-xen-debugsource-3.0.101-108.81.1 kernel-xen-devel-debuginfo-3.0.101-108.81.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-108.81.1 kernel-bigmem-debugsource-3.0.101-108.81.1 kernel-ppc64-debuginfo-3.0.101-108.81.1 kernel-ppc64-debugsource-3.0.101-108.81.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-108.81.1 kernel-pae-debugsource-3.0.101-108.81.1 kernel-pae-devel-debuginfo-3.0.101-108.81.1 References: https://www.suse.com/security/cve/CVE-2017-1000407.html https://www.suse.com/security/cve/CVE-2017-16533.html https://www.suse.com/security/cve/CVE-2017-7273.html https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-18281.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18710.html https://www.suse.com/security/cve/CVE-2018-9516.html https://bugzilla.suse.com/1031240 https://bugzilla.suse.com/1047027 https://bugzilla.suse.com/1049128 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1064861 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1066674 https://bugzilla.suse.com/1071021 https://bugzilla.suse.com/1081680 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1103145 https://bugzilla.suse.com/1105799 https://bugzilla.suse.com/1106139 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1107371 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107849 https://bugzilla.suse.com/1108314 https://bugzilla.suse.com/1108498 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110247 https://bugzilla.suse.com/1113337 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113769 https://bugzilla.suse.com/1114460 https://bugzilla.suse.com/923775 From sle-security-updates at lists.suse.com Tue Nov 13 07:09:30 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 13 Nov 2018 15:09:30 +0100 (CET) Subject: SUSE-SU-2018:3749-1: important: Security update for MozillaFirefox Message-ID: <20181113140930.6DE18FD4E@maintenance.suse.de> SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3749-1 Rating: important References: #1112852 Cross-References: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP3 SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for MozillaFirefox fixes the following issues: Security issues fixed: - Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 (bsc#1112852) - CVE-2018-12392: Crash with nested event loops. - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript. - CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting. - CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts. - CVE-2018-12397: WebExtension local file access vulnerability. - CVE-2018-12389: Memory safety bugs fixed in Firefox ESR 60.3. - CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2648=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2648=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2648=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2648=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2648=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2648=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2648=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2648=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2648=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2648=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 - SUSE Enterprise Storage 4 (x86_64): MozillaFirefox-60.3.0-109.50.2 MozillaFirefox-debuginfo-60.3.0-109.50.2 MozillaFirefox-debugsource-60.3.0-109.50.2 MozillaFirefox-devel-60.3.0-109.50.2 MozillaFirefox-translations-common-60.3.0-109.50.2 References: https://www.suse.com/security/cve/CVE-2018-12389.html https://www.suse.com/security/cve/CVE-2018-12390.html https://www.suse.com/security/cve/CVE-2018-12392.html https://www.suse.com/security/cve/CVE-2018-12393.html https://www.suse.com/security/cve/CVE-2018-12395.html https://www.suse.com/security/cve/CVE-2018-12396.html https://www.suse.com/security/cve/CVE-2018-12397.html https://bugzilla.suse.com/1112852 From sle-security-updates at lists.suse.com Tue Nov 13 07:11:25 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 13 Nov 2018 15:11:25 +0100 (CET) Subject: SUSE-SU-2018:3753-1: moderate: Security update for ImageMagick Message-ID: <20181113141125.B42DCFD4E@maintenance.suse.de> SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3753-1 Rating: moderate References: #1106254 #1110746 #1111069 #1111072 Cross-References: CVE-2018-17966 CVE-2018-18016 CVE-2018-18024 Affected Products: SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. (bsc#1111069) - CVE-2018-18016: Fixed a memory leak in WritePCXImage (bsc#1111072). - CVE-2018-17966: Fixed a memory leak in WritePDBImage (bsc#1110746). Non security issues fixed: - Fixed -morphology EdgeIn output (bsc#1106254) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2647=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2647=1 Package List: - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64): ImageMagick-debuginfo-7.0.7.34-3.34.3 ImageMagick-debugsource-7.0.7.34-3.34.3 perl-PerlMagick-7.0.7.34-3.34.3 perl-PerlMagick-debuginfo-7.0.7.34-3.34.3 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): ImageMagick-7.0.7.34-3.34.3 ImageMagick-debuginfo-7.0.7.34-3.34.3 ImageMagick-debugsource-7.0.7.34-3.34.3 ImageMagick-devel-7.0.7.34-3.34.3 libMagick++-7_Q16HDRI4-7.0.7.34-3.34.3 libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-3.34.3 libMagick++-devel-7.0.7.34-3.34.3 libMagickCore-7_Q16HDRI6-7.0.7.34-3.34.3 libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-3.34.3 libMagickWand-7_Q16HDRI6-7.0.7.34-3.34.3 libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-3.34.3 References: https://www.suse.com/security/cve/CVE-2018-17966.html https://www.suse.com/security/cve/CVE-2018-18016.html https://www.suse.com/security/cve/CVE-2018-18024.html https://bugzilla.suse.com/1106254 https://bugzilla.suse.com/1110746 https://bugzilla.suse.com/1111069 https://bugzilla.suse.com/1111072 From sle-security-updates at lists.suse.com Tue Nov 13 07:12:50 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 13 Nov 2018 15:12:50 +0100 (CET) Subject: SUSE-SU-2018:3755-1: moderate: Security update for apache-pdfbox Message-ID: <20181113141250.2C05EFD4E@maintenance.suse.de> SUSE Security Update: Security update for apache-pdfbox ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3755-1 Rating: moderate References: #1111009 Cross-References: CVE-2018-11797 Affected Products: SUSE Linux Enterprise Module for Development Tools 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for apache-pdfbox fixes the following security issue: - CVE-2018-11797: A carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree. (bsc#1111009): Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2018-2646=1 Package List: - SUSE Linux Enterprise Module for Development Tools 15 (noarch): apache-pdfbox-1.8.12-5.6.3 References: https://www.suse.com/security/cve/CVE-2018-11797.html https://bugzilla.suse.com/1111009 From sle-security-updates at lists.suse.com Wed Nov 14 10:08:26 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 14 Nov 2018 18:08:26 +0100 (CET) Subject: SUSE-SU-2018:3767-1: important: Security update for systemd Message-ID: <20181114170826.05500FCA4@maintenance.suse.de> SUSE Security Update: Security update for systemd ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3767-1 Rating: important References: #1106923 #1108835 #1109252 #1110445 #1111278 #1112024 #1113083 #1113632 #1113665 Cross-References: CVE-2018-15686 CVE-2018-15688 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Desktop 12-SP3 SUSE Enterprise Storage 4 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves two vulnerabilities and has 7 fixes is now available. Description: This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) - CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non-security issues fixed: - dhcp6: split assert_return() to be more debuggable when hit - core: skip unit deserialization and move to the next one when unit_deserialize() fails - core: properly handle deserialization of unknown unit types (#6476) - core: don't create Requires for workdir if "missing ok" (bsc#1113083) - logind: use manager_get_user_by_pid() where appropriate - logind: rework manager_get_{user|session}_by_pid() a bit - login: fix user at .service case, so we don't allow nested sessions (#8051) (bsc#1112024) - core: be more defensive if we can't determine per-connection socket peer (#7329) - socket-util: introduce port argument in sockaddr_port() - service: fixup ExecStop for socket-activated shutdown (#4120) - service: Continue shutdown on socket activated unit on termination (#4108) (bsc#1106923) - cryptsetup: build fixes for "add support for sector-size= option" - udev-rules: IMPORT cmdline does not recognize keys with similar names (bsc#1111278) - core: keep the kernel coredump defaults when systemd-coredump is disabled - core: shorten main() a bit, split out coredump initialization - core: set RLIMIT_CORE to unlimited by default (bsc#1108835) - core/mount: fstype may be NULL - journald: don't ship systemd-journald-audit.socket (bsc#1109252) - core: make "tmpfs" dependencies on swapfs a "default" dep, not an "implicit" (bsc#1110445) - mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) - tmp.mount.hm4: After swap.target (#3087) - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2659=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2659=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2659=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2659=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2659=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2659=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2659=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2659=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2659=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): libsystemd0-228-150.53.3 libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE OpenStack Cloud 7 (noarch): systemd-bash-completion-228-150.53.3 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libudev-devel-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-devel-228-150.53.3 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libsystemd0-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libudev1-228-150.53.3 libudev1-debuginfo-228-150.53.3 systemd-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): systemd-bash-completion-228-150.53.3 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libsystemd0-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libudev1-228-150.53.3 libudev1-debuginfo-228-150.53.3 systemd-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 - SUSE Linux Enterprise Server 12-SP3 (noarch): systemd-bash-completion-228-150.53.3 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libsystemd0-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libudev1-228-150.53.3 libudev1-debuginfo-228-150.53.3 systemd-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64): libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): systemd-bash-completion-228-150.53.3 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libsystemd0-228-150.53.3 libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): systemd-bash-completion-228-150.53.3 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libsystemd0-228-150.53.3 libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): systemd-bash-completion-228-150.53.3 - SUSE Enterprise Storage 4 (x86_64): libsystemd0-228-150.53.3 libsystemd0-32bit-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libsystemd0-debuginfo-32bit-228-150.53.3 libudev1-228-150.53.3 libudev1-32bit-228-150.53.3 libudev1-debuginfo-228-150.53.3 libudev1-debuginfo-32bit-228-150.53.3 systemd-228-150.53.3 systemd-32bit-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debuginfo-32bit-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE Enterprise Storage 4 (noarch): systemd-bash-completion-228-150.53.3 - SUSE CaaS Platform ALL (x86_64): libsystemd0-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libudev1-228-150.53.3 libudev1-debuginfo-228-150.53.3 systemd-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - SUSE CaaS Platform 3.0 (x86_64): libsystemd0-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libudev1-228-150.53.3 libudev1-debuginfo-228-150.53.3 systemd-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libsystemd0-228-150.53.3 libsystemd0-debuginfo-228-150.53.3 libudev1-228-150.53.3 libudev1-debuginfo-228-150.53.3 systemd-228-150.53.3 systemd-debuginfo-228-150.53.3 systemd-debugsource-228-150.53.3 systemd-sysvinit-228-150.53.3 udev-228-150.53.3 udev-debuginfo-228-150.53.3 References: https://www.suse.com/security/cve/CVE-2018-15686.html https://www.suse.com/security/cve/CVE-2018-15688.html https://bugzilla.suse.com/1106923 https://bugzilla.suse.com/1108835 https://bugzilla.suse.com/1109252 https://bugzilla.suse.com/1110445 https://bugzilla.suse.com/1111278 https://bugzilla.suse.com/1112024 https://bugzilla.suse.com/1113083 https://bugzilla.suse.com/1113632 https://bugzilla.suse.com/1113665 From sle-security-updates at lists.suse.com Wed Nov 14 10:10:43 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 14 Nov 2018 18:10:43 +0100 (CET) Subject: SUSE-SU-2018:3768-1: moderate: Security update for openssh-openssl1 Message-ID: <20181114171043.B2F5FFCA4@maintenance.suse.de> SUSE Security Update: Security update for openssh-openssl1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3768-1 Rating: moderate References: #1091396 #1105010 #1106163 #964336 Cross-References: CVE-2018-15473 CVE-2018-15919 Affected Products: SUSE Linux Enterprise Server 11-SECURITY ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for openssh-openssl1 fixes the following issues: Security issues fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability. (bsc#1106163) - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010) Following non-security issues were fixed: - Fix for sftp client because it returns wrong error code upon failure (bsc#1091396) - Stop leaking File descriptors (bsc#964336) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-openssh-openssl1-13865=1 Package List: - SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): openssh-openssl1-6.6p1-19.6.1 openssh-openssl1-helpers-6.6p1-19.6.1 References: https://www.suse.com/security/cve/CVE-2018-15473.html https://www.suse.com/security/cve/CVE-2018-15919.html https://bugzilla.suse.com/1091396 https://bugzilla.suse.com/1105010 https://bugzilla.suse.com/1106163 https://bugzilla.suse.com/964336 From sle-security-updates at lists.suse.com Wed Nov 14 10:11:53 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 14 Nov 2018 18:11:53 +0100 (CET) Subject: SUSE-SU-2018:3769-1: important: Security update for MozillaThunderbird Message-ID: <20181114171153.DEA57FCA4@maintenance.suse.de> SUSE Security Update: Security update for MozillaThunderbird ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3769-1 Rating: important References: #1112852 Cross-References: CVE-2018-12389 CVE-2018-12390 CVE-2018-12391 CVE-2018-12392 CVE-2018-12393 Affected Products: SUSE Linux Enterprise Workstation Extension 15 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for MozillaThunderbird fixes the following issues: Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues (bsc#1112852): Security issues fixed (MFSA 2018-28): - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391: Fixed HTTP Live Stream audio data is accessible cross-origin. - CVE-2018-12392: Fixed crash with nested event loops. - CVE-2018-12393: Fixed integer overflow during Unicode conversion while loading JavaScript. Non-security issues fixed: - various theme fixes - Shift+PageUp/PageDown in Write window - Gloda attachment filtering - Mailing list address auto-complete enter/return handling - Thunderbird hung if HTML signature references non-existent image - Filters not working for headers that appear more than once - Update _constraints for armv6/7 - Add memory-constraints to avoid OOM errors Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2018-2660=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (x86_64): MozillaThunderbird-60.3.0-3.17.2 MozillaThunderbird-debuginfo-60.3.0-3.17.2 MozillaThunderbird-debugsource-60.3.0-3.17.2 MozillaThunderbird-translations-common-60.3.0-3.17.2 MozillaThunderbird-translations-other-60.3.0-3.17.2 References: https://www.suse.com/security/cve/CVE-2018-12389.html https://www.suse.com/security/cve/CVE-2018-12390.html https://www.suse.com/security/cve/CVE-2018-12391.html https://www.suse.com/security/cve/CVE-2018-12392.html https://www.suse.com/security/cve/CVE-2018-12393.html https://bugzilla.suse.com/1112852 From sle-security-updates at lists.suse.com Thu Nov 15 10:08:51 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 15 Nov 2018 18:08:51 +0100 (CET) Subject: SUSE-SU-2018:3770-1: moderate: Security update for postgresql10 Message-ID: <20181115170851.0732DFCA4@maintenance.suse.de> SUSE Security Update: Security update for postgresql10 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3770-1 Rating: moderate References: #1114837 Cross-References: CVE-2018-16850 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2018-16850: Fixed improper quoting of transition table names when pg_dump emits CREATE TRIGGER could have caused privilege escalation (bsc#1114837). Non-security issues fixed: - Update to release 10.6: * https://www.postgresql.org/docs/current/static/release-10-6.html Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2662=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2662=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2662=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): postgresql10-devel-10.6-1.6.1 postgresql10-devel-debuginfo-10.6-1.6.1 postgresql10-libs-debugsource-10.6-1.6.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libecpg6-10.6-1.6.1 libecpg6-debuginfo-10.6-1.6.1 libpq5-10.6-1.6.1 libpq5-debuginfo-10.6-1.6.1 postgresql10-10.6-1.6.1 postgresql10-contrib-10.6-1.6.1 postgresql10-contrib-debuginfo-10.6-1.6.1 postgresql10-debuginfo-10.6-1.6.1 postgresql10-debugsource-10.6-1.6.1 postgresql10-libs-debugsource-10.6-1.6.1 postgresql10-server-10.6-1.6.1 postgresql10-server-debuginfo-10.6-1.6.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libpq5-32bit-10.6-1.6.1 libpq5-debuginfo-32bit-10.6-1.6.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): postgresql10-docs-10.6-1.6.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libecpg6-10.6-1.6.1 libecpg6-debuginfo-10.6-1.6.1 libpq5-10.6-1.6.1 libpq5-32bit-10.6-1.6.1 libpq5-debuginfo-10.6-1.6.1 libpq5-debuginfo-32bit-10.6-1.6.1 postgresql10-10.6-1.6.1 postgresql10-debuginfo-10.6-1.6.1 postgresql10-debugsource-10.6-1.6.1 postgresql10-libs-debugsource-10.6-1.6.1 References: https://www.suse.com/security/cve/CVE-2018-16850.html https://bugzilla.suse.com/1114837 From sle-security-updates at lists.suse.com Thu Nov 15 10:09:27 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 15 Nov 2018 18:09:27 +0100 (CET) Subject: SUSE-SU-2018:3771-1: important: Security update for squid Message-ID: <20181115170927.5D42CFCA4@maintenance.suse.de> SUSE Security Update: Security update for squid ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3771-1 Rating: important References: #1082318 #1112066 #1112695 #1113668 #1113669 Cross-References: CVE-2018-19131 CVE-2018-19132 Affected Products: SUSE Linux Enterprise Server 12-SP3 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668). - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets (bsc#1113669). Non-security issues fixed: - Create runtime directories needed when SMP mode is enabled (bsc#1112695, bsc#1112066). - Install license correctly (bsc#1082318). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2663=1 Package List: - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): squid-3.5.21-26.12.1 squid-debuginfo-3.5.21-26.12.1 squid-debugsource-3.5.21-26.12.1 References: https://www.suse.com/security/cve/CVE-2018-19131.html https://www.suse.com/security/cve/CVE-2018-19132.html https://bugzilla.suse.com/1082318 https://bugzilla.suse.com/1112066 https://bugzilla.suse.com/1112695 https://bugzilla.suse.com/1113668 https://bugzilla.suse.com/1113669 From sle-security-updates at lists.suse.com Thu Nov 15 10:10:52 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 15 Nov 2018 18:10:52 +0100 (CET) Subject: SUSE-SU-2018:3772-1: important: Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP1) Message-ID: <20181115171052.EDCC2FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3772-1 Rating: important References: #1112039 Cross-References: CVE-2018-18386 Affected Products: SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.74-60_64_107 fixes one issue. The following security issue was fixed: - CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2664=1 SUSE-SLE-SERVER-12-SP1-2018-2665=1 SUSE-SLE-SERVER-12-SP1-2018-2669=1 SUSE-SLE-SERVER-12-SP1-2018-2670=1 SUSE-SLE-SERVER-12-SP1-2018-2678=1 SUSE-SLE-SERVER-12-SP1-2018-2679=1 SUSE-SLE-SERVER-12-SP1-2018-2680=1 SUSE-SLE-SERVER-12-SP1-2018-2681=1 SUSE-SLE-SERVER-12-SP1-2018-2682=1 SUSE-SLE-SERVER-12-SP1-2018-2683=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2666=1 SUSE-SLE-SERVER-12-2018-2667=1 SUSE-SLE-SERVER-12-2018-2668=1 SUSE-SLE-SERVER-12-2018-2671=1 SUSE-SLE-SERVER-12-2018-2672=1 SUSE-SLE-SERVER-12-2018-2673=1 SUSE-SLE-SERVER-12-2018-2674=1 SUSE-SLE-SERVER-12-2018-2675=1 SUSE-SLE-SERVER-12-2018-2676=1 SUSE-SLE-SERVER-12-2018-2677=1 Package List: - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_74-60_64_104-default-3-2.1 kgraft-patch-3_12_74-60_64_104-xen-3-2.1 kgraft-patch-3_12_74-60_64_107-default-3-2.1 kgraft-patch-3_12_74-60_64_107-xen-3-2.1 kgraft-patch-3_12_74-60_64_66-default-10-2.1 kgraft-patch-3_12_74-60_64_66-xen-10-2.1 kgraft-patch-3_12_74-60_64_69-default-9-2.1 kgraft-patch-3_12_74-60_64_69-xen-9-2.1 kgraft-patch-3_12_74-60_64_82-default-9-2.1 kgraft-patch-3_12_74-60_64_82-xen-9-2.1 kgraft-patch-3_12_74-60_64_85-default-9-2.1 kgraft-patch-3_12_74-60_64_85-xen-9-2.1 kgraft-patch-3_12_74-60_64_88-default-7-2.1 kgraft-patch-3_12_74-60_64_88-xen-7-2.1 kgraft-patch-3_12_74-60_64_93-default-6-2.1 kgraft-patch-3_12_74-60_64_93-xen-6-2.1 kgraft-patch-3_12_74-60_64_96-default-6-2.1 kgraft-patch-3_12_74-60_64_96-xen-6-2.1 kgraft-patch-3_12_74-60_64_99-default-5-2.1 kgraft-patch-3_12_74-60_64_99-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_106-default-11-2.1 kgraft-patch-3_12_61-52_106-xen-11-2.1 kgraft-patch-3_12_61-52_111-default-10-2.1 kgraft-patch-3_12_61-52_111-xen-10-2.1 kgraft-patch-3_12_61-52_119-default-10-2.1 kgraft-patch-3_12_61-52_119-xen-10-2.1 kgraft-patch-3_12_61-52_122-default-10-2.1 kgraft-patch-3_12_61-52_122-xen-10-2.1 kgraft-patch-3_12_61-52_125-default-9-2.1 kgraft-patch-3_12_61-52_125-xen-9-2.1 kgraft-patch-3_12_61-52_128-default-7-2.1 kgraft-patch-3_12_61-52_128-xen-7-2.1 kgraft-patch-3_12_61-52_133-default-6-2.1 kgraft-patch-3_12_61-52_133-xen-6-2.1 kgraft-patch-3_12_61-52_136-default-6-2.1 kgraft-patch-3_12_61-52_136-xen-6-2.1 kgraft-patch-3_12_61-52_141-default-5-2.1 kgraft-patch-3_12_61-52_141-xen-5-2.1 kgraft-patch-3_12_61-52_146-default-3-2.1 kgraft-patch-3_12_61-52_146-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2018-18386.html https://bugzilla.suse.com/1112039 From sle-security-updates at lists.suse.com Thu Nov 15 13:08:39 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 15 Nov 2018 21:08:39 +0100 (CET) Subject: SUSE-SU-2018:3773-1: important: Security update for the Linux RT Kernel Message-ID: <20181115200839.81549FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux RT Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3773-1 Rating: important References: #1011920 #1012382 #1012422 #1020645 #1031392 #1035053 #1042422 #1043591 #1048129 #1050431 #1050549 #1053043 #1054239 #1057199 #1065600 #1065726 #1067906 #1073579 #1076393 #1078788 #1079524 #1082519 #1083215 #1083527 #1084760 #1089343 #1091158 #1093118 #1094244 #1094825 #1095805 #1096052 #1098050 #1098996 #1099597 #1101555 #1103308 #1103405 #1104124 #1105025 #1105428 #1105795 #1105931 #1106105 #1106110 #1106240 #1106293 #1106359 #1106434 #1106594 #1106913 #1106929 #1107060 #1107299 #1107318 #1107535 #1107829 #1107870 #1108315 #1108377 #1108498 #1109158 #1109333 #1109772 #1109784 #1109806 #1109818 #1109907 #1109919 #1109923 #1110006 #1110363 #1110468 #1110600 #1110601 #1110602 #1110603 #1110604 #1110605 #1110606 #1110611 #1110612 #1110613 #1110614 #1110615 #1110616 #1110618 #1110619 #1111363 #1111516 #1111870 #1112007 #1112262 #1112263 #1112894 #1112902 #1112903 #1112905 #1113667 #1113751 #1113769 #1114178 #1114229 #1114648 #981083 #997172 Cross-References: CVE-2018-14633 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-9516 Affected Products: SUSE Linux Enterprise Real Time Extension 12-SP3 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 100 fixes is now available. Description: The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829). - CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769). - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025). - CVE-2018-18710: An issue was discovered in the Linux kernel An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-9516: A lack of certain checks in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498). The following non-security bugs were fixed: - 6lowpan: iphc: reset mac_header after decompress to fix panic (bnc#1012382). - alsa: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bnc#1012382). - alsa: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bnc#1012382). - alsa: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bnc#1012382). - alsa: hda - Fix cancel_work_sync() stall from jackpoll work (bnc#1012382). - alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bnc#1012382). - alsa: msnd: Fix the default sample sizes (bnc#1012382). - alsa: pcm: Fix snd_interval_refine first/last with open min/max (bnc#1012382). - alsa: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bnc#1012382). - apparmor: remove no-op permission check in policy_unpack (git-fixes). - arc: build: Get rid of toolchain check (bnc#1012382). - arc: clone syscall to setp r25 as thread pointer (bnc#1012382). - arch/hexagon: fix kernel/dma.c build warning (bnc#1012382). - arc: [plat-axs*]: Enable SWAP (bnc#1012382). - arm64: bpf: jit JMP_JSET_{X,K} (bsc#1110613). - arm64: Correct type for PUD macros (bsc#1110600). - arm64: cpufeature: Track 32bit EL0 support (bnc#1012382). - arm64: dts: qcom: db410c: Fix Bluetooth LED trigger (bnc#1012382). - arm64: fix erroneous __raw_read_system_reg() cases (bsc#1110606). - arm64: Fix potential race with hardware DBM in ptep_set_access_flags() (bsc#1110605). - arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1110603). - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" (bnc#1012382). - arm64: kasan: avoid bad virt_to_pfn() (bsc#1110612). - arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1110619). - arm64/kasan: do not allocate extra shadow memory (bsc#1110611). - arm64: kernel: Update kerneldoc for cpu_suspend() rename (bsc#1110602). - arm64: kgdb: handle read-only text / modules (bsc#1110604). - arm64: kvm: Sanitize PSTATE.M when being set from userspace (bnc#1012382). - arm64: kvm: Tighten guest core register access from userspace (bnc#1012382). - arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1110618). - arm64: ptrace: Avoid setting compat FP[SC]R to garbage if get_user fails (bsc#1110601). - arm64: supported.conf: mark armmmci as not supported - arm64 Update config files. (bsc#1110468) Set MMC_QCOM_DML to build-in and delete driver from supported.conf - arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1110614). - arm: dts: at91: add new compatibility string for macb on sama5d3 (bnc#1012382). - arm: dts: dra7: fix DCAN node addresses (bnc#1012382). - arm: exynos: Clear global variable on init error path (bnc#1012382). - arm: hisi: check of_iomap and fix missing of_node_put (bnc#1012382). - arm: hisi: fix error handling and missing of_node_put (bnc#1012382). - arm: hisi: handle of_iomap and fix missing of_node_put (bnc#1012382). - arm: mvebu: declare asm symbols as character arrays in pmsu.c (bnc#1012382). - ASoC: cs4265: fix MMTLR Data switch control (bnc#1012382). - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bnc#1012382). - ASoC: sigmadsp: safeload should not have lower byte limit (bnc#1012382). - ASoC: wm8804: Add ACPI support (bnc#1012382). - ata: libahci: Correct setting of DEVSLP register (bnc#1012382). - ath10k: disable bundle mgmt tx completion event support (bnc#1012382). - ath10k: fix scan crash due to incorrect length calculation (bnc#1012382). - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bnc#1012382). - ath10k: prevent active scans on potential unusable channels (bnc#1012382). - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bnc#1012382). - audit: fix use-after-free in audit_add_watch (bnc#1012382). - autofs: fix autofs_sbi() does not check super block type (bnc#1012382). - binfmt_elf: Respect error return from `regset->active' (bnc#1012382). - bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bnc#1012382). - bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bnc#1012382). - bluetooth: hidp: Fix handling of strncpy for hid->name information (bnc#1012382). - bnxt_en: Fix TX timeout during netpoll (bnc#1012382). - bonding: avoid possible dead-lock (bnc#1012382). - bpf: fix cb access in socket filter programs on tail calls (bsc#1012382). - bpf: fix map not being uncharged during map creation failure (bsc#1012382). - bpf, s390: fix potential memleak when later bpf_jit_prog fails (git-fixes). - bpf, s390x: do not reload skb pointers in non-skb context (git-fixes). - bsc#1106913: Replace with upstream variants - btrfs: add a comp_refs() helper (dependency for bsc#1031392). - btrfs: add missing initialization in btrfs_check_shared (Git-fixes bsc#1112262). - btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392). - btrfs: add wrapper for counting BTRFS_MAX_EXTENT_SIZE (dependency for bsc#1031392). - btrfs: cleanup extent locking sequence (dependency for bsc#1031392). - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (Follow up fixes for bsc#1031392). - btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392). - btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392). - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667). - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667). - btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535). - btrfs: fix invalid attempt to free reserved space on failure to cow range (dependency for bsc#1031392). - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919). - btrfs: Fix race condition between delayed refs and blockgroup removal (Git-fixes bsc#1112263). - btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392). - btrfs: kill trans in run_delalloc_nocow and btrfs_cross_ref_exist (dependency for bsc#1031392). - btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392). - btrfs: pass delayed_refs directly to btrfs_find_delayed_ref_head (dependency for bsc#1031392). - btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392). - btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392). - btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392). - btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392). - btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392). - btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392). - btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392). - btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392). - btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392). - btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392). - btrfs: qgroups: opencode qgroup_free helper (dependency for bsc#1031392). - btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392). - btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392). - btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392). - btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392). - btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392). - btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392). - btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392). - btrfs: rework outstanding_extents (dependency for bsc#1031392). - btrfs: switch args for comp_*_refs (dependency for bsc#1031392). - btrfs: Take trans lock before access running trans in check_delayed_ref (Follow up fixes for bsc#1031392). - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1112007). - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bnc#1012382). - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bnc#1012382). - cfq: Give a chance for arming slice idle timer in case of group_idle (bnc#1012382). - cgroup: Fix deadlock in cpu hotplug path (bnc#1012382). - cgroup, netclassid: add a preemption point to write_classid (bnc#1098996). - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902). - cifs: connect to servername instead of IP for IPC$ share (bsc#1106359). - cifs: fix memory leak in SMB2_open() (bsc#1112894). - cifs: Fix use after free of a mid_q_entry (bsc#1112903). - cifs: fix wrapping bugs in num_entries() (bnc#1012382). - cifs: integer overflow in in SMB2_ioctl() (bsc#1012382). - cifs: prevent integer overflow in nxt_dir_entry() (bnc#1012382). - cifs: read overflow in is_valid_oplock_break() (bnc#1012382). - clk: imx6ul: fix missing of_node_put() (bnc#1012382). - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bnc#1012382). - config.sh: set BUGZILLA_PRODUCT for SLE12-SP3 - coresight: Handle errors in finding input/output ports (bnc#1012382). - coresight: tpiu: Fix disabling timeouts (bnc#1012382). - cpu/hotplug: Fix SMT supported evaluation (bsc#1089343). - crypto: mxs-dcp - Fix wait logic on chan threads (bnc#1012382). - crypto: sharah - Unregister correct algorithms for SAHARA 3 (bnc#1012382). - crypto: skcipher - Fix -Wstringop-truncation warnings (bnc#1012382). - Define dependencies of in-kernel KMPs statically This allows us to use rpm's internal dependency generator (bsc#981083). - Define early_radix_enabled() (bsc#1094244). - dmaengine: pl330: fix irq race with terminate_all (bnc#1012382). - dm cache: fix resize crash if user does not reload cache table (bnc#1012382). - dm thin metadata: fix __udivdi3 undefined on 32-bit (bnc#1012382). - dm thin metadata: try to avoid ever aborting transactions (bnc#1012382). - Do not ship firmware (bsc#1054239). Pull firmware from kernel-firmware instead. - drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config (bnc#1012382). - drivers: net: cpsw: fix segfault in case of bad phy-handle (bnc#1012382). - drivers/tty: add error handling for pcmcia_loop_config (bnc#1012382). - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bnc#1012382). - drm/amdkfd: Fix error codes in kfd_get_process (bnc#1012382). - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bnc#1012382). - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bnc#1012382). - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bnc#1012382). - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1106929) - Drop dtb-source.spec and move the sources to kernel-source (bsc#1011920) - e1000: check on netif_running() before calling e1000_up() (bnc#1012382). - e1000: ensure to free old tx/rx rings in set_ringparam() (bnc#1012382). - ebtables: arpreply: Add the standard target sanity check (bnc#1012382). - edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114648). - ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle (bnc#1012382). - ethtool: Remove trailing semicolon for static inline (bnc#1012382). - ethtool: restore erroneously removed break in dev_ethtool (bsc#1114229). - ext4: avoid divide by zero fault when deleting corrupted inline directories (bnc#1012382). - ext4: do not mark mmp buffer head dirty (bnc#1012382). - ext4: fix online resize's handling of a too-small final block group (bnc#1012382). - ext4: fix online resizing for bigalloc file systems with a 1k block size (bnc#1012382). - ext4: recalucate superblock checksum after updating free blocks/inodes (bnc#1012382). - f2fs: do not set free of current section (bnc#1012382). - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize (bnc#1012382). - fbdev: Distinguish between interlaced and progressive modes (bnc#1012382). - fbdev: fix broken menu dependencies (bsc#1106929) - fbdev/omapfb: fix omapfb_memory_read infoleak (bnc#1012382). - fbdev/via: fix defined but not used warning (bnc#1012382). - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bnc#1012382). - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bnc#1012382). - fs/cifs: suppress a string overflow warning (bnc#1012382). - fs/eventpoll: loosen irq-safety when possible (bsc#1096052). - gfs2: Special-case rindex for gfs2_grow (bnc#1012382). - gpio: adp5588: Fix sleep-in-atomic-context bug (bnc#1012382). - gpiolib: Mark gpio_suffixes array with __maybe_unused (bnc#1012382). - gpio: ml-ioh: Fix buffer underwrite on probe error path (bnc#1012382). - gpio: tegra: Move driver registration to subsys_init level (bnc#1012382). - gso_segment: Reset skb->mac_len after modifying network header (bnc#1012382). - hexagon: modify ffs() and fls() to return int (bnc#1012382). - hid: hid-ntrig: add error handling for sysfs_create_group (bnc#1012382). - hid: sony: Support DS4 dongle (bnc#1012382). - hid: sony: Update device ids (bnc#1012382). - hv: avoid crash in vmbus sysfs files (bnc#1108377). - hwmon: (adt7475) Make adt7475_read_word() return errors (bnc#1012382). - hwmon: (ina2xx) fix sysfs shunt resistor read access (bnc#1012382). - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bnc#1012382). - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bnc#1012382). - i2c: i801: fix DNV's SMBCTRL register offset (bnc#1012382). - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bnc#1012382). - i2c: xiic: Make the start and the byte count write atomic (bnc#1012382). - i2c: xlp9xx: Add support for SMBAlert (bsc#1103308). - i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1103308). - i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1103308). - i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1103308). - ib/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bnc#1012382). - ib/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop (bnc#1012382). - input: atakbd - fix Atari CapsLock behaviour (bnc#1012382). - input: atakbd - fix Atari keymap (bnc#1012382). - input: atmel_mxt_ts - only use first T9 instance (bnc#1012382). - input: elantech - enable middle button of touchpad on ThinkPad P72 (bnc#1012382). - iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105). - iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bnc#1012382). - iommu/ipmmu-vmsa: Fix allocation in atomic context (bnc#1012382). - ip6_tunnel: be careful when accessing the inner header (bnc#1012382). - ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308). - ip_tunnel: be careful when accessing the inner header (bnc#1012382). - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (bnc#1012382). - ipv6: fix possible use-after-free in ip6_xmit() (bnc#1012382). - iw_cxgb4: only allow 1 flush on user qps (bnc#1012382). - ixgbe: pci_set_drvdata must be called before register_netdev (Git-fixes bsc#1109923). - jffs2: return -ERANGE when xattr buffer is too small (bnc#1012382). - KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - kABI: protect struct hnae_desc_cb (kabi). - kbuild: add .DELETE_ON_ERROR special target (bnc#1012382). - kernel-obs-build.spec.in: add --no-hostonly-cmdline to dracut invocation (boo#1062303). call dracut with --no-hostonly-cmdline to avoid the random rootfs UUID being added into the initrd's /etc/cmdline.d/95root-dev.conf - kernel-obs-build: use pae and lpae kernels where available (bsc#1073579). - kernel/params.c: downgrade warning for unsafe parameters (bsc#1050549). - kprobes/x86: Release insn_slot in failure path (bsc#1110006). - kthread: fix boot hang (regression) on MIPS/OpenRISC (bnc#1012382). - kthread: Fix use-after-free if kthread fork fails (bnc#1012382). - kvm: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240). - kvm: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240). - kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bnc#1012382). - kvm: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240). - kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240). - kvm: x86: fix APIC page invalidation (bsc#1106240). - kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch (bnc#1012382). - kvm/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240). - kvm: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (bsc#1106240). - lib/test_hexdump.c: fix failure on big endian cpu (bsc#1106110). - locking/osq_lock: Fix osq_lock queue corruption (bnc#1012382). - locking/rwsem-xadd: Fix missed wakeup due to reordering of load (bnc#1012382). - lpfc: fixup crash in lpfc_els_unsol_buffer() (bsc#1107318). - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: fix a race between restart and CSA flows (bnc#1012382). - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bnc#1012382). - mac80211: Fix station bandwidth setting after channel switch (bnc#1012382). - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382). - mac80211: mesh: fix HWMP sequence numbering to follow standard (bnc#1012382). - mac80211: restrict delayed tailroom needed decrement (bnc#1012382). - mac80211: shorten the IBSS debug messages (bnc#1012382). - mach64: detect the dot clock divider correctly on sparc (bnc#1012382). - macintosh/via-pmu: Add missing mmio accessors (bnc#1012382). - macros.kernel-source: define linux_arch for KMPs (boo#1098050). CONFIG_64BIT is no longer defined so KMP spec files need to include %{?linux_make_arch} in any make call to build modules or descent into the kernel directory for any reason. - macros.kernel-source: pass -b properly in kernel module package (bsc#1107870). - macros.kernel-source: pass -f properly in module subpackage (boo#1076393). - md-cluster: clear another node's suspend_area after the copy is finished (bnc#1012382). - md/raid1: exit sync request if MD_RECOVERY_INTR is set (git-fixes). - md/raid5: fix data corruption of replacements after originals dropped (bnc#1012382). - media: af9035: prevent buffer overflow on write (bnc#1012382). - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bnc#1012382). - media: fsl-viu: fix error handling in viu_of_probe() (bnc#1012382). - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bnc#1012382). - media: omap_vout: Fix a possible null pointer dereference in omap_vout_open() (bsc#1050431). - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bnc#1012382). - media: soc_camera: ov772x: correct setting of banding filter (bnc#1012382). - media: tm6000: add error handling for dvb_register_adapter (bnc#1012382). - media: uvcvideo: Support realtek's UVC 1.5 device (bnc#1012382). - media: v4l: event: Prevent freeing event subscriptions while accessed (bnc#1012382). - media: videobuf2-core: check for q->error in vb2_core_qbuf() (bnc#1012382). - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1050431). - mei: bus: type promotion bug in mei_nfc_if_version() (bnc#1012382). - memory_hotplug: cond_resched in __remove_pages (bnc#1114178). - mfd: omap-usb-host: Fix dts probe of children (bnc#1012382). - mfd: ti_am335x_tscadc: Fix struct clk memory leak (bnc#1012382). - misc: hmc6352: fix potential Spectre v1 (bnc#1012382). - misc: mic: SCIF Fix scif_get_new_port() error handling (bnc#1012382). - misc: ti-st: Fix memory leak in the error path of probe() (bnc#1012382). - mmc: mmci: stop building qcom dml as module (bsc#1110468). - mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1110006). - mm: get rid of vmacache_flush_all() entirely (bnc#1012382). - mm: madvise(MADV_DODUMP): allow hugetlbfs pages (bnc#1012382). - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907). - mm: shmem.c: Correctly annotate new inodes for lockdep (bnc#1012382). - mm/vmstat.c: fix outdated vmstat_text (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (bnc#1012382). - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (git fixes). - module: exclude SHN_UNDEF symbols from kallsyms api (bnc#1012382). - mtdchar: fix overflows in adjustment of `count` (bnc#1012382). - mtd/maps: fix solutionengine.c printk format warnings (bnc#1012382). - neighbour: confirm neigh entries when ARP packet is received (bnc#1012382). - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (bnc#1012382). - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx() (bnc#1012382). - net: dcb: For wild-card lookups, use priority -1, not 0 (bnc#1012382). - net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (bsc#1110616). - net: ethernet: ti: cpsw: fix mdio device reference leak (bnc#1012382). - netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user (bnc#1012382). - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES (bnc#1012382). - net: hp100: fix always-true check for link up state (bnc#1012382). - net: ipv4: update fnhe_pmtu when first hop's MTU changes (bnc#1012382). - net/ipv6: Display all addresses in output of /proc/net/if_inet6 (bnc#1012382). - netlabel: check for IPV4MASK in addrinfo_get (bnc#1012382). - net: macb: disable scatter-gather for macb on sama5d3 (bnc#1012382). - net/mlx4: Use cpumask_available for eq->affinity_mask (bnc#1012382). - net: mvneta: fix mtu change on port without link (bnc#1012382). - net: mvneta: fix mvneta_config_rss on armada 3700 (bsc#1110615). - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (bnc#1012382). - net: systemport: Fix wake-up interrupt race during resume (bnc#1012382). - net/usb: cancel pending work when unbinding smsc75xx (bnc#1012382). - nfc: Fix possible memory corruption when handling SHDLC I-Frame commands (bnc#1012382). - nfc: Fix the number of pipes (bnc#1012382). - nfs: add nostatflush mount option (bsc#1065726). - nfs: Avoid quadratic search when freeing delegations (bsc#1084760). - nfsd: fix corrupted reply to badly ordered compound (bnc#1012382). - nfs: Use an appropriate work queue for direct-write completion (bsc#1082519). - nfsv4.0 fix client reference leak in callback (bnc#1012382). - ocfs2: fix locking for res->tracking and dlm->tracking_list (bnc#1012382). - ocfs2: fix ocfs2 read block panic (bnc#1012382). - of: unittest: Disable interrupt node tests for old world MAC systems (bnc#1012382). - ovl: Copy inode attributes after setting xattr (bsc#1107299). - parport: sunbpp: fix error return code (bnc#1012382). - partitions/aix: append null character to print data from disk (bnc#1012382). - partitions/aix: fix usage of uninitialized lv_info and lvname structures (bnc#1012382). - Pass x86 as architecture on x86_64 and i386 (bsc#1093118). - pci: altera: Fix bool initialization in tlp_read_packet() (bsc#1109806). - pci: designware: Fix I/O space page leak (bsc#1109806). - pci: designware: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: hv: Use effective affinity mask (bsc#1109772). - pci: OF: Fix I/O space page leak (bsc#1109806). - pci: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1109806). - pci: Reprogram bridge prefetch registers on resume (bnc#1012382). - pci: shpchp: Fix AMD POGO identification (bsc#1109806). - pci: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806). - pci: versatile: Fix I/O space page leak (bsc#1109806). - pci: versatile: Fix pci_remap_iospace() failure path (bsc#1109806). - pci: xgene: Fix I/O space page leak (bsc#1109806). - pci: xilinx: Add missing of_node_put() (bsc#1109806). - perf powerpc: Fix callchain ip filtering (bnc#1012382). - perf powerpc: Fix callchain ip filtering when return address is in a register (bnc#1012382). - perf probe powerpc: Ignore SyS symbols irrespective of endianness (bnc#1012382). - perf script python: Fix export-to-postgresql.py occasional failure (bnc#1012382). - perf tools: Allow overriding MAX_NR_CPUS at compile time (bnc#1012382). - phy: qcom-ufs: add MODULE_LICENSE tag (bsc#1110468). - pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant (bnc#1012382). - pipe: actually allow root to exceed the pipe buffer limit (git-fixes). - platform/x86: alienware-wmi: Correct a memory leak (bnc#1012382). - platform/x86: toshiba_acpi: Fix defined but not used build warnings (bnc#1012382). - pm / core: Clear the direct_complete flag on errors (bnc#1012382). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/kdump: Handle crashkernel memory reservation failure (bnc#1012382). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784). - powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363). - powerpc/perf/hv-24x7: Fix passing of catalog version number (bsc#1053043). - powerpc/powernv: opal_put_chars partial write fix (bnc#1012382). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Define MCE error event section (bsc#1094244). - powerpc/pseries: Display machine check error details (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes). - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158). - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158). - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870). - powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333). - power: vexpress: fix corruption in notifier registration (bnc#1012382). - printk: do not spin in printk when in nmi (bsc#1094244). - proc: restrict kernel stack dumps to root (bnc#1012382). - pstore: Fix incorrect persistent ram buffer mapping (bnc#1012382). - qlcnic: fix Tx descriptor corruption on 82xx devices (bnc#1012382). - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bnc#1012382). - raid10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (bnc#1012382). - rculist: add list_for_each_entry_from_rcu() (bsc#1084760). - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760). - rdma/cma: Do not ignore net namespace for unbound cm_id (bnc#1012382). - rdma/cma: Protect cma dev list with lock (bnc#1012382). - rdma/ucma: check fd type in ucma_migrate_id() (bnc#1012382). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - resource: Include resource end in walk_*() interfaces (bsc#1114648). - Revert "btrfs: qgroups: Retry after commit on getting EDQUOT" (bsc#1031392). - Revert "dma-buf/sync-file: Avoid enable fence signaling if poll(.timeout=0)" (bsc#1111363). - Revert "drm: Do not pass negative delta to ktime_sub_ns()" (bsc#1106929) - Revert "drm/i915: Initialize HWS page address after GPU reset" (bsc#1106929) - Revert "Drop kernel trampoline stack." This reverts commit 85dead31706c1c1755adff90405ff9861c39c704. - Revert "kabi/severities: Ignore missing cpu_tss_tramp (bsc#1099597)" This reverts commit edde1f21880e3bfe244c6f98a3733b05b13533dc. - Revert "kvm: x86: remove eager_fpu field of struct kvm_vcpu_arch" (kabi). - Revert "media: v4l: event: Prevent freeing event subscriptions while accessed" (kabi). - Revert "mm: get rid of vmacache_flush_all() entirely" (kabi). - Revert "NFC: Fix the number of pipes" (kabi). - Revert "proc: restrict kernel stack dumps to root" (kabi). - Revert "Skip intel_crt_init for Dell XPS 8700" (bsc#1106929) - Revert "tcp: add tcp_ooo_try_coalesce() helper" (kabi). - Revert "tcp: call tcp_drop() from tcp_data_queue_ofo()" (kabi). - Revert "tcp: fix a stale ooo_last_skb after a replace" (kabi). - Revert "tcp: free batches of packets in tcp_prune_ofo_queue()" (kabi). - Revert "tcp: use an RB tree for ooo receive queue" (kabi). - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" (bnc#1012382). - Revert "x86/fpu: Finish excising 'eagerfpu'" (kabi). - Revert "x86/fpu: Remove struct fpu::counter" (kabi). - Revert "x86/fpu: Remove use_eager_fpu()" (kabi). - ring-buffer: Allow for rescheduling when removing pages (bnc#1012382). - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bnc#1012382). - rpm/kernel-binary.spec.in: Check module licenses (bsc#1083215,bsc#1083527) - rpm/kernel-binary.spec.in: Do not sign modules if CONFIG_MODULE_SIG=n (bsc#1035053) - rpm/kernel-binary.spec.in: Obsolete ftsteutates KMP (boo#997172) - rpm/kernel-binary.spec.in: Only kernel-syzkaller needs gcc-devel (boo#1043591). - rpm/kernel-docs.spec.in: Expand kernel tree directly from sources (bsc#1057199) - rpm/kernel-docs.spec.in: Fix and cleanup for 4.13 doc build (bsc#1048129) The whole DocBook stuff has been deleted. The PDF build still non-working thus the sub-packaging disabled so far. - rpm/kernel-docs.spec.in: refresh dependencies for PDF build (bsc#1048129) But it still does not work with Tex Live 2017, thus disabled yet. Also add texlive-anyfontsize for HTML math handling. - rpm/kernel-module-subpackage: Generate proper supplements in the template ... instead of relying on find-provides.ksyms to do it (bsc#981083). - rpm/kernel-source.spec.in: Do not list deleted depdendency helpers (bsc#981083). - rpm/kernel-spec-macros: Try harder to detect Build Service environment (bsc#1078788) - rtc: bq4802: add error handling for devm_ioremap (bnc#1012382). - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (bnc#1012382). - s390/chsc: Add exception handler for CHSC instruction (git-fixes). - s390/extmem: fix gcc 8 stringop-overflow warning (bnc#1012382). - s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108315, LTC#171326). - s390/kdump: Fix elfcorehdr size calculation (git-fixes). - s390/kdump: Make elfcorehdr size calculation ABI compliant (git-fixes). - s390/mm: correct allocate_pgste proc_handler callback (git-fixes). - s390/qeth: do not dump past end of unknown HW header (bnc#1012382). - s390/qeth: fix race in used-buffer accounting (bnc#1012382). - s390/qeth: handle failure on workqueue creation (git-fixes). - s390/qeth: reset layer2 attribute on layer switch (bnc#1012382). - s390/qeth: use vzalloc for QUERY OAT buffer (bnc#1108315, LTC#171527). - s390: revert ELF_ET_DYN_BASE base changes (git-fixes). - s390/stacktrace: fix address ranges for asynchronous and panic stack (git-fixes). - sched/fair: Fix bandwidth timer clock drift condition (Git-fixes). - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (Git-fixes). - scsi: 3ware: fix return 0 on the error path of probe (bnc#1012382). - scsi: bnx2i: add error handling for ioremap_nocache (bnc#1012382). - scsi: ibmvscsi: Improve strings handling (bnc#1012382). - scsi: klist: Make it safe to use klists in atomic context (bnc#1012382). - scsi: target: fix __transport_register_session locking (bnc#1012382). - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size (bnc#1012382). - selftests/efivarfs: add required kernel configs (bnc#1012382). - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock adjustments are in progress (bnc#1012382). - selinux: use GFP_NOWAIT in the AVC kmem_caches (bnc#1012382). - serial: cpm_uart: return immediately from console poll (bnc#1012382). - serial: imx: restore handshaking irq for imx1 (bnc#1012382). - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006). - slub: make ->cpu_partial unsigned int (bnc#1012382). - smb2: fix missing files in root share directory listing (bnc#1012382). - smb3: fill in statfs fsid and correct namelen (bsc#1112905). - sound: enable interrupt after dma buffer initialization (bnc#1012382). - spi: rspi: Fix interrupted DMA transfers (bnc#1012382). - spi: rspi: Fix invalid SPI use during system suspend (bnc#1012382). - spi: sh-msiof: Fix handling of write value for SISTR register (bnc#1012382). - spi: sh-msiof: Fix invalid SPI use during system suspend (bnc#1012382). - spi: tegra20-slink: explicitly enable/disable clock (bnc#1012382). - srcu: Allow use of Tiny/Tree SRCU from both process and interrupt context (bsc#1050549). - staging: android: ashmem: Fix mmap size validation (bnc#1012382). - staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page (bnc#1012382). - staging: rts5208: fix missing error check on call to rtsx_write_register (bnc#1012382). - staging/rts5208: Fix read overflow in memcpy (bnc#1012382). - stmmac: fix valid numbers of unicast filter entries (bnc#1012382). - stop_machine: Atomically queue and wake stopper threads (git-fixes). - target: log Data-Out timeouts as errors (bsc#1095805). - target: log NOP ping timeouts as errors (bsc#1095805). - target: split out helper for cxn timeout error stashing (bsc#1095805). - target: stash sess_err_stats on Data-Out timeout (bsc#1095805). - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805). - tcp: add tcp_ooo_try_coalesce() helper (bnc#1012382). - tcp: call tcp_drop() from tcp_data_queue_ofo() (bnc#1012382). - tcp: fix a stale ooo_last_skb after a replace (bnc#1012382). - tcp: free batches of packets in tcp_prune_ofo_queue() (bnc#1012382). - tcp: increment sk_drops for dropped rx packets (bnc#1012382). - tcp: use an RB tree for ooo receive queue (bnc#1012382). - team: Forbid enslaving team device to itself (bnc#1012382). - thermal: of-thermal: disable passive polling when thermal zone is disabled (bnc#1012382). - Tools: hv: Fix a bug in the key delete code (bnc#1012382). - tools/vm/page-types.c: fix "defined but not used" warning (bnc#1012382). - tools/vm/slabinfo.c: fix sign-compare warning (bnc#1012382). - tpm: Restore functionality to xen vtpm driver (bsc#1020645, git-fixes). - tsl2550: fix lux1_input error in low light (bnc#1012382). - tty: Drop tty->count on tty_reopen() failure (bnc#1105428). - tty: rocket: Fix possible buffer overwrite on register_PCI (bnc#1012382). - tty: vt_ioctl: fix potential Spectre v1 (bnc#1012382). - ubifs: Check for name being NULL while mounting (bnc#1012382). - ucma: fix a use-after-free in ucma_resolve_ip() (bnc#1012382). - uio: potential double frees if __uio_register_device() fails (bnc#1012382). - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bnc#1012382). - usb: Add quirk to support DJI CineSSD (bnc#1012382). - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bnc#1012382). - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() (bnc#1012382). - usb: Do not die twice if PCI xhci host is not responding in resume (bnc#1012382). - usb: fix error handling in usb_driver_claim_interface() (bnc#1012382). - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bnc#1012382). - usb: gadget: serial: fix oops when data rx'd after close (bnc#1012382). - usb: handle NULL config in usb_find_alt_setting() (bnc#1012382). - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bnc#1012382). - usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bnc#1012382). - usb: net2280: Fix erroneous synchronization change (bnc#1012382). - usb: remove LPM management from usb_driver_claim_interface() (bnc#1012382). - usb: serial: io_ti: fix array underflow in completion handler (bnc#1012382). - usb: serial: kobil_sct: fix modem-status error handling (bnc#1012382). - usb: serial: simple: add Motorola Tetra MTP6550 id (bnc#1012382). - usb: serial: ti_usb_3410_5052: fix array underflow in completion handler (bnc#1012382). - usb: usbdevfs: restore warning for nonsensical flags (bnc#1012382). - usb: usbdevfs: sanitize flags more (bnc#1012382). - usb: wusbcore: security: cast sizeof to int for comparison (bnc#1012382). - usb: yurex: Check for truncation in yurex_read() (bnc#1012382). - usb: yurex: Fix buffer over-read in yurex_write() (bnc#1012382). - Use upstream version of pci-hyperv change 35a88a18d7 - uwb: hwa-rc: fix memory leak at probe (bnc#1012382). - vfs: do not test owner for NFS in set_posix_acl() (bsc#1103405). - video: goldfishfb: fix memory leak on driver remove (bnc#1012382). - vmci: type promotion bug in qp_host_get_user_memory() (bnc#1012382). - vmw_balloon: include asm/io.h (bnc#1012382). - watchdog: w83627hf: Added NCT6102D support (bsc#1106434). - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bnc#1012382). - wlcore: Fix memory leak in wlcore_cmd_wait_for_event_or_timeout (git-fixes). - x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006). - x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006). - x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006). - x86/boot: Fix "run_size" calculation (bsc#1110006). - x86/cpufeature: deduplicate X86_FEATURE_L1TF_PTEINV (kabi). - x86/entry/64: Add two more instruction suffixes (bnc#1012382). - x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931). - x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931). - x86/fpu: Finish excising 'eagerfpu' (bnc#1012382). - x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006). - x86/fpu: Remove struct fpu::counter (bnc#1012382). - x86/fpu: Remove use_eager_fpu() (bnc#1012382). - x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772). - x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597). - x86/mm: Remove in_nmi() warning from vmalloc_fault() (bnc#1012382). - x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006). - x86/numa_emulation: Fix emulated-to-physical node mapping (bnc#1012382). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555). - x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516). - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913). - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913). - x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913). - x86/time: Correct the attribute on jiffies' definition (bsc#1110006). - x86/tsc: Add missing header to tsc_msr.c (bnc#1012382). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). - x86/vdso: Fix vDSO build if a retpoline is emitted (bsc#1110006). - x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006). - x86/vdso: Only enable vDSO retpolines when enabled and supported (bsc#1110006). - xen: avoid crash in disable_hotplug_cpu (bnc#1012382 bsc#1106594 bsc#1042422). - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (bnc#1012382). - xen: issue warning message when out of grant maptrack entries (bsc#1105795). - xen/manage: do not complain about an empty value in control/sysrq node (bnc#1012382). - xen/netfront: do not bug in case of too many frags (bnc#1012382). - xen-netfront: fix queue name setting (bnc#1012382). - xen/netfront: fix waiting for xenbus state change (bnc#1012382). - xen-netfront: fix warn message as irq device name has '/' (bnc#1012382). - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bnc#1012382). - xfrm: fix 'passing zero to ERR_PTR()' warning (bnc#1012382). - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bnc#1012382). - xhci: Do not print a warning when setting link state for disabled ports (bnc#1012382). - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114648). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 12-SP3: zypper in -t patch SUSE-SLE-RT-12-SP3-2018-2684=1 Package List: - SUSE Linux Enterprise Real Time Extension 12-SP3 (x86_64): cluster-md-kmp-rt-4.4.162-3.29.1 cluster-md-kmp-rt-debuginfo-4.4.162-3.29.1 dlm-kmp-rt-4.4.162-3.29.1 dlm-kmp-rt-debuginfo-4.4.162-3.29.1 gfs2-kmp-rt-4.4.162-3.29.1 gfs2-kmp-rt-debuginfo-4.4.162-3.29.1 kernel-rt-4.4.162-3.29.1 kernel-rt-base-4.4.162-3.29.1 kernel-rt-base-debuginfo-4.4.162-3.29.1 kernel-rt-debuginfo-4.4.162-3.29.1 kernel-rt-debugsource-4.4.162-3.29.1 kernel-rt-devel-4.4.162-3.29.1 kernel-rt_debug-debuginfo-4.4.162-3.29.1 kernel-rt_debug-debugsource-4.4.162-3.29.1 kernel-rt_debug-devel-4.4.162-3.29.1 kernel-rt_debug-devel-debuginfo-4.4.162-3.29.1 kernel-syms-rt-4.4.162-3.29.1 ocfs2-kmp-rt-4.4.162-3.29.1 ocfs2-kmp-rt-debuginfo-4.4.162-3.29.1 - SUSE Linux Enterprise Real Time Extension 12-SP3 (noarch): kernel-devel-rt-4.4.162-3.29.1 kernel-source-rt-4.4.162-3.29.1 References: https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-18281.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18690.html https://www.suse.com/security/cve/CVE-2018-18710.html https://www.suse.com/security/cve/CVE-2018-9516.html https://bugzilla.suse.com/1011920 https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1020645 https://bugzilla.suse.com/1031392 https://bugzilla.suse.com/1035053 https://bugzilla.suse.com/1042422 https://bugzilla.suse.com/1043591 https://bugzilla.suse.com/1048129 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1050549 https://bugzilla.suse.com/1053043 https://bugzilla.suse.com/1054239 https://bugzilla.suse.com/1057199 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065726 https://bugzilla.suse.com/1067906 https://bugzilla.suse.com/1073579 https://bugzilla.suse.com/1076393 https://bugzilla.suse.com/1078788 https://bugzilla.suse.com/1079524 https://bugzilla.suse.com/1082519 https://bugzilla.suse.com/1083215 https://bugzilla.suse.com/1083527 https://bugzilla.suse.com/1084760 https://bugzilla.suse.com/1089343 https://bugzilla.suse.com/1091158 https://bugzilla.suse.com/1093118 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1095805 https://bugzilla.suse.com/1096052 https://bugzilla.suse.com/1098050 https://bugzilla.suse.com/1098996 https://bugzilla.suse.com/1099597 https://bugzilla.suse.com/1101555 https://bugzilla.suse.com/1103308 https://bugzilla.suse.com/1103405 https://bugzilla.suse.com/1104124 https://bugzilla.suse.com/1105025 https://bugzilla.suse.com/1105428 https://bugzilla.suse.com/1105795 https://bugzilla.suse.com/1105931 https://bugzilla.suse.com/1106105 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1106293 https://bugzilla.suse.com/1106359 https://bugzilla.suse.com/1106434 https://bugzilla.suse.com/1106594 https://bugzilla.suse.com/1106913 https://bugzilla.suse.com/1106929 https://bugzilla.suse.com/1107060 https://bugzilla.suse.com/1107299 https://bugzilla.suse.com/1107318 https://bugzilla.suse.com/1107535 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107870 https://bugzilla.suse.com/1108315 https://bugzilla.suse.com/1108377 https://bugzilla.suse.com/1108498 https://bugzilla.suse.com/1109158 https://bugzilla.suse.com/1109333 https://bugzilla.suse.com/1109772 https://bugzilla.suse.com/1109784 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1109907 https://bugzilla.suse.com/1109919 https://bugzilla.suse.com/1109923 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110363 https://bugzilla.suse.com/1110468 https://bugzilla.suse.com/1110600 https://bugzilla.suse.com/1110601 https://bugzilla.suse.com/1110602 https://bugzilla.suse.com/1110603 https://bugzilla.suse.com/1110604 https://bugzilla.suse.com/1110605 https://bugzilla.suse.com/1110606 https://bugzilla.suse.com/1110611 https://bugzilla.suse.com/1110612 https://bugzilla.suse.com/1110613 https://bugzilla.suse.com/1110614 https://bugzilla.suse.com/1110615 https://bugzilla.suse.com/1110616 https://bugzilla.suse.com/1110618 https://bugzilla.suse.com/1110619 https://bugzilla.suse.com/1111363 https://bugzilla.suse.com/1111516 https://bugzilla.suse.com/1111870 https://bugzilla.suse.com/1112007 https://bugzilla.suse.com/1112262 https://bugzilla.suse.com/1112263 https://bugzilla.suse.com/1112894 https://bugzilla.suse.com/1112902 https://bugzilla.suse.com/1112903 https://bugzilla.suse.com/1112905 https://bugzilla.suse.com/1113667 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113769 https://bugzilla.suse.com/1114178 https://bugzilla.suse.com/1114229 https://bugzilla.suse.com/1114648 https://bugzilla.suse.com/981083 https://bugzilla.suse.com/997172 From sle-security-updates at lists.suse.com Fri Nov 16 13:10:02 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:10:02 +0100 (CET) Subject: SUSE-SU-2018:3776-1: moderate: Security update for openssh Message-ID: <20181116201002.6213CFCA4@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3776-1 Rating: moderate References: #1091396 #1105010 #1106163 #964336 #982273 Cross-References: CVE-2018-15473 CVE-2018-15919 Affected Products: SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability. (bsc#1106163) - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010) Also the following security related hardening change was done: - Remove arcfour,cast,blowfish from list of default ciphers. (bsc#982273) And the following non-security issues were fixed: - Stop leaking File descriptors (bsc#964336) - sftp-client.c returns wrong error code upon failure (bsc#1091396) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2698=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2698=1 Package List: - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): openssh-6.6p1-54.18.1 openssh-askpass-gnome-6.6p1-54.18.1 openssh-askpass-gnome-debuginfo-6.6p1-54.18.1 openssh-debuginfo-6.6p1-54.18.1 openssh-debugsource-6.6p1-54.18.1 openssh-fips-6.6p1-54.18.1 openssh-helpers-6.6p1-54.18.1 openssh-helpers-debuginfo-6.6p1-54.18.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): openssh-6.6p1-54.18.1 openssh-askpass-gnome-6.6p1-54.18.1 openssh-askpass-gnome-debuginfo-6.6p1-54.18.1 openssh-debuginfo-6.6p1-54.18.1 openssh-debugsource-6.6p1-54.18.1 openssh-fips-6.6p1-54.18.1 openssh-helpers-6.6p1-54.18.1 openssh-helpers-debuginfo-6.6p1-54.18.1 References: https://www.suse.com/security/cve/CVE-2018-15473.html https://www.suse.com/security/cve/CVE-2018-15919.html https://bugzilla.suse.com/1091396 https://bugzilla.suse.com/1105010 https://bugzilla.suse.com/1106163 https://bugzilla.suse.com/964336 https://bugzilla.suse.com/982273 From sle-security-updates at lists.suse.com Fri Nov 16 13:13:09 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:13:09 +0100 (CET) Subject: SUSE-SU-2018:3781-1: moderate: Security update for openssh Message-ID: <20181116201309.BB8E1FCA4@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3781-1 Rating: moderate References: #1091396 #1105010 #1106163 #964336 #982273 Cross-References: CVE-2018-15473 CVE-2018-15919 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability. (bsc#1106163) - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010) Also the following security related hardening change was done: - Removed arcfour,blowfish,cast from list of default ciphers as they are long discontinued and should no longer be used. (bsc#982273) And the following non-security issues were fixed: - Stop leaking File descriptors (bsc#964336) - sftp-client.c returns wrong error code upon failure (bsc#1091396) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openssh-13867=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openssh-13867=1 Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssh-6.6p1-36.6.1 openssh-askpass-gnome-6.6p1-36.6.1 openssh-fips-6.6p1-36.6.1 openssh-helpers-6.6p1-36.6.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openssh-askpass-gnome-debuginfo-6.6p1-36.6.1 openssh-debuginfo-6.6p1-36.6.1 openssh-debugsource-6.6p1-36.6.1 References: https://www.suse.com/security/cve/CVE-2018-15473.html https://www.suse.com/security/cve/CVE-2018-15919.html https://bugzilla.suse.com/1091396 https://bugzilla.suse.com/1105010 https://bugzilla.suse.com/1106163 https://bugzilla.suse.com/964336 https://bugzilla.suse.com/982273 From sle-security-updates at lists.suse.com Fri Nov 16 13:17:36 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:17:36 +0100 (CET) Subject: SUSE-SU-2018:3786-1: important: Security update for squid Message-ID: <20181116201736.8FF4CFCA4@maintenance.suse.de> SUSE Security Update: Security update for squid ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3786-1 Rating: important References: #1082318 #1112066 #1112695 #1113668 #1113669 Cross-References: CVE-2018-19131 CVE-2018-19132 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668). - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets (bsc#1113669). Non-security issues fixed: - Create runtime directories needed when SMP mode is enabled (bsc#1112695, bsc#1112066). - Install license correctly (bsc#1082318). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2018-2686=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): squid-4.4-5.3.2 squid-debuginfo-4.4-5.3.2 squid-debugsource-4.4-5.3.2 References: https://www.suse.com/security/cve/CVE-2018-19131.html https://www.suse.com/security/cve/CVE-2018-19132.html https://bugzilla.suse.com/1082318 https://bugzilla.suse.com/1112066 https://bugzilla.suse.com/1112695 https://bugzilla.suse.com/1113668 https://bugzilla.suse.com/1113669 From sle-security-updates at lists.suse.com Fri Nov 16 13:18:48 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:18:48 +0100 (CET) Subject: SUSE-SU-2018:3787-1: important: Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2) Message-ID: <20181116201848.3026AFCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3787-1 Rating: important References: #1103098 #1112039 Cross-References: CVE-2018-18386 CVE-2018-5391 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP2-LTSS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.103-92_56 fixes several issues. The following security issues were fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). - CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2694=1 SUSE-SLE-SAP-12-SP2-2018-2695=1 SUSE-SLE-SAP-12-SP2-2018-2696=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2694=1 SUSE-SLE-SERVER-12-SP2-2018-2695=1 SUSE-SLE-SERVER-12-SP2-2018-2696=1 Package List: - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): kgraft-patch-4_4_103-92_53-default-11-2.1 kgraft-patch-4_4_103-92_56-default-11-2.1 kgraft-patch-4_4_90-92_50-default-12-2.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64): kgraft-patch-4_4_103-92_53-default-11-2.1 kgraft-patch-4_4_103-92_56-default-11-2.1 kgraft-patch-4_4_90-92_50-default-12-2.1 References: https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-5391.html https://bugzilla.suse.com/1103098 https://bugzilla.suse.com/1112039 From sle-security-updates at lists.suse.com Fri Nov 16 13:20:04 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:20:04 +0100 (CET) Subject: SUSE-SU-2018:3789-1: important: Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP2) Message-ID: <20181116202004.05169FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3789-1 Rating: important References: #1102682 #1107832 Cross-References: CVE-2018-14633 CVE-2018-5390 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP2-LTSS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.121-92_98 fixes several issues. The following security issues were fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107832). - CVE-2018-5390: Fixed the possiblilty that the kernel can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bnc#1102682). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2688=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2688=1 Package List: - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): kgraft-patch-4_4_121-92_98-default-2-2.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le x86_64): kgraft-patch-4_4_121-92_98-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-5390.html https://bugzilla.suse.com/1102682 https://bugzilla.suse.com/1107832 From sle-security-updates at lists.suse.com Fri Nov 16 13:20:50 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:20:50 +0100 (CET) Subject: SUSE-SU-2018:3790-1: important: Security update for squid3 Message-ID: <20181116202050.BD4B4FCA4@maintenance.suse.de> SUSE Security Update: Security update for squid3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3790-1 Rating: important References: #1113668 Cross-References: CVE-2018-19131 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for squid3 fixes the following issues: Security issue fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling (bsc#1113668). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-squid3-13866=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-squid3-13866=1 Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): squid3-3.1.23-8.16.37.9.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): squid3-debuginfo-3.1.23-8.16.37.9.1 squid3-debugsource-3.1.23-8.16.37.9.1 References: https://www.suse.com/security/cve/CVE-2018-19131.html https://bugzilla.suse.com/1113668 From sle-security-updates at lists.suse.com Fri Nov 16 13:21:54 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 16 Nov 2018 21:21:54 +0100 (CET) Subject: SUSE-SU-2018:3792-1: important: Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) Message-ID: <20181116202154.5CD87FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3792-1 Rating: important References: #1103098 Cross-References: CVE-2018-5391 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP2-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.121-92_73 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2689=1 SUSE-SLE-SAP-12-SP2-2018-2690=1 SUSE-SLE-SAP-12-SP2-2018-2691=1 SUSE-SLE-SAP-12-SP2-2018-2692=1 SUSE-SLE-SAP-12-SP2-2018-2693=1 SUSE-SLE-SAP-12-SP2-2018-2697=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2689=1 SUSE-SLE-SERVER-12-SP2-2018-2690=1 SUSE-SLE-SERVER-12-SP2-2018-2691=1 SUSE-SLE-SERVER-12-SP2-2018-2692=1 SUSE-SLE-SERVER-12-SP2-2018-2693=1 SUSE-SLE-SERVER-12-SP2-2018-2697=1 Package List: - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): kgraft-patch-4_4_114-92_64-default-9-2.1 kgraft-patch-4_4_114-92_67-default-9-2.1 kgraft-patch-4_4_120-92_70-default-8-2.1 kgraft-patch-4_4_121-92_73-default-7-2.1 kgraft-patch-4_4_121-92_80-default-7-2.1 kgraft-patch-4_4_121-92_85-default-5-2.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64): kgraft-patch-4_4_114-92_64-default-9-2.1 kgraft-patch-4_4_114-92_67-default-9-2.1 kgraft-patch-4_4_120-92_70-default-8-2.1 kgraft-patch-4_4_121-92_73-default-7-2.1 kgraft-patch-4_4_121-92_80-default-7-2.1 kgraft-patch-4_4_121-92_85-default-5-2.1 References: https://www.suse.com/security/cve/CVE-2018-5391.html https://bugzilla.suse.com/1103098 From sle-security-updates at lists.suse.com Mon Nov 19 07:11:13 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 19 Nov 2018 15:11:13 +0100 (CET) Subject: SUSE-SU-2018:3808-1: moderate: Security update for ImageMagick Message-ID: <20181119141113.7228DFCA4@maintenance.suse.de> SUSE Security Update: Security update for ImageMagick ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3808-1 Rating: moderate References: #1050129 #1050635 #1107609 #1112399 Cross-References: CVE-2017-11532 CVE-2017-11639 CVE-2017-14997 CVE-2018-16644 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for ImageMagick fixes the following issues: - CVE-2017-14997: ImageMagick allowed remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. (bsc#1112399) - CVE-2018-16644: A regression in the security fix for the pict coder was fixed (bsc#1107609) - CVE-2017-11532: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. (bsc#1050129) - CVE-2017-11639: A regression in the security fix in the cip coder was fixed (bsc#1050635) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ImageMagick-13868=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-ImageMagick-13868=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ImageMagick-13868=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-6.4.3.6-78.79.1 ImageMagick-devel-6.4.3.6-78.79.1 libMagick++-devel-6.4.3.6-78.79.1 libMagick++1-6.4.3.6-78.79.1 libMagickWand1-6.4.3.6-78.79.1 perl-PerlMagick-6.4.3.6-78.79.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libMagickWand1-32bit-6.4.3.6-78.79.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libMagickCore1-6.4.3.6-78.79.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libMagickCore1-32bit-6.4.3.6-78.79.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ImageMagick-debuginfo-6.4.3.6-78.79.1 ImageMagick-debugsource-6.4.3.6-78.79.1 References: https://www.suse.com/security/cve/CVE-2017-11532.html https://www.suse.com/security/cve/CVE-2017-11639.html https://www.suse.com/security/cve/CVE-2017-14997.html https://www.suse.com/security/cve/CVE-2018-16644.html https://bugzilla.suse.com/1050129 https://bugzilla.suse.com/1050635 https://bugzilla.suse.com/1107609 https://bugzilla.suse.com/1112399 From sle-security-updates at lists.suse.com Mon Nov 19 13:08:31 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 19 Nov 2018 21:08:31 +0100 (CET) Subject: SUSE-SU-2018:3811-1: moderate: Security update for SUSE Manager Server 3.1 Message-ID: <20181119200831.7F8BCFCA4@maintenance.suse.de> SUSE Security Update: Security update for SUSE Manager Server 3.1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3811-1 Rating: moderate References: #1034030 #1037389 #1042184 #1080474 #1090676 #1094524 #1094992 #1095220 #1095942 #1095972 #1096511 #1098970 #1099857 #1100852 #1101033 #1104120 #1104487 #1105045 #1105074 #1105720 #1105724 #1105886 #1106164 #1106875 #1107117 #1107302 #1107850 #1107869 #1109235 #1111249 #1111542 #1112163 #1113557 #1113698 #1113699 Cross-References: CVE-2017-14695 CVE-2017-14696 Affected Products: SUSE Manager Server 3.1 ______________________________________________________________________________ An update that solves two vulnerabilities and has 33 fixes is now available. Description: This update includes the following new features: - Add support for postgresql 10 (fate#325659) This update fixes the following issues: py26-compat-salt: - Update Salt version to 2016.11.10 - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698). - CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699). - Fix wrong recurse behavior on for linux_acl.present (bsc#1106164) - Adding backport for string arg normalization and fix for SUSE ES os - Prepend current directory when path is just filename (bsc#1095942) smdba: - Add support for postgresql 10 (fate#325659) spacecmd: - Show group id on group_details (bsc#1111542) - State channels handling: Existing commands configchannel_create and configchannel_import were updated while system_scheduleapplyconfigchannels and configchannel_updateinitsls were added. spacewalk: - Add support for postgresql10 (fate#325659) spacewalk-backend: - Channels to be actually un-subscribed from the assigned systems when being removed using spacewalk-remove-channel tool(bsc#1104120) spacewalk-branding: - New messages are added for XMLRPC API for state channels spacewalk-doc-indexes: - Use nutch-core dependency instead of nutch spacewalk-java: - Change Requires to allow installing with both Tomcat 8 (SLE-12SP3) and 9 (SLE12-SP4) - Fix typo in messages (bsc#1111249) - Remove restrictions on SUSE Manager Channel subscriptions (bsc#1105724) - Added shortcut for editing Software Channel - Fix NullPointerException when refreshing deleted software channel (bsc#1094992) - Add last_boot to listSystems() API call - Check valid postgresql database version - Fix displayed number of systems requiring reboot in Tasks pane (bsc#1106875) - Changed localization strings for file summaries (bsc#1090676) - Added menu item entries for creating/deleting file preservation lists (bsc#1034030) - Better error handling when a websocket connection is aborted (bsc#1080474) - Remove the reference of channel from revision before deleting it(bsc#1107850) - Added link from virtualization tab to Scheduled > Pending Actions (bsc#1037389) - Speedup package listings(bsc#1100852) - Method to Unsubscribe channel from system(bsc#1104120) - Fix mgr-sync refresh when subscription was removed (bsc#1105720) - Fix an error in the system software channels UI due to SUSE product channels missing a corresponding synced channel (bsc#1105886) - XMLRPC API for state channels - Optimize execution of actions in minions (bsc#1099857) - Reschedule taskomatic jobs if task threads limit reached (bsc#1096511) - Logic constraint: results must be ordered and grouped by systemId first (bsc#1101033) - Do not wrap output if stderr is not present (bsc#1105074) spacewalk-search: - Discard commons-logging.properties removal on spec file, as OBS package does not contain it - Upgrade tika-core to 0.19.1 and adjust nutch-core (bsc#1109235) - Remove lib jar files and add them as build dependencies on spec - Limit number of old java logfiles (bsc#1107869) spacewalk-utils: - Fix typo at --phases option help spacewalk-web: - Fix typo in messages (bsc#1111249) - Fix Sles name in base channel filter (Visualization tab) (bsc#1042184) subscription-matcher: - Set core dumps location for IBM java (bsc#1107302) - Fix OutOfMemoryError crashes (bsc#1094524) - Updated to version 0.20 - Update partnumbers rule file (bsc#1095972) - Use intermediate object to store confirmed matches within a penalty group and prevent infinite reactivation of Inherited virtualization rule (bsc#1094524) susemanager: - Add new option --with-parent-channel to mgr-create-bootrap-repo to specify parent channel to use if multiple options are available (bsc#1104487) - Add support for postgresql10 (fate#325659) - Bootstrap repos for SLE12 SP4 (bsc#1107117) susemanager-branding-oss: - Use ASCII quotation marks in license file (bsc#1098970) susemanager-schema: - Check valid postgresql database version susemanager-sls: - Deploy SSL certificate during onboarding of openSUSE Leap 15.0 (bsc#1112163) - Removed the ssl certificate verification while checking bootstrap repo URL (bsc#1095220) - Removed the need for curl to be present at bootstrap phase (bsc#1095220) susemanager-sync-data: - SUSE OpenStack Cloud 9 enablement (bsc#1113557) - Add SUSE Manager 3.1 on SLES12 SP4 - Support SLE12 SP4 product family (bsc#1107117) - Add CaaSP 3.0 channels (bsc#1105045) Additionally some Java components have been split out of existing packages for better maintenance: - apache-mybatis - hadoop - icu4j - lucene - nekohtml - nutch-core - picocontainer - tagsoup - tika-core Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 3.1: zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-2708=1 Package List: - SUSE Manager Server 3.1 (ppc64le s390x x86_64): smdba-1.6.2-0.2.9.1 spacewalk-branding-2.7.2.15-2.25.1 susemanager-3.1.16-2.26.1 susemanager-tools-3.1.16-2.26.1 - SUSE Manager Server 3.1 (noarch): apache-mybatis-3.2.3-1.3.1 hadoop-0.18.1-1.3.1 icu4j-55.1-1.3.1 lucene-2.4.1-1.3.1 nekohtml-1.9.21-1.3.1 nutch-core-1.0.1-1.3.1 picocontainer-1.3.7-1.3.1 py26-compat-salt-2016.11.10-1.16.1 spacecmd-2.7.8.13-2.26.1 spacewalk-backend-2.7.73.15-2.26.1 spacewalk-backend-app-2.7.73.15-2.26.1 spacewalk-backend-applet-2.7.73.15-2.26.1 spacewalk-backend-config-files-2.7.73.15-2.26.1 spacewalk-backend-config-files-common-2.7.73.15-2.26.1 spacewalk-backend-config-files-tool-2.7.73.15-2.26.1 spacewalk-backend-iss-2.7.73.15-2.26.1 spacewalk-backend-iss-export-2.7.73.15-2.26.1 spacewalk-backend-libs-2.7.73.15-2.26.1 spacewalk-backend-package-push-server-2.7.73.15-2.26.1 spacewalk-backend-server-2.7.73.15-2.26.1 spacewalk-backend-sql-2.7.73.15-2.26.1 spacewalk-backend-sql-oracle-2.7.73.15-2.26.1 spacewalk-backend-sql-postgresql-2.7.73.15-2.26.1 spacewalk-backend-tools-2.7.73.15-2.26.1 spacewalk-backend-xml-export-libs-2.7.73.15-2.26.1 spacewalk-backend-xmlrpc-2.7.73.15-2.26.1 spacewalk-base-2.7.1.19-2.29.1 spacewalk-base-minimal-2.7.1.19-2.29.1 spacewalk-base-minimal-config-2.7.1.19-2.29.1 spacewalk-common-2.7.0.6-2.6.1 spacewalk-doc-indexes-2.7.0.4-2.6.1 spacewalk-html-2.7.1.19-2.29.1 spacewalk-java-2.7.46.17-2.35.1 spacewalk-java-config-2.7.46.17-2.35.1 spacewalk-java-lib-2.7.46.17-2.35.1 spacewalk-java-oracle-2.7.46.17-2.35.1 spacewalk-java-postgresql-2.7.46.17-2.35.1 spacewalk-oracle-2.7.0.6-2.6.1 spacewalk-postgresql-2.7.0.6-2.6.1 spacewalk-search-2.7.3.6-2.16.1 spacewalk-taskomatic-2.7.46.17-2.35.1 spacewalk-utils-2.7.10.9-2.17.1 subscription-matcher-0.21-4.6.1 susemanager-branding-oss-3.1.2-3.3.1 susemanager-schema-3.1.20-2.33.1 susemanager-sls-3.1.19-2.30.1 susemanager-sync-data-3.1.16-2.29.1 tagsoup-1.2.1-1.3.1 tika-core-1.19.1-1.3.1 References: https://www.suse.com/security/cve/CVE-2017-14695.html https://www.suse.com/security/cve/CVE-2017-14696.html https://bugzilla.suse.com/1034030 https://bugzilla.suse.com/1037389 https://bugzilla.suse.com/1042184 https://bugzilla.suse.com/1080474 https://bugzilla.suse.com/1090676 https://bugzilla.suse.com/1094524 https://bugzilla.suse.com/1094992 https://bugzilla.suse.com/1095220 https://bugzilla.suse.com/1095942 https://bugzilla.suse.com/1095972 https://bugzilla.suse.com/1096511 https://bugzilla.suse.com/1098970 https://bugzilla.suse.com/1099857 https://bugzilla.suse.com/1100852 https://bugzilla.suse.com/1101033 https://bugzilla.suse.com/1104120 https://bugzilla.suse.com/1104487 https://bugzilla.suse.com/1105045 https://bugzilla.suse.com/1105074 https://bugzilla.suse.com/1105720 https://bugzilla.suse.com/1105724 https://bugzilla.suse.com/1105886 https://bugzilla.suse.com/1106164 https://bugzilla.suse.com/1106875 https://bugzilla.suse.com/1107117 https://bugzilla.suse.com/1107302 https://bugzilla.suse.com/1107850 https://bugzilla.suse.com/1107869 https://bugzilla.suse.com/1109235 https://bugzilla.suse.com/1111249 https://bugzilla.suse.com/1111542 https://bugzilla.suse.com/1112163 https://bugzilla.suse.com/1113557 https://bugzilla.suse.com/1113698 https://bugzilla.suse.com/1113699 From sle-security-updates at lists.suse.com Mon Nov 19 13:14:00 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 19 Nov 2018 21:14:00 +0100 (CET) Subject: SUSE-SU-2018:3812-1: important: Security update for libwpd Message-ID: <20181119201400.89479FCA4@maintenance.suse.de> SUSE Security Update: Security update for libwpd ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3812-1 Rating: important References: #1115713 Cross-References: CVE-2018-19208 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libwpd fixes the following issues: Security issue fixed: - CVE-2018-19208: Fixed illegal address access inside libwpd at function WP6ContentListener:defineTable (bsc#1115713). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP3: zypper in -t patch SUSE-SLE-WE-12-SP3-2018-2706=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2706=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2706=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64): libwpd-0_10-10-0.10.2-2.7.1 libwpd-0_10-10-debuginfo-0.10.2-2.7.1 libwpd-debugsource-0.10.2-2.7.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libwpd-0_10-10-0.10.2-2.7.1 libwpd-0_10-10-debuginfo-0.10.2-2.7.1 libwpd-debugsource-0.10.2-2.7.1 libwpd-devel-0.10.2-2.7.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch): libwpd-devel-doc-0.10.2-2.7.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libwpd-0_10-10-0.10.2-2.7.1 libwpd-0_10-10-debuginfo-0.10.2-2.7.1 libwpd-debugsource-0.10.2-2.7.1 References: https://www.suse.com/security/cve/CVE-2018-19208.html https://bugzilla.suse.com/1115713 From sle-security-updates at lists.suse.com Mon Nov 19 13:14:37 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 19 Nov 2018 21:14:37 +0100 (CET) Subject: SUSE-SU-2018:3813-1: important: Security update for salt Message-ID: <20181119201437.6DE17FCA4@maintenance.suse.de> SUSE Security Update: Security update for salt ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3813-1 Rating: important References: #1113698 #1113699 Cross-References: CVE-2018-15750 CVE-2018-15751 Affected Products: SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for salt fixes the following issues: Salt was updated to version 2016.11.10 and contains the following fixes: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698). - CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS: zypper in -t patch slesctsp4-salt-13870=1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS: zypper in -t patch slesctsp3-salt-13870=1 Package List: - SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): salt-2016.11.10-43.38.1 salt-doc-2016.11.10-43.38.1 salt-minion-2016.11.10-43.38.1 - SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (i586 ia64 ppc64 s390x x86_64): salt-2016.11.10-43.38.1 salt-doc-2016.11.10-43.38.1 salt-minion-2016.11.10-43.38.1 References: https://www.suse.com/security/cve/CVE-2018-15750.html https://www.suse.com/security/cve/CVE-2018-15751.html https://bugzilla.suse.com/1113698 https://bugzilla.suse.com/1113699 From sle-security-updates at lists.suse.com Tue Nov 20 07:08:42 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 20 Nov 2018 15:08:42 +0100 (CET) Subject: SUSE-SU-2018:3815-1: important: Security update for salt Message-ID: <20181120140842.86A84FCA4@maintenance.suse.de> SUSE Security Update: Security update for salt ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3815-1 Rating: important References: #1110938 #1113698 #1113699 #1113784 #1114197 Cross-References: CVE-2018-15750 CVE-2018-15751 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698). - CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699). Non-security issues fixed: - Improved handling of LDAP group id. gid is no longer treated as a string, which could have lead to faulty group creations (bsc#1113784). - Fixed async call to process manager (bsc#1110938). - Fixed OS arch detection when RPM is not installed (bsc#1114197). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2018-2713=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2713=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): salt-api-2018.3.0-5.20.1 salt-cloud-2018.3.0-5.20.1 salt-master-2018.3.0-5.20.1 salt-proxy-2018.3.0-5.20.1 salt-ssh-2018.3.0-5.20.1 salt-syndic-2018.3.0-5.20.1 - SUSE Linux Enterprise Module for Server Applications 15 (noarch): salt-fish-completion-2018.3.0-5.20.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): python2-salt-2018.3.0-5.20.1 python3-salt-2018.3.0-5.20.1 salt-2018.3.0-5.20.1 salt-doc-2018.3.0-5.20.1 salt-minion-2018.3.0-5.20.1 - SUSE Linux Enterprise Module for Basesystem 15 (noarch): salt-bash-completion-2018.3.0-5.20.1 salt-zsh-completion-2018.3.0-5.20.1 References: https://www.suse.com/security/cve/CVE-2018-15750.html https://www.suse.com/security/cve/CVE-2018-15751.html https://bugzilla.suse.com/1110938 https://bugzilla.suse.com/1113698 https://bugzilla.suse.com/1113699 https://bugzilla.suse.com/1113784 https://bugzilla.suse.com/1114197 From sle-security-updates at lists.suse.com Tue Nov 20 07:10:05 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 20 Nov 2018 15:10:05 +0100 (CET) Subject: SUSE-SU-2018:3816-1: important: Security update for py26-compat-salt Message-ID: <20181120141005.6BC8AFCA4@maintenance.suse.de> SUSE Security Update: Security update for py26-compat-salt ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3816-1 Rating: important References: #1113698 #1113699 Cross-References: CVE-2018-15750 CVE-2018-15751 Affected Products: SUSE Manager Server 3.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for py26-compat-salt fixes the following issues: Salt was updated to version 2016.11.10 and contains the following fixes: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698). - CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 3.2: zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2018-2712=1 Package List: - SUSE Manager Server 3.2 (noarch): py26-compat-salt-2016.11.10-6.15.1 References: https://www.suse.com/security/cve/CVE-2018-15750.html https://www.suse.com/security/cve/CVE-2018-15751.html https://bugzilla.suse.com/1113698 https://bugzilla.suse.com/1113699 From sle-security-updates at lists.suse.com Thu Nov 22 13:08:53 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:08:53 +0100 (CET) Subject: SUSE-SU-2018:3860-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3) Message-ID: <20181122200853.A4320FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP3) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3860-1 Rating: important References: #1103098 Cross-References: CVE-2018-5391 Affected Products: SUSE Linux Enterprise Live Patching 12-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.140-94_42 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a possible denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12-SP3: zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-2750=1 SUSE-SLE-Live-Patching-12-SP3-2018-2751=1 SUSE-SLE-Live-Patching-12-SP3-2018-2752=1 SUSE-SLE-Live-Patching-12-SP3-2018-2753=1 SUSE-SLE-Live-Patching-12-SP3-2018-2754=1 SUSE-SLE-Live-Patching-12-SP3-2018-2755=1 SUSE-SLE-Live-Patching-12-SP3-2018-2756=1 SUSE-SLE-Live-Patching-12-SP3-2018-2757=1 Package List: - SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64): kgraft-patch-4_4_114-94_11-default-9-2.1 kgraft-patch-4_4_114-94_11-default-debuginfo-9-2.1 kgraft-patch-4_4_114-94_14-default-9-2.1 kgraft-patch-4_4_114-94_14-default-debuginfo-9-2.1 kgraft-patch-4_4_120-94_17-default-8-2.1 kgraft-patch-4_4_120-94_17-default-debuginfo-8-2.1 kgraft-patch-4_4_126-94_22-default-8-2.1 kgraft-patch-4_4_126-94_22-default-debuginfo-8-2.1 kgraft-patch-4_4_131-94_29-default-6-2.1 kgraft-patch-4_4_131-94_29-default-debuginfo-6-2.1 kgraft-patch-4_4_132-94_33-default-6-2.1 kgraft-patch-4_4_132-94_33-default-debuginfo-6-2.1 kgraft-patch-4_4_138-94_39-default-5-2.1 kgraft-patch-4_4_138-94_39-default-debuginfo-5-2.1 kgraft-patch-4_4_140-94_42-default-5-2.1 kgraft-patch-4_4_140-94_42-default-debuginfo-5-2.1 References: https://www.suse.com/security/cve/CVE-2018-5391.html https://bugzilla.suse.com/1103098 From sle-security-updates at lists.suse.com Thu Nov 22 13:09:31 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:09:31 +0100 (CET) Subject: SUSE-SU-2018:3861-1: moderate: Security update for SDL_image Message-ID: <20181122200931.2CDA2FCA4@maintenance.suse.de> SUSE Security Update: Security update for SDL_image ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3861-1 Rating: moderate References: #1114519 Cross-References: CVE-2018-3977 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for SDL_image fixes the following issues: Security issue fixed: - CVE-2018-3977: Fixed a heap overflow issue (bsc#1114519). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-SDL_image-13877=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-SDL_image-13877=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): SDL_image-1.2.6-84.46.1 SDL_image-devel-1.2.6-84.46.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): SDL_image-debuginfo-1.2.6-84.46.1 SDL_image-debugsource-1.2.6-84.46.1 References: https://www.suse.com/security/cve/CVE-2018-3977.html https://bugzilla.suse.com/1114519 From sle-security-updates at lists.suse.com Thu Nov 22 13:10:07 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:10:07 +0100 (CET) Subject: SUSE-SU-2018:3862-1: important: Security update for salt Message-ID: <20181122201007.75591FCD3@maintenance.suse.de> SUSE Security Update: Security update for salt ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3862-1 Rating: important References: #1110938 #1113698 #1113699 #1113784 #1114197 Cross-References: CVE-2018-15750 CVE-2018-15751 Affected Products: SUSE Manager Tools 12 SUSE Manager Server 3.2 SUSE Manager Server 3.1 SUSE Manager Server 3.0 SUSE Manager Proxy 3.2 SUSE Manager Proxy 3.1 SUSE Manager Proxy 3.0 SUSE Linux Enterprise Point of Sale 12-SP2 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE CaaS Platform 3.0 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698). - CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699). Non-security issues fixed: - Improved handling of LDAP group id. gid is no longer treated as a string, which could have lead to faulty group creations (bsc#1113784). - Fix async call to process manager (bsc#1110938). - Fixed OS arch detection when RPM is not installed (bsc#1114197). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2018-2745=1 - SUSE Manager Server 3.2: zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2018-2745=1 - SUSE Manager Server 3.1: zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-2745=1 - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2018-2745=1 - SUSE Manager Proxy 3.2: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.2-2018-2745=1 - SUSE Manager Proxy 3.1: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.1-2018-2745=1 - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2018-2745=1 - SUSE Linux Enterprise Point of Sale 12-SP2: zypper in -t patch SUSE-SLE-POS-12-SP2-2018-2745=1 - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2018-2745=1 - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2745=1 Package List: - SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64): python2-salt-2018.3.0-46.44.1 python3-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-doc-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 - SUSE Manager Server 3.2 (ppc64le s390x x86_64): python2-salt-2018.3.0-46.44.1 python3-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-api-2018.3.0-46.44.1 salt-cloud-2018.3.0-46.44.1 salt-doc-2018.3.0-46.44.1 salt-master-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 salt-proxy-2018.3.0-46.44.1 salt-ssh-2018.3.0-46.44.1 salt-syndic-2018.3.0-46.44.1 - SUSE Manager Server 3.2 (noarch): salt-bash-completion-2018.3.0-46.44.1 salt-zsh-completion-2018.3.0-46.44.1 - SUSE Manager Server 3.1 (ppc64le s390x x86_64): python2-salt-2018.3.0-46.44.1 python3-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-api-2018.3.0-46.44.1 salt-cloud-2018.3.0-46.44.1 salt-doc-2018.3.0-46.44.1 salt-master-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 salt-proxy-2018.3.0-46.44.1 salt-ssh-2018.3.0-46.44.1 salt-syndic-2018.3.0-46.44.1 - SUSE Manager Server 3.1 (noarch): salt-bash-completion-2018.3.0-46.44.1 salt-zsh-completion-2018.3.0-46.44.1 - SUSE Manager Server 3.0 (s390x x86_64): python2-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-api-2018.3.0-46.44.1 salt-doc-2018.3.0-46.44.1 salt-master-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 salt-proxy-2018.3.0-46.44.1 salt-ssh-2018.3.0-46.44.1 salt-syndic-2018.3.0-46.44.1 - SUSE Manager Server 3.0 (noarch): salt-bash-completion-2018.3.0-46.44.1 salt-zsh-completion-2018.3.0-46.44.1 - SUSE Manager Proxy 3.2 (x86_64): python2-salt-2018.3.0-46.44.1 python3-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 - SUSE Manager Proxy 3.1 (ppc64le x86_64): python2-salt-2018.3.0-46.44.1 python3-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 - SUSE Manager Proxy 3.0 (x86_64): python2-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-api-2018.3.0-46.44.1 salt-doc-2018.3.0-46.44.1 salt-master-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 salt-proxy-2018.3.0-46.44.1 salt-ssh-2018.3.0-46.44.1 salt-syndic-2018.3.0-46.44.1 - SUSE Manager Proxy 3.0 (noarch): salt-bash-completion-2018.3.0-46.44.1 salt-zsh-completion-2018.3.0-46.44.1 - SUSE Linux Enterprise Point of Sale 12-SP2 (x86_64): python2-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): python2-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-api-2018.3.0-46.44.1 salt-cloud-2018.3.0-46.44.1 salt-doc-2018.3.0-46.44.1 salt-master-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 salt-proxy-2018.3.0-46.44.1 salt-ssh-2018.3.0-46.44.1 salt-syndic-2018.3.0-46.44.1 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch): salt-bash-completion-2018.3.0-46.44.1 salt-zsh-completion-2018.3.0-46.44.1 - SUSE CaaS Platform 3.0 (x86_64): python2-salt-2018.3.0-46.44.1 salt-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): salt-2018.3.0-46.44.1 salt-minion-2018.3.0-46.44.1 References: https://www.suse.com/security/cve/CVE-2018-15750.html https://www.suse.com/security/cve/CVE-2018-15751.html https://bugzilla.suse.com/1110938 https://bugzilla.suse.com/1113698 https://bugzilla.suse.com/1113699 https://bugzilla.suse.com/1113784 https://bugzilla.suse.com/1114197 From sle-security-updates at lists.suse.com Thu Nov 22 13:11:30 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:11:30 +0100 (CET) Subject: SUSE-SU-2018:3863-1: moderate: Security update for openssl-1_1 Message-ID: <20181122201130.59EF1FCA4@maintenance.suse.de> SUSE Security Update: Security update for openssl-1_1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3863-1 Rating: moderate References: #1113651 #1113652 Cross-References: CVE-2018-0734 CVE-2018-0735 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for openssl-1_1 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652). - CVE-2018-0735: Fixed timing vulnerability in ECDSA signature generation (bsc#1113651). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2758=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2758=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): openssl-1_1-doc-1.1.0i-4.15.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): libopenssl-1_1-devel-1.1.0i-4.15.1 libopenssl1_1-1.1.0i-4.15.1 libopenssl1_1-debuginfo-1.1.0i-4.15.1 libopenssl1_1-hmac-1.1.0i-4.15.1 openssl-1_1-1.1.0i-4.15.1 openssl-1_1-debuginfo-1.1.0i-4.15.1 openssl-1_1-debugsource-1.1.0i-4.15.1 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): libopenssl1_1-32bit-1.1.0i-4.15.1 libopenssl1_1-32bit-debuginfo-1.1.0i-4.15.1 libopenssl1_1-hmac-32bit-1.1.0i-4.15.1 References: https://www.suse.com/security/cve/CVE-2018-0734.html https://www.suse.com/security/cve/CVE-2018-0735.html https://bugzilla.suse.com/1113651 https://bugzilla.suse.com/1113652 From sle-security-updates at lists.suse.com Thu Nov 22 13:12:14 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:12:14 +0100 (CET) Subject: SUSE-SU-2018:3864-1: moderate: Security update for openssl Message-ID: <20181122201214.4C714FCA4@maintenance.suse.de> SUSE Security Update: Security update for openssl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3864-1 Rating: moderate References: #1101470 #1104789 #1106197 #1110018 #1113534 #1113652 Cross-References: CVE-2016-8610 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407 Affected Products: SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has two fixes is now available. Description: This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652). - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534). - CVE-2018-0737: Corrected the current error detection of the current fix (bsc#1106197). - CVE-2016-8610: Adjusted current fix and add missing error string (bsc#1110018). - Add missing timing side channel patch for DSA signature generation (bsc#1113742). - Fixed the "One and Done" side-channel attack on RSA (bsc#1104789). Non-security issues fixed: - Added openssl(cli) so that the packages that required the openssl binary can require this instead of the new openssl meta package (bsc#1101470). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2762=1 Package List: - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): libopenssl1_0_0-1.0.1i-54.20.1 libopenssl1_0_0-debuginfo-1.0.1i-54.20.1 libopenssl1_0_0-hmac-1.0.1i-54.20.1 openssl-1.0.1i-54.20.1 openssl-debuginfo-1.0.1i-54.20.1 openssl-debugsource-1.0.1i-54.20.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (s390x x86_64): libopenssl1_0_0-32bit-1.0.1i-54.20.1 libopenssl1_0_0-debuginfo-32bit-1.0.1i-54.20.1 libopenssl1_0_0-hmac-32bit-1.0.1i-54.20.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch): openssl-doc-1.0.1i-54.20.1 References: https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2018-0734.html https://www.suse.com/security/cve/CVE-2018-0737.html https://www.suse.com/security/cve/CVE-2018-5407.html https://bugzilla.suse.com/1101470 https://bugzilla.suse.com/1104789 https://bugzilla.suse.com/1106197 https://bugzilla.suse.com/1110018 https://bugzilla.suse.com/1113534 https://bugzilla.suse.com/1113652 From sle-security-updates at lists.suse.com Thu Nov 22 13:13:41 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:13:41 +0100 (CET) Subject: SUSE-SU-2018:3865-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3) Message-ID: <20181122201341.A4359FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3865-1 Rating: important References: #1103098 #1112039 Cross-References: CVE-2018-18386 CVE-2018-5391 Affected Products: SUSE Linux Enterprise Live Patching 12-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.103-6_33 fixes several issues. The following security issues were fixed: - CVE-2018-5391: Fixed a possible denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). - CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12-SP3: zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-2747=1 SUSE-SLE-Live-Patching-12-SP3-2018-2748=1 SUSE-SLE-Live-Patching-12-SP3-2018-2749=1 Package List: - SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64): kgraft-patch-4_4_103-6_33-default-11-2.1 kgraft-patch-4_4_103-6_33-default-debuginfo-11-2.1 kgraft-patch-4_4_103-6_38-default-11-2.1 kgraft-patch-4_4_103-6_38-default-debuginfo-11-2.1 kgraft-patch-4_4_92-6_30-default-11-2.1 kgraft-patch-4_4_92-6_30-default-debuginfo-11-2.1 References: https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-5391.html https://bugzilla.suse.com/1103098 https://bugzilla.suse.com/1112039 From sle-security-updates at lists.suse.com Thu Nov 22 13:14:27 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:14:27 +0100 (CET) Subject: SUSE-SU-2018:3866-1: moderate: Security update for openssl Message-ID: <20181122201427.493E4FCA4@maintenance.suse.de> SUSE Security Update: Security update for openssl ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3866-1 Rating: moderate References: #1112209 #1113534 #1113652 #1113742 Cross-References: CVE-2018-0734 CVE-2018-5407 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Desktop 12-SP3 SUSE Enterprise Storage 4 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation (bsc#1113652). - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses (bsc#1113534). - Add missing timing side channel patch for DSA signature generation (bsc#1113742). Non-security issues fixed: - Fixed infinite loop in DSA generation with incorrect parameters (bsc#1112209). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2760=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2760=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2760=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2760=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2760=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2760=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2760=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2760=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2760=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 libopenssl1_0_0-hmac-1.0.2j-60.46.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE OpenStack Cloud 7 (noarch): openssl-doc-1.0.2j-60.46.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libopenssl-devel-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-hmac-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): openssl-doc-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-hmac-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): openssl-doc-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-hmac-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64): libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): openssl-doc-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): openssl-doc-1.0.2j-60.46.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 libopenssl1_0_0-hmac-1.0.2j-60.46.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE Enterprise Storage 4 (noarch): openssl-doc-1.0.2j-60.46.1 - SUSE Enterprise Storage 4 (x86_64): libopenssl-devel-1.0.2j-60.46.1 libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-32bit-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-32bit-1.0.2j-60.46.1 libopenssl1_0_0-hmac-1.0.2j-60.46.1 libopenssl1_0_0-hmac-32bit-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE CaaS Platform ALL (x86_64): libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - SUSE CaaS Platform 3.0 (x86_64): libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libopenssl1_0_0-1.0.2j-60.46.1 libopenssl1_0_0-debuginfo-1.0.2j-60.46.1 openssl-1.0.2j-60.46.1 openssl-debuginfo-1.0.2j-60.46.1 openssl-debugsource-1.0.2j-60.46.1 References: https://www.suse.com/security/cve/CVE-2018-0734.html https://www.suse.com/security/cve/CVE-2018-5407.html https://bugzilla.suse.com/1112209 https://bugzilla.suse.com/1113534 https://bugzilla.suse.com/1113652 https://bugzilla.suse.com/1113742 From sle-security-updates at lists.suse.com Thu Nov 22 13:15:29 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:15:29 +0100 (CET) Subject: SUSE-SU-2018:3867-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP3) Message-ID: <20181122201529.5209AFCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP3) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3867-1 Rating: important References: #1107832 Cross-References: CVE-2018-14633 Affected Products: SUSE Linux Enterprise Live Patching 12-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.4.156-94_64 fixes one issue. The following security issue was fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107832). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12-SP3: zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-2746=1 Package List: - SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64): kgraft-patch-4_4_156-94_64-default-2-2.1 kgraft-patch-4_4_156-94_64-default-debuginfo-2-2.1 References: https://www.suse.com/security/cve/CVE-2018-14633.html https://bugzilla.suse.com/1107832 From sle-security-updates at lists.suse.com Thu Nov 22 13:16:05 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:16:05 +0100 (CET) Subject: SUSE-SU-2018:3868-1: important: Security update for java-1_8_0-ibm Message-ID: <20181122201605.4966EFCA4@maintenance.suse.de> SUSE Security Update: Security update for java-1_8_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3868-1 Rating: important References: #1116574 Cross-References: CVE-2018-13785 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 Affected Products: SUSE Linux Enterprise Module for Legacy Software 15 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: java-1_8_0-ibm was updated to Java 8.0 Service Refresh 5 Fix Pack 25 (bsc#1116574) * Class Libraries: - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10930 CVE-2018-3183 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT - IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT - IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK???S CACERTS. - IJ10566 SUPPORT EBCDIC CODE PAGE IBM-274 ??? BELGIUM EBCDIC * Java Virtual Machine - IJ08730 APPLICATION SIGNAL HANDLER NOT INVOKED FOR SIGABRT - IJ10453 ASSERTION FAILURE AT CLASSPATHITEM.CPP - IJ09574 CLASSLOADER DEFINED THROUGH SYSTEM PROPERTY ???JAVA.SYSTEM.CLASS.LOADE R??? IS NOT HONORED. - IJ10931 CVE-2018-3169 - IJ10618 GPU SORT: UNSPECIFIED LAUNCH FAILURE - IJ10619 INCORRECT ILLEGALARGUMENTEXCEPTION BECAUSE OBJECT IS NOT AN INSTANCE OF DECLARING CLASS ON REFLECTIVE INVOCATION - IJ10135 JVM HUNG IN GARBAGECOLLECTORMXBEAN.G ETLASTGCINFO() API - IJ10680 RECURRENT ABORTED SCAVENGE * ORB - IX90187 CLIENTREQUESTIMPL.REINVO KE FAILS WITH JAVA.LANG.INDEXOUTOFBOUN DSEXCEPTION * Reliability and Serviceability - IJ09600 DTFJ AND JDMPVIEW FAIL TO PARSE WIDE REGISTER VALUES * Security - IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY - IJ10310 ADD NULL CHECKING ON THE ENCRYPTION TYPES LIST TO CREDENTIALS.GETDEFAULTNA TIVECREDS() METHOD - IJ10491 AES/GCM CIPHER ??? AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( ) - IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE - IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER ??? INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS - IJ10136 IBMPKCS11IMPL ??? INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX - IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER - IJ08723 JAAS THROWS A ???ARRAY INDEX OUT OF RANGE??? EXCEPTION - IJ08704 THE SECURITY PROPERTY ???JDK.CERTPATH.DISABLEDAL GORITHMS??? IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS * z/OS Extentions - PH03889 ADD SUPPORT FOR TRY-WITH-RESOURCES TO COM.IBM.JZOS.ENQUEUE - PH03414 ROLLOVER FROM SYE TO SAE FOR ICSF REASON CODE 3059 - PH04008 ZERTJSSE ??? Z SYSTEMS ENCRYPTION READINESS TOOL (ZERT) NEW SUPPORT IN THE Z/OS JAVA SDK This includes the update to Java 8.0 Service Refresh 5 Fix Pack 22: * Java Virtual Machine - IJ09139 CUDA4J NOT AVAILABLE ON ALL PLATFORMS * JIT Compiler - IJ09089 CRASH DURING COMPILATION IN USEREGISTER ON X86-32 - IJ08655 FLOATING POINT ERROR (SIGFPE) IN ZJ9SYM1 OR ANY VM/JIT MODULE ON AN INSTRUCTION FOLLOWING A VECTOR INSTRUCTION - IJ08850 CRASH IN ARRAYLIST$ITR.NEXT() - IJ09601 JVM CRASHES ON A SIGBUS SIGNAL WHEN ACCESSING A DIRECTBYTEBUFFER * z/OS Extentions - PH02999 JZOS data management classes accept dataset names in code pages supported by z/OS system services - PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID Also the update to Java 8.0 Service Refresh 5 Fix Pack 21 * Class Libraries - IJ08569 JAVA.IO.IOEXCEPTION OCCURS WHEN A FILECHANNEL IS BIGGER THAN 2GB ON AIX PLATFORM - IJ08570 JAVA.LANG.UNSATISFIEDLIN KERROR WITH JAVA OPTION -DSUN.JAVA2D.CMM=SUN.JAV A2D.CMM.KCMS.KCMSSERVICE PROVIDER ON AIX PLATFORM * Java Virtual Machine - IJ08001 30% THROUGHPUT DROP FOR CERTAIN SYNCHRONIZATION WORKLOADS - IJ07997 TRACEASSERT IN GARBAGE COLLECTOR(MEMORYSUBSPACE) * JIT Compiler - IJ08503 ASSERTION IS HIT DUE TO UNEXPECTED STACK HEIGHT IN DEBUGGING MODE - IJ08375 CRASH DURING HARDWARE GENERATED GUARDED STORAGE EVENT WITHIN A TRANSACTIONAL EXECUTION REGION WHEN RUNNING WITH -XGC:CONCURRENTS - IJ08205 CRASH WHILE COMPILING - IJ09575 INCORRECT RESULT WHEN USING JAVA.LANG.MATH.MIN OR MAX ON 31-BIT JVM - IJ07886 INCORRECT CALUCATIONS WHEN USING NUMBERFORMAT.FORMAT() AND BIGDECIMAL.{FLOAT/DOUBLE }VALUE() Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Legacy Software 15: zypper in -t patch SUSE-SLE-Module-Legacy-15-2018-2763=1 Package List: - SUSE Linux Enterprise Module for Legacy Software 15 (ppc64le s390x x86_64): java-1_8_0-ibm-1.8.0_sr5.25-3.9.1 java-1_8_0-ibm-devel-1.8.0_sr5.25-3.9.1 - SUSE Linux Enterprise Module for Legacy Software 15 (x86_64): java-1_8_0-ibm-alsa-1.8.0_sr5.25-3.9.1 java-1_8_0-ibm-plugin-1.8.0_sr5.25-3.9.1 References: https://www.suse.com/security/cve/CVE-2018-13785.html https://www.suse.com/security/cve/CVE-2018-3136.html https://www.suse.com/security/cve/CVE-2018-3139.html https://www.suse.com/security/cve/CVE-2018-3149.html https://www.suse.com/security/cve/CVE-2018-3169.html https://www.suse.com/security/cve/CVE-2018-3180.html https://www.suse.com/security/cve/CVE-2018-3183.html https://www.suse.com/security/cve/CVE-2018-3214.html https://bugzilla.suse.com/1116574 From sle-security-updates at lists.suse.com Thu Nov 22 13:16:38 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:16:38 +0100 (CET) Subject: SUSE-SU-2018:3869-1: important: Security update for the Linux RT Kernel Message-ID: <20181122201638.2A401FCB2@maintenance.suse.de> SUSE Security Update: Security update for the Linux RT Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3869-1 Rating: important References: #1031240 #1047027 #1049128 #1050431 #1064861 #1065600 #1066674 #1071021 #1081680 #1094244 #1094825 #1103145 #1105799 #1106139 #1106240 #1107371 #1107829 #1107849 #1108314 #1108498 #1109806 #1109818 #1110006 #1110247 #1113337 #1113751 #1113769 #1114460 #923775 Cross-References: CVE-2017-1000407 CVE-2017-16533 CVE-2017-7273 CVE-2018-14633 CVE-2018-18281 CVE-2018-18386 CVE-2018-18710 CVE-2018-9516 Affected Products: SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 21 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 RT kernel was updated to 3.0.101-rt130-69.39 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18281: An issue was discovered in the Linux kernel, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused (bnc#1113769). - CVE-2018-18710: An issue was discovered in the Linux kernel, an information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2017-7273: The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x allowed physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report (bnc#1031240). - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674). - CVE-2017-1000407: An denial of service issue was discovered in the Linux kernel, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic (bnc#1071021). - CVE-2018-9516: An issue was discovered in the Linux kernel, the copy_to_user() inside the HID code does not correctly check the length before executing (bsc#1108498). - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bnc#1107829). The following non-security bugs were fixed: - Btrfs: fix deadlock when finalizing block group creation (bsc#1107849). - Btrfs: fix quick exhaustion of the system array in the superblock (bsc#1107849). - FS-Cache: Synchronise object death state change vs operation submission (bsc#1107371). - KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - KVM: Disable irq while unregistering user notifier (bsc#1106240). - KVM: SVM: obey guest PAT (bsc#1106240). - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts (bsc#1106240). - KVM: emulate: fix CMPXCHG8B on 32-bit hosts (bsc#1106240). - KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bsc#1106240). - KVM: x86: fix use of uninitialized memory as segment descriptor in emulator (bsc#1106240). - KVM: x86: zero base3 of unusable segments (bsc#1106240). - NFS - do not hang if xdr decoded username is bad (bsc#1105799). - NFSv4.1 - Do not leak IO size from one mount to another (bsc#1103145). - PCI/AER: Report non-fatal errors only to the affected endpoint (bsc#1109806). - PCI: Supply CPU physical address (not bus address) to iomem_is_exclusive() (bsc#1109806). - PCI: shpchp: Check bridge's secondary (not primary) bus speed (bsc#1109806). - PCI: shpchp: Fix AMD POGO identification (bsc#1109806). - add kernel parameter to disable failfast on block devices (bsc#1081680). - block: add flag QUEUE_FLAG_REGISTERED (bsc#1047027). - block: allow gendisk's request_queue registration to be deferred (bsc#1047027). - crypto: ghash-clmulni-intel - use C implementation for setkey() (bsc#1110006). - dm: fix incomplete request_queue initialization (bsc#1047027). - dm: only initialize the request_queue once (bsc#1047027). - firmware/ihex2fw.c: restore missing default in switch statement (bsc#1114460). - kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE (git-fixes). - locks: fix unlock when fcntl_setlk races with a close (git-fixes). - media: Fix invalid free in the fix for mceusb (bsc#1050431). - media: cx25821: prevent out-of-bounds read on array card (bsc#1050431). - media: ite-cir: initialize use_demodulator before using it (bsc#1050431). - media: mceusb: fix NULL-deref at probe (bsc#1050431). - media: mceusb: fix memory leaks in error path. - percpu: make pcpu_alloc_chunk() use pcpu_mem_free() instead of kfree() (git fixes). - powerpc, KVM: Rework KVM checks in first-level interrupt handlers (bsc#1094244). - powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244). - powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently (bsc#1064861). - powerpc/64: Initialise thread_info for emergency stacks (bsc#1094244). - powerpc/64s: Exception macro for stack frame and initial register save (bsc#1094244). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/asm: Mark cr0 as clobbered in mftb() (bsc#1049128). - powerpc/book3s: Introduce a early machine check hook in cpu_spec (bsc#1094244). - powerpc/book3s: Introduce exclusive emergency stack for machine check exception (bsc#1094244). - powerpc/book3s: Split the common exception prolog logic into two section (bsc#1094244). - powerpc/book3s: handle machine check in Linux host (bsc#1094244). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/pseries: Avoid using the size greater than (bsc#1094244). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc: Add a symbol for hypervisor trampolines (bsc#1094244). - powerpc: Fix smp_mb__before_spinlock() (bsc#1110247). - powerpc: Make load_hander handle upto 64k offset (bsc#1094244). - powerpc: Rework runlatch code (bsc#1094244). - powerpc: Save CFAR before branching in interrupt entry paths (bsc#1094244). - powerpc: cputable: KABI - hide new cpu_spec member from genksyms (bsc#1094244). - powerpc: move MCE handler out-of-line and consolidate with machine_check_fwnmi (bsc#1094244). - powerpc: move stab code into #ifndef CONFIG_POWER4_ONLY (bsc#1094244). - powerpc: replace open-coded EXCEPTION_PROLOG_1 with the macro in slb miss handlers (bsc#1094244). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - retpoline: Introduce start/end markers of indirect thunk (bsc#1113337). - s390/facilites: use stfle_fac_list array size for MAX_FACILITY_BIT (bnc#1108314, LTC#171326). - s390/sclp: Change SCLP console default buffer-full behavior (bnc#1108314, LTC#171049). - scsi: libfc: Do not drop down to FLOGI for fc_rport_login() (bsc#1106139). - scsi: libfc: Do not login if the port is already started (bsc#1106139). - scsi: libfc: do not advance state machine for incoming FLOGI (bsc#1106139). - scsi: storvsc: fix memory leak on ring buffer busy (bnc#923775). - signals: avoid unnecessary taking of sighand->siglock (bsc#1110247). - x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006). - x86/mm/32: Set the '__vmalloc_start_set' flag in initmem_init() (bsc#1110006). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86/process: Re-export start_thread() (bsc#1110006). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-kernel-source-rt-13876=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-source-rt-13876=1 Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-69.39.1 kernel-rt-base-3.0.101.rt130-69.39.1 kernel-rt-devel-3.0.101.rt130-69.39.1 kernel-rt_trace-3.0.101.rt130-69.39.1 kernel-rt_trace-base-3.0.101.rt130-69.39.1 kernel-rt_trace-devel-3.0.101.rt130-69.39.1 kernel-source-rt-3.0.101.rt130-69.39.1 kernel-syms-rt-3.0.101.rt130-69.39.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-69.39.1 kernel-rt-debugsource-3.0.101.rt130-69.39.1 kernel-rt_debug-debuginfo-3.0.101.rt130-69.39.1 kernel-rt_debug-debugsource-3.0.101.rt130-69.39.1 kernel-rt_trace-debuginfo-3.0.101.rt130-69.39.1 kernel-rt_trace-debugsource-3.0.101.rt130-69.39.1 References: https://www.suse.com/security/cve/CVE-2017-1000407.html https://www.suse.com/security/cve/CVE-2017-16533.html https://www.suse.com/security/cve/CVE-2017-7273.html https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-18281.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18710.html https://www.suse.com/security/cve/CVE-2018-9516.html https://bugzilla.suse.com/1031240 https://bugzilla.suse.com/1047027 https://bugzilla.suse.com/1049128 https://bugzilla.suse.com/1050431 https://bugzilla.suse.com/1064861 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1066674 https://bugzilla.suse.com/1071021 https://bugzilla.suse.com/1081680 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1103145 https://bugzilla.suse.com/1105799 https://bugzilla.suse.com/1106139 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1107371 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107849 https://bugzilla.suse.com/1108314 https://bugzilla.suse.com/1108498 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110247 https://bugzilla.suse.com/1113337 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113769 https://bugzilla.suse.com/1114460 https://bugzilla.suse.com/923775 From sle-security-updates at lists.suse.com Thu Nov 22 13:22:49 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Thu, 22 Nov 2018 21:22:49 +0100 (CET) Subject: SUSE-SU-2018:3870-1: important: Security update for libwpd Message-ID: <20181122202249.B760FFCA4@maintenance.suse.de> SUSE Security Update: Security update for libwpd ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3870-1 Rating: important References: #1115713 Cross-References: CVE-2018-19208 Affected Products: SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libwpd fixes the following issues: Security issue fixed: - CVE-2018-19208: Fixed illegal address access inside libwpd at function WP6ContentListener:defineTable (bsc#1115713). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2018-2761=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2761=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (x86_64): libwpd-0_10-10-0.10.2-3.3.1 libwpd-0_10-10-debuginfo-0.10.2-3.3.1 libwpd-debuginfo-0.10.2-3.3.1 libwpd-debugsource-0.10.2-3.3.1 libwpd-devel-0.10.2-3.3.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): libwpd-debuginfo-0.10.2-3.3.1 libwpd-debugsource-0.10.2-3.3.1 libwpd-tools-0.10.2-3.3.1 libwpd-tools-debuginfo-0.10.2-3.3.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): libwpd-devel-doc-0.10.2-3.3.1 References: https://www.suse.com/security/cve/CVE-2018-19208.html https://bugzilla.suse.com/1115713 From sle-security-updates at lists.suse.com Fri Nov 23 13:11:21 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 23 Nov 2018 21:11:21 +0100 (CET) Subject: SUSE-SU-2018:3879-1: moderate: Security update for tiff Message-ID: <20181123201121.141E4FCA4@maintenance.suse.de> SUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3879-1 Rating: moderate References: #1010163 #1014461 #1040080 #1040322 #1074186 #1099257 #1113672 #974446 #974447 #974448 #983440 Cross-References: CVE-2015-8870 CVE-2016-3619 CVE-2016-3620 CVE-2016-3621 CVE-2016-5319 CVE-2016-9273 CVE-2017-17942 CVE-2017-9117 CVE-2017-9147 CVE-2018-12900 CVE-2018-18661 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672). - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257). - CVE-2017-9147: Fixed invalid read in the _TIFFVGetField function in tif_dir.c, that allowed remote attackers to cause a DoS via acrafted TIFF file (bsc#1040322). - CVE-2017-9117: Fixed BMP images processing that was verified without biWidth and biHeight values (bsc#1040080). - CVE-2017-17942: Fixed issue in the function PackBitsEncode that could have led to a heap overflow and caused a DoS (bsc#1074186). - CVE-2016-9273: Fixed heap-based buffer overflow issue (bsc#1010163). - CVE-2016-5319: Fixed heap-based buffer overflow in PackBitsEncode (bsc#983440). - CVE-2016-3621: Fixed out-of-bounds read in the bmp2tiff tool (lzw packing) (bsc#974448). - CVE-2016-3620: Fixed out-of-bounds read in the bmp2tiff tool (zip packing) (bsc#974447) - CVE-2016-3619: Fixed out-of-bounds read in the bmp2tiff tool (none packing) (bsc#974446) - CVE-2015-8870: Fixed integer overflow in tools/bmp2tiff.c that allowed remote attackers to causea DOS (bsc#1014461). Non-security issues fixed: - asan_build: build ASAN included - debug_build: build more suitable for debugging Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-tiff-13878=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-tiff-13878=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-tiff-13878=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtiff-devel-3.8.2-141.169.22.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): libtiff-devel-32bit-3.8.2-141.169.22.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): libtiff3-3.8.2-141.169.22.1 tiff-3.8.2-141.169.22.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libtiff3-32bit-3.8.2-141.169.22.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libtiff3-x86-3.8.2-141.169.22.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): tiff-debuginfo-3.8.2-141.169.22.1 tiff-debugsource-3.8.2-141.169.22.1 References: https://www.suse.com/security/cve/CVE-2015-8870.html https://www.suse.com/security/cve/CVE-2016-3619.html https://www.suse.com/security/cve/CVE-2016-3620.html https://www.suse.com/security/cve/CVE-2016-3621.html https://www.suse.com/security/cve/CVE-2016-5319.html https://www.suse.com/security/cve/CVE-2016-9273.html https://www.suse.com/security/cve/CVE-2017-17942.html https://www.suse.com/security/cve/CVE-2017-9117.html https://www.suse.com/security/cve/CVE-2017-9147.html https://www.suse.com/security/cve/CVE-2018-12900.html https://www.suse.com/security/cve/CVE-2018-18661.html https://bugzilla.suse.com/1010163 https://bugzilla.suse.com/1014461 https://bugzilla.suse.com/1040080 https://bugzilla.suse.com/1040322 https://bugzilla.suse.com/1074186 https://bugzilla.suse.com/1099257 https://bugzilla.suse.com/1113672 https://bugzilla.suse.com/974446 https://bugzilla.suse.com/974447 https://bugzilla.suse.com/974448 https://bugzilla.suse.com/983440 From sle-security-updates at lists.suse.com Fri Nov 23 13:13:33 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 23 Nov 2018 21:13:33 +0100 (CET) Subject: SUSE-SU-2018:3880-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15) Message-ID: <20181123201333.4AB45FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 0 for SLE 15) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3880-1 Rating: important References: #1103098 #1112039 Cross-References: CVE-2018-18386 CVE-2018-5391 Affected Products: SUSE Linux Enterprise Module for Live Patching 15 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.12.14-23 fixes several issues. The following security issues were fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). - CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bsc#1112039). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2018-2768=1 Package List: - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64): kernel-livepatch-4_12_14-23-default-6-16.2 kernel-livepatch-4_12_14-23-default-debuginfo-6-16.2 kernel-livepatch-SLE15_Update_0-debugsource-6-16.2 References: https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-5391.html https://bugzilla.suse.com/1103098 https://bugzilla.suse.com/1112039 From sle-security-updates at lists.suse.com Fri Nov 23 13:14:16 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 23 Nov 2018 21:14:16 +0100 (CET) Subject: SUSE-SU-2018:3881-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15) Message-ID: <20181123201416.81842FCA4@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel (Live Patch 1 for SLE 15) ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3881-1 Rating: important References: #1103098 Cross-References: CVE-2018-5391 Affected Products: SUSE Linux Enterprise Module for Live Patching 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.12.14-25_3 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2018-2767=1 SUSE-SLE-Module-Live-Patching-15-2018-2770=1 Package List: - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64): kernel-livepatch-4_12_14-25_3-default-6-2.1 kernel-livepatch-4_12_14-25_3-default-debuginfo-6-2.1 kernel-livepatch-4_12_14-25_6-default-6-2.1 kernel-livepatch-4_12_14-25_6-default-debuginfo-6-2.1 References: https://www.suse.com/security/cve/CVE-2018-5391.html https://bugzilla.suse.com/1103098 From sle-security-updates at lists.suse.com Fri Nov 23 13:14:52 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 23 Nov 2018 21:14:52 +0100 (CET) Subject: SUSE-SU-2018:2452-2: moderate: Security update for libgcrypt Message-ID: <20181123201452.86515FCA4@maintenance.suse.de> SUSE Security Update: Security update for libgcrypt ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2452-2 Rating: moderate References: #1064455 #1090766 #1097410 Cross-References: CVE-2018-0495 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP4 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures (bsc#1097410). The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-verify commands with the --algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455). - Ensure libgcrypt20-hmac and libgcrypt20 are installed in the correct order. (bsc#1090766) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2018-1697=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1697=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2018-1697=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1697=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2018-1697=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1697=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1697=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt-devel-1.6.1-16.62.1 libgcrypt-devel-debuginfo-1.6.1-16.62.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt-devel-1.6.1-16.62.1 libgcrypt-devel-debuginfo-1.6.1-16.62.1 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt20-1.6.1-16.62.1 libgcrypt20-debuginfo-1.6.1-16.62.1 libgcrypt20-hmac-1.6.1-16.62.1 - SUSE Linux Enterprise Server 12-SP4 (s390x x86_64): libgcrypt20-32bit-1.6.1-16.62.1 libgcrypt20-debuginfo-32bit-1.6.1-16.62.1 libgcrypt20-hmac-32bit-1.6.1-16.62.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt20-1.6.1-16.62.1 libgcrypt20-debuginfo-1.6.1-16.62.1 libgcrypt20-hmac-1.6.1-16.62.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libgcrypt20-32bit-1.6.1-16.62.1 libgcrypt20-debuginfo-32bit-1.6.1-16.62.1 libgcrypt20-hmac-32bit-1.6.1-16.62.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt20-1.6.1-16.62.1 libgcrypt20-32bit-1.6.1-16.62.1 libgcrypt20-debuginfo-1.6.1-16.62.1 libgcrypt20-debuginfo-32bit-1.6.1-16.62.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt20-1.6.1-16.62.1 libgcrypt20-32bit-1.6.1-16.62.1 libgcrypt20-debuginfo-1.6.1-16.62.1 libgcrypt20-debuginfo-32bit-1.6.1-16.62.1 - SUSE CaaS Platform ALL (x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt20-1.6.1-16.62.1 libgcrypt20-debuginfo-1.6.1-16.62.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libgcrypt-debugsource-1.6.1-16.62.1 libgcrypt20-1.6.1-16.62.1 libgcrypt20-debuginfo-1.6.1-16.62.1 References: https://www.suse.com/security/cve/CVE-2018-0495.html https://bugzilla.suse.com/1064455 https://bugzilla.suse.com/1090766 https://bugzilla.suse.com/1097410 From sle-security-updates at lists.suse.com Fri Nov 23 13:15:49 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 23 Nov 2018 21:15:49 +0100 (CET) Subject: SUSE-SU-2018:3882-1: moderate: Security update for exiv2 Message-ID: <20181123201549.5BF63FCA4@maintenance.suse.de> SUSE Security Update: Security update for exiv2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3882-1 Rating: moderate References: #1050257 #1051188 #1060995 #1060996 #1061000 #1072928 #1092952 #1093095 #1095070 Cross-References: CVE-2017-11591 CVE-2017-11683 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2018-10958 CVE-2018-10998 CVE-2018-11531 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. (bsc#1050257) - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in types.cpp. The vulnerability caused a segmentation fault and application crash, which lead to denial of service. (bsc#1060995) - CVE-2017-14862: An invalid memory address dereference was discovered in Exiv2::DataValue::read in value.cpp. The vulnerability caused a segmentation fault and application crash, which lead to denial of service. (bsc#1060996) - CVE-2017-14859: An invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp. The vulnerability caused a segmentation fault and application crash, which lead to denial of service. (bsc#1061000) - CVE-2017-11683: There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp that could lead to a remote denial of service attack via crafted input. (bsc#1051188) - CVE-2017-17669: There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk_int.cpp. A crafted PNG file would lead to a remote denial of service attack. (bsc#1072928) - CVE-2018-10958: In types.cpp a large size value might have lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call. (bsc#1092952) - CVE-2018-10998: readMetadata in jp2image.cpp allowed remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call. (bsc#1093095) - CVE-2018-11531: Exiv2 had a heap-based buffer overflow in getData in preview.cpp. (bsc#1095070) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2772=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2772=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2772=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): exiv2-debuginfo-0.23-12.5.1 exiv2-debugsource-0.23-12.5.1 libexiv2-devel-0.23-12.5.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): exiv2-debuginfo-0.23-12.5.1 exiv2-debugsource-0.23-12.5.1 libexiv2-12-0.23-12.5.1 libexiv2-12-debuginfo-0.23-12.5.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): exiv2-debuginfo-0.23-12.5.1 exiv2-debugsource-0.23-12.5.1 libexiv2-12-0.23-12.5.1 libexiv2-12-debuginfo-0.23-12.5.1 References: https://www.suse.com/security/cve/CVE-2017-11591.html https://www.suse.com/security/cve/CVE-2017-11683.html https://www.suse.com/security/cve/CVE-2017-14859.html https://www.suse.com/security/cve/CVE-2017-14862.html https://www.suse.com/security/cve/CVE-2017-14864.html https://www.suse.com/security/cve/CVE-2017-17669.html https://www.suse.com/security/cve/CVE-2018-10958.html https://www.suse.com/security/cve/CVE-2018-10998.html https://www.suse.com/security/cve/CVE-2018-11531.html https://bugzilla.suse.com/1050257 https://bugzilla.suse.com/1051188 https://bugzilla.suse.com/1060995 https://bugzilla.suse.com/1060996 https://bugzilla.suse.com/1061000 https://bugzilla.suse.com/1072928 https://bugzilla.suse.com/1092952 https://bugzilla.suse.com/1093095 https://bugzilla.suse.com/1095070 From sle-security-updates at lists.suse.com Fri Nov 23 13:18:09 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 23 Nov 2018 21:18:09 +0100 (CET) Subject: SUSE-SU-2018:3884-1: important: Security update for rpm Message-ID: <20181123201809.EE757FCA4@maintenance.suse.de> SUSE Security Update: Security update for rpm ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3884-1 Rating: important References: #943457 Cross-References: CVE-2017-7500 CVE-2017-7501 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP4 SUSE Linux Enterprise Desktop 12-SP3 SUSE Enterprise Storage 4 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rpm fixes the following issues: These security issues were fixed: - CVE-2017-7500: rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination (bsc#943457). - CVE-2017-7501: rpm used temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation (bsc#943457) This is a reissue of the above security fixes for SUSE Linux Enterprise 12 GA, SP1 and SP2 LTSS, they have already been released for SUSE Linux Enterprise Server 12 SP3. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2766=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2018-2766=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2766=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2766=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2018-2766=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2766=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2766=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2766=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2766=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2766=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2018-2766=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2766=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2766=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2766=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-32bit-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-devel-4.11.2-16.21.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-devel-4.11.2-16.21.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): rpm-32bit-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP4 (s390x x86_64): rpm-32bit-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): rpm-32bit-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64): rpm-32bit-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-32bit-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (s390x x86_64): rpm-32bit-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): rpm-32bit-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-32bit-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): rpm-32bit-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE Enterprise Storage 4 (x86_64): python3-rpm-4.11.2-16.21.1 python3-rpm-debuginfo-4.11.2-16.21.1 python3-rpm-debugsource-4.11.2-16.21.1 rpm-32bit-4.11.2-16.21.1 rpm-4.11.2-16.21.1 rpm-build-4.11.2-16.21.1 rpm-build-debuginfo-4.11.2-16.21.1 rpm-debuginfo-32bit-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE CaaS Platform ALL (x86_64): rpm-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - SUSE CaaS Platform 3.0 (x86_64): rpm-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): rpm-4.11.2-16.21.1 rpm-debuginfo-4.11.2-16.21.1 rpm-debugsource-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rpm-python-debuginfo-4.11.2-16.21.1 rpm-python-debugsource-4.11.2-16.21.1 References: https://www.suse.com/security/cve/CVE-2017-7500.html https://www.suse.com/security/cve/CVE-2017-7501.html https://bugzilla.suse.com/943457 From sle-security-updates at lists.suse.com Mon Nov 26 10:09:37 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 18:09:37 +0100 (CET) Subject: SUSE-SU-2018:3908-1: moderate: Security update for dom4j Message-ID: <20181126170937.73B04FCA4@maintenance.suse.de> SUSE Security Update: Security update for dom4j ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3908-1 Rating: moderate References: #1105443 Cross-References: CVE-2018-1000632 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for dom4j fixes the following issues: - CVE-2018-1000632: Prevent XML injection that could have resulted in an attacker tampering with XML documents (bsc#1105443). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-8795=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): dom4j-1.6.1-4.3.2 dom4j-demo-1.6.1-4.3.2 dom4j-javadoc-1.6.1-4.3.2 dom4j-manual-1.6.1-4.3.2 References: https://www.suse.com/security/cve/CVE-2018-1000632.html https://bugzilla.suse.com/1105443 From sle-security-updates at lists.suse.com Mon Nov 26 13:08:47 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 21:08:47 +0100 (CET) Subject: SUSE-SU-2018:3909-1: important: Security update for postgresql94 Message-ID: <20181126200847.DD3CBFCA4@maintenance.suse.de> SUSE Security Update: Security update for postgresql94 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3909-1 Rating: important References: #1104199 Cross-References: CVE-2018-10915 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql94 to 9.4.19 fixes the following security issue: - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could have bypassed client-side connection security features, obtain access to higher privileged connections or potentially cause other impact SQL injection, by causing the PQescape() functions to malfunction (bsc#1104199). A dump/restore is not required for this update unless you use the functions query_to_xml, cursor_to_xml, cursor_to_xmlschema, query_to_xmlschema, and query_to_xml_and_xmlschema. In this case please see the first entry of https://www.postgresql.org/docs/9.4/static/release-9-4-18.html Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2779=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2779=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-2779=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2779=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2779=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2779=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2779=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 - SUSE OpenStack Cloud 7 (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 - SUSE Linux Enterprise Server for SAP 12-SP1 (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 - SUSE Linux Enterprise Server 12-LTSS (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Enterprise Storage 4 (noarch): postgresql94-docs-9.4.19-21.22.7 - SUSE Enterprise Storage 4 (x86_64): postgresql94-9.4.19-21.22.7 postgresql94-contrib-9.4.19-21.22.7 postgresql94-contrib-debuginfo-9.4.19-21.22.7 postgresql94-debuginfo-9.4.19-21.22.7 postgresql94-debugsource-9.4.19-21.22.7 postgresql94-server-9.4.19-21.22.7 postgresql94-server-debuginfo-9.4.19-21.22.7 References: https://www.suse.com/security/cve/CVE-2018-10915.html https://bugzilla.suse.com/1104199 From sle-security-updates at lists.suse.com Mon Nov 26 13:09:27 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 21:09:27 +0100 (CET) Subject: SUSE-SU-2018:3910-1: moderate: Security update for openssh Message-ID: <20181126200927.E0430FCA4@maintenance.suse.de> SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3910-1 Rating: moderate References: #1091396 #1105010 #964336 Cross-References: CVE-2018-15473 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Desktop 12-SP4 SUSE Linux Enterprise Desktop 12-SP3 SUSE Enterprise Storage 4 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15473: OpenSSH was prone to a user existance oracle vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. (bsc#1105010) The following non-security issues were fixed: - Stop leaking File descriptors (bsc#964336) - sftp-client.c returns wrong error code upon failure [bsc#1091396] Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2783=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2783=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2018-2783=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2783=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2783=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2783=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2018-2783=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2783=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2783=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2783=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE Enterprise Storage 4 (x86_64): openssh-7.2p2-74.30.1 openssh-askpass-gnome-7.2p2-74.30.1 openssh-askpass-gnome-debuginfo-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 openssh-fips-7.2p2-74.30.1 openssh-helpers-7.2p2-74.30.1 openssh-helpers-debuginfo-7.2p2-74.30.1 - SUSE CaaS Platform ALL (x86_64): openssh-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 - SUSE CaaS Platform 3.0 (x86_64): openssh-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): openssh-7.2p2-74.30.1 openssh-debuginfo-7.2p2-74.30.1 openssh-debugsource-7.2p2-74.30.1 References: https://www.suse.com/security/cve/CVE-2018-15473.html https://bugzilla.suse.com/1091396 https://bugzilla.suse.com/1105010 https://bugzilla.suse.com/964336 From sle-security-updates at lists.suse.com Mon Nov 26 13:10:26 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 21:10:26 +0100 (CET) Subject: SUSE-SU-2018:2451-2: moderate: Security update for procps Message-ID: <20181126201026.67167FCA4@maintenance.suse.de> SUSE Security Update: Security update for procps ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2451-2 Rating: moderate References: #1092100 Cross-References: CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL OpenStack Cloud Magnum Orchestration 7 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for procps fixes the following security issues: - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1696=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1696=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1696=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - OpenStack Cloud Magnum Orchestration 7: zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-1696=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): procps-debuginfo-3.3.9-11.14.1 procps-debugsource-3.3.9-11.14.1 procps-devel-3.3.9-11.14.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libprocps3-3.3.9-11.14.1 libprocps3-debuginfo-3.3.9-11.14.1 procps-3.3.9-11.14.1 procps-debuginfo-3.3.9-11.14.1 procps-debugsource-3.3.9-11.14.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libprocps3-3.3.9-11.14.1 libprocps3-debuginfo-3.3.9-11.14.1 procps-3.3.9-11.14.1 procps-debuginfo-3.3.9-11.14.1 procps-debugsource-3.3.9-11.14.1 - SUSE CaaS Platform ALL (x86_64): libprocps3-3.3.9-11.14.1 libprocps3-debuginfo-3.3.9-11.14.1 procps-3.3.9-11.14.1 procps-debuginfo-3.3.9-11.14.1 procps-debugsource-3.3.9-11.14.1 - OpenStack Cloud Magnum Orchestration 7 (x86_64): libprocps3-3.3.9-11.14.1 libprocps3-debuginfo-3.3.9-11.14.1 procps-3.3.9-11.14.1 procps-debuginfo-3.3.9-11.14.1 procps-debugsource-3.3.9-11.14.1 References: https://www.suse.com/security/cve/CVE-2018-1122.html https://www.suse.com/security/cve/CVE-2018-1123.html https://www.suse.com/security/cve/CVE-2018-1124.html https://www.suse.com/security/cve/CVE-2018-1125.html https://www.suse.com/security/cve/CVE-2018-1126.html https://bugzilla.suse.com/1092100 From sle-security-updates at lists.suse.com Mon Nov 26 13:11:15 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 21:11:15 +0100 (CET) Subject: SUSE-SU-2018:3911-1: moderate: Security update for tiff Message-ID: <20181126201115.179F8FCA4@maintenance.suse.de> SUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3911-1 Rating: moderate References: #1099257 #1113094 #1113672 Cross-References: CVE-2018-12900 CVE-2018-18557 CVE-2018-18661 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257). - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672). - CVE-2018-18557: Fixed JBIG decode can lead to out-of-bounds write (bsc#1113094). Non-security issues fixed: - asan_build: build ASAN included - debug_build: build more suitable for debugging Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2782=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2782=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2782=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-44.27.1 tiff-debuginfo-4.0.9-44.27.1 tiff-debugsource-4.0.9-44.27.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libtiff5-4.0.9-44.27.1 libtiff5-debuginfo-4.0.9-44.27.1 tiff-4.0.9-44.27.1 tiff-debuginfo-4.0.9-44.27.1 tiff-debugsource-4.0.9-44.27.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libtiff5-32bit-4.0.9-44.27.1 libtiff5-debuginfo-32bit-4.0.9-44.27.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libtiff5-32bit-4.0.9-44.27.1 libtiff5-4.0.9-44.27.1 libtiff5-debuginfo-32bit-4.0.9-44.27.1 libtiff5-debuginfo-4.0.9-44.27.1 tiff-debuginfo-4.0.9-44.27.1 tiff-debugsource-4.0.9-44.27.1 References: https://www.suse.com/security/cve/CVE-2018-12900.html https://www.suse.com/security/cve/CVE-2018-18557.html https://www.suse.com/security/cve/CVE-2018-18661.html https://bugzilla.suse.com/1099257 https://bugzilla.suse.com/1113094 https://bugzilla.suse.com/1113672 From sle-security-updates at lists.suse.com Mon Nov 26 13:12:08 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 21:12:08 +0100 (CET) Subject: SUSE-SU-2018:3912-1: moderate: Security update for qemu Message-ID: <20181126201208.3C07DFCA4@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3912-1 Rating: moderate References: #1106222 #1110910 #1111006 #1111010 #1111013 #1114422 Cross-References: CVE-2018-10839 CVE-2018-15746 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 CVE-2018-18849 Affected Products: SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS (bsc#1110910). - CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread (bsc#1106222). - CVE-2018-17958: Fixed a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used (bsc#1111006). - CVE-2018-17962: Fixed a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used (bsc#1111010). - CVE-2018-17963: Fixed qemu_deliver_packet_iov in net/net.c that accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111013) - CVE-2018-18849: Fixed an out of bounds memory access issue that was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin. It could occur during migration if the 'msg_len' field has an invalid value. A user/process could use this flaw to crash the Qemu process resulting in DoS (bsc#1114422). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2781=1 Package List: - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): qemu-2.0.2-48.46.2 qemu-block-curl-2.0.2-48.46.2 qemu-block-curl-debuginfo-2.0.2-48.46.2 qemu-debugsource-2.0.2-48.46.2 qemu-guest-agent-2.0.2-48.46.2 qemu-guest-agent-debuginfo-2.0.2-48.46.2 qemu-lang-2.0.2-48.46.2 qemu-tools-2.0.2-48.46.2 qemu-tools-debuginfo-2.0.2-48.46.2 - SUSE Linux Enterprise Server 12-LTSS (s390x x86_64): qemu-kvm-2.0.2-48.46.2 - SUSE Linux Enterprise Server 12-LTSS (ppc64le): qemu-ppc-2.0.2-48.46.2 qemu-ppc-debuginfo-2.0.2-48.46.2 - SUSE Linux Enterprise Server 12-LTSS (x86_64): qemu-block-rbd-2.0.2-48.46.2 qemu-block-rbd-debuginfo-2.0.2-48.46.2 qemu-x86-2.0.2-48.46.2 qemu-x86-debuginfo-2.0.2-48.46.2 - SUSE Linux Enterprise Server 12-LTSS (noarch): qemu-ipxe-1.0.0-48.46.2 qemu-seabios-1.7.4-48.46.2 qemu-sgabios-8-48.46.2 qemu-vgabios-1.7.4-48.46.2 - SUSE Linux Enterprise Server 12-LTSS (s390x): qemu-s390-2.0.2-48.46.2 qemu-s390-debuginfo-2.0.2-48.46.2 References: https://www.suse.com/security/cve/CVE-2018-10839.html https://www.suse.com/security/cve/CVE-2018-15746.html https://www.suse.com/security/cve/CVE-2018-17958.html https://www.suse.com/security/cve/CVE-2018-17962.html https://www.suse.com/security/cve/CVE-2018-17963.html https://www.suse.com/security/cve/CVE-2018-18849.html https://bugzilla.suse.com/1106222 https://bugzilla.suse.com/1110910 https://bugzilla.suse.com/1111006 https://bugzilla.suse.com/1111010 https://bugzilla.suse.com/1111013 https://bugzilla.suse.com/1114422 From sle-security-updates at lists.suse.com Mon Nov 26 13:13:22 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Mon, 26 Nov 2018 21:13:22 +0100 (CET) Subject: SUSE-SU-2018:3913-1: moderate: Security update for glib2 Message-ID: <20181126201322.A7F43FCA4@maintenance.suse.de> SUSE Security Update: Security update for glib2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3913-1 Rating: moderate References: #1107116 #1107121 #1111499 Cross-References: CVE-2018-16428 CVE-2018-16429 Affected Products: SUSE Linux Enterprise Module for Packagehub Subpackages 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for glib2 fixes the following issues: Security issues fixed: - CVE-2018-16428: Do not do a NULL pointer dereference (crash). Avoid that, at the cost of introducing a new translatable error message (bsc#1107121). - CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116). Non-security issue fixed: - various GVariant parsing issues have been resolved (bsc#1111499) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Packagehub Subpackages 15: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2780=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2780=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2780=1 Package List: - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (x86_64): glib2-debugsource-2.54.3-4.7.1 glib2-devel-32bit-2.54.3-4.7.1 glib2-devel-32bit-debuginfo-2.54.3-4.7.1 glib2-tools-32bit-2.54.3-4.7.1 glib2-tools-32bit-debuginfo-2.54.3-4.7.1 libgthread-2_0-0-32bit-2.54.3-4.7.1 libgthread-2_0-0-32bit-debuginfo-2.54.3-4.7.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): glib2-debugsource-2.54.3-4.7.1 glib2-devel-static-2.54.3-4.7.1 libgio-fam-2.54.3-4.7.1 libgio-fam-debuginfo-2.54.3-4.7.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): gio-branding-upstream-2.54.3-4.7.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): glib2-debugsource-2.54.3-4.7.1 glib2-devel-2.54.3-4.7.1 glib2-devel-debuginfo-2.54.3-4.7.1 glib2-tools-2.54.3-4.7.1 glib2-tools-debuginfo-2.54.3-4.7.1 libgio-2_0-0-2.54.3-4.7.1 libgio-2_0-0-debuginfo-2.54.3-4.7.1 libglib-2_0-0-2.54.3-4.7.1 libglib-2_0-0-debuginfo-2.54.3-4.7.1 libgmodule-2_0-0-2.54.3-4.7.1 libgmodule-2_0-0-debuginfo-2.54.3-4.7.1 libgobject-2_0-0-2.54.3-4.7.1 libgobject-2_0-0-debuginfo-2.54.3-4.7.1 libgthread-2_0-0-2.54.3-4.7.1 libgthread-2_0-0-debuginfo-2.54.3-4.7.1 - SUSE Linux Enterprise Module for Basesystem 15 (noarch): glib2-lang-2.54.3-4.7.1 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): libgio-2_0-0-32bit-2.54.3-4.7.1 libgio-2_0-0-32bit-debuginfo-2.54.3-4.7.1 libglib-2_0-0-32bit-2.54.3-4.7.1 libglib-2_0-0-32bit-debuginfo-2.54.3-4.7.1 libgmodule-2_0-0-32bit-2.54.3-4.7.1 libgmodule-2_0-0-32bit-debuginfo-2.54.3-4.7.1 libgobject-2_0-0-32bit-2.54.3-4.7.1 libgobject-2_0-0-32bit-debuginfo-2.54.3-4.7.1 References: https://www.suse.com/security/cve/CVE-2018-16428.html https://www.suse.com/security/cve/CVE-2018-16429.html https://bugzilla.suse.com/1107116 https://bugzilla.suse.com/1107121 https://bugzilla.suse.com/1111499 From sle-security-updates at lists.suse.com Tue Nov 27 04:13:16 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 12:13:16 +0100 (CET) Subject: SUSE-SU-2018:3920-1: important: Security update for java-1_7_0-ibm Message-ID: <20181127111316.BDB03FCA4@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3920-1 Rating: important References: #1116574 Cross-References: CVE-2018-13785 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 Affected Products: SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: java-1_7_0-ibm is updated to Java 7.0 Service Refresh 10 Fix Pack 35 (bsc#1116574): * Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT - IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT - IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK???S CACERTS * Java Virtual Machine - IJ10931 CVE-2018-3169 * JIT Compiler - IJ08205 CRASH WHILE COMPILING * Security - IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY - IJ10491 AES/GCM CIPHER ??? AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( ) - IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE - IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER ??? INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS - IJ10136 IBMPKCS11IMPL ??? INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX - IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER - IJ08723 JAAS THROWS A ???ARRAY INDEX OUT OF RANGE??? EXCEPTION - IJ08704 THE SECURITY PROPERTY ???JDK.CERTPATH.DISABLEDAL GORITHMS??? IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS - PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-java-1_7_0-ibm-13882=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-java-1_7_0-ibm-13882=1 Package List: - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): java-1_7_0-ibm-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-devel-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.35-65.31.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): java-1_7_0-ibm-alsa-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-plugin-1.7.0_sr10.35-65.31.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): java-1_7_0-ibm-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-alsa-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-devel-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-jdbc-1.7.0_sr10.35-65.31.1 java-1_7_0-ibm-plugin-1.7.0_sr10.35-65.31.1 References: https://www.suse.com/security/cve/CVE-2018-13785.html https://www.suse.com/security/cve/CVE-2018-3136.html https://www.suse.com/security/cve/CVE-2018-3139.html https://www.suse.com/security/cve/CVE-2018-3149.html https://www.suse.com/security/cve/CVE-2018-3169.html https://www.suse.com/security/cve/CVE-2018-3180.html https://www.suse.com/security/cve/CVE-2018-3214.html https://bugzilla.suse.com/1116574 From sle-security-updates at lists.suse.com Tue Nov 27 04:13:58 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 12:13:58 +0100 (CET) Subject: SUSE-SU-2018:3921-1: important: Security update for java-1_7_1-ibm Message-ID: <20181127111358.301E7FCA4@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3921-1 Rating: important References: #1116574 Cross-References: CVE-2018-13785 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 (bsc#1116574): * Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API * Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT - IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT - IJ08569 JAVA.IO.IOEXCEPTION OCCURS WHEN A FILECHANNEL IS BIGGER THAN 2GB ON AIX PLATFORM - IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK???S CACERTS. * Java Virtual Machine - IJ10931 CVE-2018-3169 - IV91132 SOME CORE PATTERN SPECIFIERS ARE NOT HANDLED BY THE JVM ON LINUX * JIT Compiler - IJ08205 CRASH WHILE COMPILING - IJ07886 INCORRECT CALUCATIONS WHEN USING NUMBERFORMAT.FORMAT() AND BIGDECIMAL.{FLOAT/DOUBLE }VALUE() * ORB - IX90187 CLIENTREQUESTIMPL.REINVO KE FAILS WITH JAVA.LANG.INDEXOUTOFBOUN DSEXCEPTION * Security - IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY - IJ10491 AES/GCM CIPHER ??? AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( ) - IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE - IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER ??? INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS - IJ10136 IBMPKCS11IMPL ??? INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX - IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER - IJ08723 JAAS THROWS A ???ARRAY INDEX OUT OF RANGE??? EXCEPTION - IJ08704 THE SECURITY PROPERTY ???JDK.CERTPATH.DISABLEDAL GORITHMS??? IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS * z/OS Extentions - PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-java-1_7_1-ibm-13883=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-java-1_7_1-ibm-13883=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.35-26.32.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-26.32.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-26.32.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-26.32.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-26.32.1 References: https://www.suse.com/security/cve/CVE-2018-13785.html https://www.suse.com/security/cve/CVE-2018-3136.html https://www.suse.com/security/cve/CVE-2018-3139.html https://www.suse.com/security/cve/CVE-2018-3149.html https://www.suse.com/security/cve/CVE-2018-3169.html https://www.suse.com/security/cve/CVE-2018-3180.html https://www.suse.com/security/cve/CVE-2018-3214.html https://bugzilla.suse.com/1116574 From sle-security-updates at lists.suse.com Tue Nov 27 10:08:48 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 18:08:48 +0100 (CET) Subject: SUSE-SU-2018:3923-1: moderate: Security update for dpdk Message-ID: <20181127170848.2CFF8FCD3@maintenance.suse.de> SUSE Security Update: Security update for dpdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3923-1 Rating: moderate References: #1069601 #1073363 #1089638 #1102310 Cross-References: CVE-2018-1059 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for dpdk to version 16.11.8 provides the following security fix: - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application (ovs-dpdk) memory which could have lead all VM to lose connectivity (bsc#1089638) and following non-security fixes: - Enable the broadcom chipset family Broadcom NetXtreme II BCM57810 (bsc#1073363) - Fix a latency problem by using cond_resched rather than schedule_timeout_interruptible (bsc#1069601) - Fix a syntax error affecting csh environment configuration (bsc#1102310) - Fixes in net/bnxt: * Fix HW Tx checksum offload check * Fix incorrect IO address handling in Tx * Fix Rx ring count limitation * Check access denied for HWRM commands * Fix RETA size * Fix close operation - Fixes in eal/linux: * Fix an invalid syntax in interrupts * Fix return codes on thread naming failure - Fixes in kni: * Fix crash with null name * Fix build with gcc 8.1 - Fixes in net/thunderx: * Fix build with gcc optimization on * Avoid sq door bell write on zero packet - net/bonding: Fix MAC address reset - vhost: Fix missing increment of log cache count Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2795=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2795=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le x86_64): dpdk-debuginfo-16.11.8-8.10.2 dpdk-debugsource-16.11.8-8.10.2 dpdk-devel-16.11.8-8.10.2 dpdk-devel-debuginfo-16.11.8-8.10.2 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64): dpdk-thunderx-debuginfo-16.11.8-8.10.2 dpdk-thunderx-debugsource-16.11.8-8.10.2 dpdk-thunderx-devel-16.11.8-8.10.2 dpdk-thunderx-devel-debuginfo-16.11.8-8.10.2 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le x86_64): dpdk-16.11.8-8.10.2 dpdk-debuginfo-16.11.8-8.10.2 dpdk-debugsource-16.11.8-8.10.2 dpdk-tools-16.11.8-8.10.2 - SUSE Linux Enterprise Server 12-SP3 (aarch64): dpdk-thunderx-16.11.8-8.10.2 dpdk-thunderx-debuginfo-16.11.8-8.10.2 dpdk-thunderx-debugsource-16.11.8-8.10.2 dpdk-thunderx-kmp-default-16.11.8_k4.4.156_94.64-8.10.2 dpdk-thunderx-kmp-default-debuginfo-16.11.8_k4.4.156_94.64-8.10.2 - SUSE Linux Enterprise Server 12-SP3 (x86_64): dpdk-kmp-default-16.11.8_k4.4.156_94.64-8.10.2 dpdk-kmp-default-debuginfo-16.11.8_k4.4.156_94.64-8.10.2 References: https://www.suse.com/security/cve/CVE-2018-1059.html https://bugzilla.suse.com/1069601 https://bugzilla.suse.com/1073363 https://bugzilla.suse.com/1089638 https://bugzilla.suse.com/1102310 From sle-security-updates at lists.suse.com Tue Nov 27 10:10:08 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 18:10:08 +0100 (CET) Subject: SUSE-SU-2018:3924-1: moderate: Security update for python-oslo.cache, python-oslo.concurrency, python-oslo.db, python-oslo.log, python-oslo.messaging, python-oslo.middleware, python-oslo.serialization, python-oslo.service, python-oslo.utils, python-oslo.versionedobjects, python-oslo.vmware, python-oslotest Message-ID: <20181127171008.EE64BFFE3@maintenance.suse.de> SUSE Security Update: Security update for python-oslo.cache, python-oslo.concurrency, python-oslo.db, python-oslo.log, python-oslo.messaging, python-oslo.middleware, python-oslo.serialization, python-oslo.service, python-oslo.utils, python-oslo.versionedobjects, python-oslo.vmware, python-oslotest ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3924-1 Rating: moderate References: #1022043 #1109756 Cross-References: CVE-2017-2592 Affected Products: SUSE OpenStack Cloud 7 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for python-oslo.cache, python-oslo.concurrency, python-oslo.db, python-oslo.log, python-oslo.messaging, python-oslo.middleware, python-oslo.serialization, python-oslo.service, python-oslo.utils, python-oslo.versionedobjects, python-oslo.vmware, python-oslotest fixes the following issues: python-oslo.cache was updated to 1.14.1: - use stable/newton constraints python-oslo.concurrency was updated to version 3.14.1: - Ignore prlimit argument on Windows - Update .gitreview for stable/newton python-oslo.db was updated to version 4.13.6: - Fix marker checking when value is None python-oslo.log was updated to version 3.16.1: - Fix races in unit tests python-oslo.messaging was updated to fix: - Skip logging sensitive information to avoid credential leak - Avoid reconnect to the same AMQP server while trying to error handle the original server error (bsc#1109756) python-oslo.middleware was updated to version 3.19.1: - Filter token data out of catch_errors middleware (CVE-2017-2592 bsc#1022043) python-oslo.serialization was updated to version 2.13.2: - Don't iterate through addresses in netaddr.IPNetwork python-oslo.service was updated to version 1.16.1: - Fix race condition with fast threads python-oslo.utils was updated to version 3.16.1: - Updated from global requirements python-oslo.versionedobjects was updated to version 1.17.1: - update from global requirements python-oslo.vmware was updated to version 2.14.1: - Updated from global requirements python-oslotest was updated to version 2.10.1: - Updated from global requirements Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2796=1 Package List: - SUSE OpenStack Cloud 7 (noarch): python-oslo.cache-1.14.1-3.3.3 python-oslo.concurrency-3.14.1-3.3.3 python-oslo.db-4.13.6-3.3.3 python-oslo.log-3.16.1-3.3.3 python-oslo.messaging-5.10.2-3.6.3 python-oslo.middleware-3.19.1-4.3.4 python-oslo.serialization-2.13.2-3.3.3 python-oslo.service-1.16.1-3.3.1 python-oslo.utils-3.16.1-3.3.3 python-oslo.versionedobjects-1.17.1-3.3.1 python-oslo.vmware-2.14.1-3.3.1 python-oslotest-2.10.1-3.3.1 References: https://www.suse.com/security/cve/CVE-2017-2592.html https://bugzilla.suse.com/1022043 https://bugzilla.suse.com/1109756 From sle-security-updates at lists.suse.com Tue Nov 27 10:10:58 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 18:10:58 +0100 (CET) Subject: SUSE-SU-2018:3925-1: moderate: Security update for tiff Message-ID: <20181127171058.66688FCD3@maintenance.suse.de> SUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3925-1 Rating: moderate References: #1099257 #1113094 #1113672 Cross-References: CVE-2018-12900 CVE-2018-18557 CVE-2018-18661 Affected Products: SUSE Linux Enterprise Module for Packagehub Subpackages 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf (bsc#1099257). - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c (bsc#1113672). - CVE-2018-18557: Fixed JBIG decode can lead to out-of-bounds write (bsc#1113094). Non-security issues fixed: - asan_build: build ASAN included - debug_build: build more suitable for debugging Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Packagehub Subpackages 15: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2793=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2793=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2793=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2793=1 Package List: - SUSE Linux Enterprise Module for Packagehub Subpackages 15 (aarch64 ppc64le s390x x86_64): tiff-4.0.9-5.17.1 tiff-debuginfo-4.0.9-5.17.1 tiff-debugsource-4.0.9-5.17.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): tiff-4.0.9-5.17.1 tiff-debuginfo-4.0.9-5.17.1 tiff-debugsource-4.0.9-5.17.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (x86_64): libtiff5-32bit-4.0.9-5.17.1 libtiff5-32bit-debuginfo-4.0.9-5.17.1 tiff-debugsource-4.0.9-5.17.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-5.17.1 libtiff5-4.0.9-5.17.1 libtiff5-debuginfo-4.0.9-5.17.1 tiff-debuginfo-4.0.9-5.17.1 tiff-debugsource-4.0.9-5.17.1 References: https://www.suse.com/security/cve/CVE-2018-12900.html https://www.suse.com/security/cve/CVE-2018-18557.html https://www.suse.com/security/cve/CVE-2018-18661.html https://bugzilla.suse.com/1099257 https://bugzilla.suse.com/1113094 https://bugzilla.suse.com/1113672 From sle-security-updates at lists.suse.com Tue Nov 27 10:12:01 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 18:12:01 +0100 (CET) Subject: SUSE-SU-2018:3926-1: moderate: Security update for util-linux Message-ID: <20181127171201.9B85EFCD3@maintenance.suse.de> SUSE Security Update: Security update for util-linux ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3926-1 Rating: moderate References: #1072947 #1078662 #1080740 #1084300 Cross-References: CVE-2018-7738 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user (bsc#1084300). These non-security issues were fixed: - Fixed crash loop in lscpu (bsc#1072947). - Fixed possible segfault of umount -a - Fixed mount -a on NFS bind mounts (bsc#1080740). - Fixed lsblk on NVMe (bsc#1078662). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP3: zypper in -t patch SUSE-SLE-WE-12-SP3-2018-1618=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1618=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1618=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1618=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64): libuuid-devel-2.29.2-3.12.1 util-linux-debuginfo-2.29.2-3.12.1 util-linux-debugsource-2.29.2-3.12.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libblkid-devel-2.29.2-3.12.1 libmount-devel-2.29.2-3.12.1 libsmartcols-devel-2.29.2-3.12.1 libuuid-devel-2.29.2-3.12.1 util-linux-debuginfo-2.29.2-3.12.1 util-linux-debugsource-2.29.2-3.12.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libblkid1-2.29.2-3.12.1 libblkid1-debuginfo-2.29.2-3.12.1 libfdisk1-2.29.2-3.12.1 libfdisk1-debuginfo-2.29.2-3.12.1 libmount1-2.29.2-3.12.1 libmount1-debuginfo-2.29.2-3.12.1 libsmartcols1-2.29.2-3.12.1 libsmartcols1-debuginfo-2.29.2-3.12.1 libuuid1-2.29.2-3.12.1 libuuid1-debuginfo-2.29.2-3.12.1 python-libmount-2.29.2-3.12.1 python-libmount-debuginfo-2.29.2-3.12.1 python-libmount-debugsource-2.29.2-3.12.1 util-linux-2.29.2-3.12.1 util-linux-debuginfo-2.29.2-3.12.1 util-linux-debugsource-2.29.2-3.12.1 util-linux-systemd-2.29.2-3.12.1 util-linux-systemd-debuginfo-2.29.2-3.12.1 util-linux-systemd-debugsource-2.29.2-3.12.1 uuidd-2.29.2-3.12.1 uuidd-debuginfo-2.29.2-3.12.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libblkid1-32bit-2.29.2-3.12.1 libblkid1-debuginfo-32bit-2.29.2-3.12.1 libmount1-32bit-2.29.2-3.12.1 libmount1-debuginfo-32bit-2.29.2-3.12.1 libuuid1-32bit-2.29.2-3.12.1 libuuid1-debuginfo-32bit-2.29.2-3.12.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): util-linux-lang-2.29.2-3.12.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libblkid1-2.29.2-3.12.1 libblkid1-32bit-2.29.2-3.12.1 libblkid1-debuginfo-2.29.2-3.12.1 libblkid1-debuginfo-32bit-2.29.2-3.12.1 libfdisk1-2.29.2-3.12.1 libfdisk1-debuginfo-2.29.2-3.12.1 libmount1-2.29.2-3.12.1 libmount1-32bit-2.29.2-3.12.1 libmount1-debuginfo-2.29.2-3.12.1 libmount1-debuginfo-32bit-2.29.2-3.12.1 libsmartcols1-2.29.2-3.12.1 libsmartcols1-debuginfo-2.29.2-3.12.1 libuuid-devel-2.29.2-3.12.1 libuuid1-2.29.2-3.12.1 libuuid1-32bit-2.29.2-3.12.1 libuuid1-debuginfo-2.29.2-3.12.1 libuuid1-debuginfo-32bit-2.29.2-3.12.1 python-libmount-2.29.2-3.12.1 python-libmount-debuginfo-2.29.2-3.12.1 python-libmount-debugsource-2.29.2-3.12.1 util-linux-2.29.2-3.12.1 util-linux-debuginfo-2.29.2-3.12.1 util-linux-debugsource-2.29.2-3.12.1 util-linux-systemd-2.29.2-3.12.1 util-linux-systemd-debuginfo-2.29.2-3.12.1 util-linux-systemd-debugsource-2.29.2-3.12.1 uuidd-2.29.2-3.12.1 uuidd-debuginfo-2.29.2-3.12.1 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): util-linux-lang-2.29.2-3.12.1 - SUSE CaaS Platform ALL (x86_64): libblkid1-2.29.2-3.12.1 libblkid1-debuginfo-2.29.2-3.12.1 libfdisk1-2.29.2-3.12.1 libfdisk1-debuginfo-2.29.2-3.12.1 libmount1-2.29.2-3.12.1 libmount1-debuginfo-2.29.2-3.12.1 libsmartcols1-2.29.2-3.12.1 libsmartcols1-debuginfo-2.29.2-3.12.1 libuuid1-2.29.2-3.12.1 libuuid1-debuginfo-2.29.2-3.12.1 util-linux-2.29.2-3.12.1 util-linux-debuginfo-2.29.2-3.12.1 util-linux-debugsource-2.29.2-3.12.1 util-linux-systemd-2.29.2-3.12.1 util-linux-systemd-debuginfo-2.29.2-3.12.1 util-linux-systemd-debugsource-2.29.2-3.12.1 - SUSE CaaS Platform 3.0 (x86_64): libblkid1-2.29.2-3.12.1 libblkid1-debuginfo-2.29.2-3.12.1 libfdisk1-2.29.2-3.12.1 libfdisk1-debuginfo-2.29.2-3.12.1 libmount1-2.29.2-3.12.1 libmount1-debuginfo-2.29.2-3.12.1 libsmartcols1-2.29.2-3.12.1 libsmartcols1-debuginfo-2.29.2-3.12.1 libuuid1-2.29.2-3.12.1 libuuid1-debuginfo-2.29.2-3.12.1 util-linux-2.29.2-3.12.1 util-linux-debuginfo-2.29.2-3.12.1 util-linux-debugsource-2.29.2-3.12.1 util-linux-systemd-2.29.2-3.12.1 util-linux-systemd-debuginfo-2.29.2-3.12.1 util-linux-systemd-debugsource-2.29.2-3.12.1 References: https://www.suse.com/security/cve/CVE-2018-7738.html https://bugzilla.suse.com/1072947 https://bugzilla.suse.com/1078662 https://bugzilla.suse.com/1080740 https://bugzilla.suse.com/1084300 From sle-security-updates at lists.suse.com Tue Nov 27 10:13:19 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 18:13:19 +0100 (CET) Subject: SUSE-SU-2018:3927-1: important: Security update for qemu Message-ID: <20181127171319.908B3FCD3@maintenance.suse.de> SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3927-1 Rating: important References: #1106222 #1107489 #1110910 #1111006 #1111010 #1111013 #1112499 #1114422 #1114529 Cross-References: CVE-2018-10839 CVE-2018-15746 CVE-2018-16847 CVE-2018-17958 CVE-2018-17962 CVE-2018-17963 CVE-2018-18849 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has two fixes is now available. Description: This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS (bsc#1110910). - CVE-2018-15746: Fixed qemu-seccomp.c that might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread (bsc#1106222). - CVE-2018-16847: Fixed an OOB heap buffer r/w access issue that was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process (bsc#1114529). - CVE-2018-17958: Fixed a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used (bsc#1111006). - CVE-2018-17962: Fixed a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used (bsc#1111010). - CVE-2018-17963: Fixed qemu_deliver_packet_iov in net/net.c that accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. (bsc#1111013) - CVE-2018-18849: Fixed an out of bounds memory access issue that was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin. It could occur during migration if the 'msg_len' field has an invalid value. A user/process could use this flaw to crash the Qemu process resulting in DoS (bsc#1114422). Non-security issues fixed: - Fix slowness in arm32 emulation (bsc#1112499). - In order to improve spectre mitigation for s390x, add a new feature in the QEMU cpu model to provide the etoken cpu feature for guests (bsc#1107489). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2018-2794=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2794=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2794=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): qemu-2.11.2-9.12.2 qemu-block-curl-2.11.2-9.12.2 qemu-block-curl-debuginfo-2.11.2-9.12.2 qemu-block-iscsi-2.11.2-9.12.2 qemu-block-iscsi-debuginfo-2.11.2-9.12.2 qemu-block-rbd-2.11.2-9.12.2 qemu-block-rbd-debuginfo-2.11.2-9.12.2 qemu-block-ssh-2.11.2-9.12.2 qemu-block-ssh-debuginfo-2.11.2-9.12.2 qemu-debuginfo-2.11.2-9.12.2 qemu-debugsource-2.11.2-9.12.2 qemu-guest-agent-2.11.2-9.12.2 qemu-guest-agent-debuginfo-2.11.2-9.12.2 qemu-lang-2.11.2-9.12.2 - SUSE Linux Enterprise Module for Server Applications 15 (s390x x86_64): qemu-kvm-2.11.2-9.12.2 - SUSE Linux Enterprise Module for Server Applications 15 (aarch64): qemu-arm-2.11.2-9.12.2 qemu-arm-debuginfo-2.11.2-9.12.2 - SUSE Linux Enterprise Module for Server Applications 15 (ppc64le): qemu-ppc-2.11.2-9.12.2 qemu-ppc-debuginfo-2.11.2-9.12.2 - SUSE Linux Enterprise Module for Server Applications 15 (x86_64): qemu-x86-2.11.2-9.12.2 qemu-x86-debuginfo-2.11.2-9.12.2 - SUSE Linux Enterprise Module for Server Applications 15 (noarch): qemu-ipxe-1.0.0+-9.12.2 qemu-seabios-1.11.0-9.12.2 qemu-sgabios-8-9.12.2 qemu-vgabios-1.11.0-9.12.2 - SUSE Linux Enterprise Module for Server Applications 15 (s390x): qemu-s390-2.11.2-9.12.2 qemu-s390-debuginfo-2.11.2-9.12.2 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): qemu-block-dmg-2.11.2-9.12.2 qemu-block-dmg-debuginfo-2.11.2-9.12.2 qemu-debuginfo-2.11.2-9.12.2 qemu-debugsource-2.11.2-9.12.2 qemu-extra-2.11.2-9.12.2 qemu-extra-debuginfo-2.11.2-9.12.2 qemu-linux-user-2.11.2-9.12.1 qemu-linux-user-debuginfo-2.11.2-9.12.1 qemu-linux-user-debugsource-2.11.2-9.12.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): qemu-debuginfo-2.11.2-9.12.2 qemu-debugsource-2.11.2-9.12.2 qemu-tools-2.11.2-9.12.2 qemu-tools-debuginfo-2.11.2-9.12.2 References: https://www.suse.com/security/cve/CVE-2018-10839.html https://www.suse.com/security/cve/CVE-2018-15746.html https://www.suse.com/security/cve/CVE-2018-16847.html https://www.suse.com/security/cve/CVE-2018-17958.html https://www.suse.com/security/cve/CVE-2018-17962.html https://www.suse.com/security/cve/CVE-2018-17963.html https://www.suse.com/security/cve/CVE-2018-18849.html https://bugzilla.suse.com/1106222 https://bugzilla.suse.com/1107489 https://bugzilla.suse.com/1110910 https://bugzilla.suse.com/1111006 https://bugzilla.suse.com/1111010 https://bugzilla.suse.com/1111013 https://bugzilla.suse.com/1112499 https://bugzilla.suse.com/1114422 https://bugzilla.suse.com/1114529 From sle-security-updates at lists.suse.com Tue Nov 27 13:10:38 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Tue, 27 Nov 2018 21:10:38 +0100 (CET) Subject: SUSE-SU-2018:3928-1: moderate: Security update for rubygem-loofah Message-ID: <20181127201038.DC221FCD3@maintenance.suse.de> SUSE Security Update: Security update for rubygem-loofah ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3928-1 Rating: moderate References: #1113969 Cross-References: CVE-2018-16468 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise High Availability 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-loofah fixes the following issues: Security issue fixed: - CVE-2018-16468: Fixed XXS by removing the svg animate attribute `from` from the allowlist (bsc#1113969). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2797=1 - SUSE Linux Enterprise High Availability 15: zypper in -t patch SUSE-SLE-Product-HA-15-2018-2797=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-doc-2.2.2-4.3.1 ruby2.5-rubygem-loofah-testsuite-2.2.2-4.3.1 - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-4.3.1 References: https://www.suse.com/security/cve/CVE-2018-16468.html https://bugzilla.suse.com/1113969 From sle-security-updates at lists.suse.com Wed Nov 28 07:08:47 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 28 Nov 2018 15:08:47 +0100 (CET) Subject: SUSE-SU-2018:3933-1: important: Security update for java-1_7_1-ibm Message-ID: <20181128140847.5E2FDFCD3@maintenance.suse.de> SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3933-1 Rating: important References: #1116574 Cross-References: CVE-2018-13785 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Enterprise Storage 4 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: java-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 (bsc#1116574): * Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API * Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-3149 - IJ10894 CVE-2018-3180 - IJ10933 CVE-2018-3214 - IJ09315 FLOATING POINT EXCEPTION FROM JAVA.TEXT.DECIMALFORMAT. FORMAT - IJ09088 INTRODUCING A NEW PROPERTY FOR TURKEY TIMEZONE FOR PRODUCTS NOT IDENTIFYING TRT - IJ08569 JAVA.IO.IOEXCEPTION OCCURS WHEN A FILECHANNEL IS BIGGER THAN 2GB ON AIX PLATFORM - IJ10800 REMOVE EXPIRING ROOT CERTIFICATES IN IBM JDK???S CACERTS. * Java Virtual Machine - IJ10931 CVE-2018-3169 - IV91132 SOME CORE PATTERN SPECIFIERS ARE NOT HANDLED BY THE JVM ON LINUX * JIT Compiler - IJ08205 CRASH WHILE COMPILING - IJ07886 INCORRECT CALUCATIONS WHEN USING NUMBERFORMAT.FORMAT() AND BIGDECIMAL.{FLOAT/DOUBLE }VALUE() * ORB - IX90187 CLIENTREQUESTIMPL.REINVO KE FAILS WITH JAVA.LANG.INDEXOUTOFBOUN DSEXCEPTION * Security - IJ10492 'EC KEYSIZE < 384' IS NOT HONORED USING THE 'JDK.TLS.DISABLEDALGORIT HMS' SECURITY PROPERTY - IJ10491 AES/GCM CIPHER ??? AAD NOT RESET TO UN-INIT STATE AFTER DOFINAL( ) AND INIT( ) - IJ08442 HTTP PUBLIC KEY PINNING FINGERPRINT,PROBLEM WITH CONVERTING TO JKS KEYSTORE - IJ09107 IBMPKCS11IMPL CRYPTO PROVIDER ??? INTERMITTENT ERROR WITH SECP521R1 SIGNATURE ON Z/OS - IJ10136 IBMPKCS11IMPL ??? INTERMITTENT ERROR WITH SECP521R1 SIG ON Z/OS AND Z/LINUX - IJ08530 IBMPKCS11IMPL PROVIDER USES THE WRONG RSA CIPHER MECHANISM FOR THE RSA/ECB/PKCS1PADDING CIPHER - IJ08723 JAAS THROWS A ???ARRAY INDEX OUT OF RANGE??? EXCEPTION - IJ08704 THE SECURITY PROPERTY ???JDK.CERTPATH.DISABLEDAL GORITHMS??? IS MISTAKENLY BEING USED TO FILTER JAR SIGNING ALGORITHMS * z/OS Extentions - PH01244 OUTPUT BUFFER TOO SHORT FOR GCM MODE ENCRYPTION USING IBMJCEHYBRID Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2802=1 - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2018-2802=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2802=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2802=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2018-2802=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2802=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2802=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2802=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2802=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2018-2802=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2018-2802=1 Package List: - SUSE OpenStack Cloud 7 (s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE OpenStack Cloud 7 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Software Development Kit 12-SP4 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP4 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP4 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP3 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP3 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 - SUSE Enterprise Storage 4 (x86_64): java-1_7_1-ibm-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29.1 java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29.1 References: https://www.suse.com/security/cve/CVE-2018-13785.html https://www.suse.com/security/cve/CVE-2018-3136.html https://www.suse.com/security/cve/CVE-2018-3139.html https://www.suse.com/security/cve/CVE-2018-3149.html https://www.suse.com/security/cve/CVE-2018-3169.html https://www.suse.com/security/cve/CVE-2018-3180.html https://www.suse.com/security/cve/CVE-2018-3214.html https://bugzilla.suse.com/1116574 From sle-security-updates at lists.suse.com Wed Nov 28 07:09:24 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 28 Nov 2018 15:09:24 +0100 (CET) Subject: SUSE-SU-2018:3011-2: moderate: Security update for tomcat Message-ID: <20181128140924.CBA90FCD3@maintenance.suse.de> SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3011-2 Rating: moderate References: #1067720 #1093697 #1102379 #1102400 #1102410 Cross-References: CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-8037 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for tomcat to version 9.0.10 fixes the following issues: Security issues fixed: - CVE-2018-1336: An improper handing of overflow in the UTF-8 decoder with supplementary characters could have lead to an infinite loop in the decoder causing a Denial of Service (bsc#1102400). - CVE-2018-8014: Fix insecure default CORS filter settings (bsc#1093697). - CVE-2018-8034: The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default (bsc#1102379). - CVE-2018-8037: If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could have resulted in a user seeing a response intended for a different user. An additional issue was present in the NIO and NIO2 connectors that did not correctly track the closure of the connection when an async request was completed by the application and timed out by the container at the same time. This could also have resulted in a user seeing a response intended for another user (bsc#1102410). Bug fixes: - Avoid overwriting of customer's configuration during update (bsc#1067720) - Disable adding OSGi metadata to JAR files - See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt ) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2018-2145=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): tomcat-docs-webapp-9.0.10-3.7.1 tomcat-embed-9.0.10-3.7.1 tomcat-javadoc-9.0.10-3.7.1 tomcat-jsvc-9.0.10-3.7.1 References: https://www.suse.com/security/cve/CVE-2018-1336.html https://www.suse.com/security/cve/CVE-2018-8014.html https://www.suse.com/security/cve/CVE-2018-8034.html https://www.suse.com/security/cve/CVE-2018-8037.html https://bugzilla.suse.com/1067720 https://bugzilla.suse.com/1093697 https://bugzilla.suse.com/1102379 https://bugzilla.suse.com/1102400 https://bugzilla.suse.com/1102410 From sle-security-updates at lists.suse.com Wed Nov 28 07:10:45 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 28 Nov 2018 15:10:45 +0100 (CET) Subject: SUSE-SU-2018:3934-1: important: Security update for the Linux Kernel Message-ID: <20181128141045.A1E6CFCD3@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3934-1 Rating: important References: #1051510 #1055120 #1061840 #1065600 #1066674 #1067906 #1076830 #1079524 #1083647 #1084760 #1084831 #1086196 #1091800 #1094825 #1095805 #1100132 #1101138 #1103356 #1103543 #1103925 #1104124 #1104731 #1105025 #1105428 #1105536 #1106110 #1106237 #1106240 #1106287 #1106359 #1106838 #1108377 #1108468 #1108870 #1109330 #1109739 #1109772 #1109784 #1109806 #1109818 #1109907 #1109911 #1109915 #1109919 #1109951 #1110006 #1111040 #1111076 #1111506 #1111806 #1111811 #1111819 #1111830 #1111834 #1111841 #1111870 #1111901 #1111904 #1111921 #1111928 #1111983 #1112170 #1112173 #1112208 #1112219 #1112221 #1112246 #1112372 #1112514 #1112554 #1112708 #1112710 #1112711 #1112712 #1112713 #1112731 #1112732 #1112733 #1112734 #1112735 #1112736 #1112738 #1112739 #1112740 #1112741 #1112743 #1112745 #1112746 #1112878 #1112894 #1112899 #1112902 #1112903 #1112905 #1112906 #1112907 #1113257 #1113284 #1113295 #1113408 #1113667 #1113722 #1113751 #1113780 #1113972 #1114279 Cross-References: CVE-2017-16533 CVE-2017-18224 CVE-2018-18386 CVE-2018-18445 CVE-2018-18710 Affected Products: SUSE Linux Enterprise Server 12-SP4 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 101 fixes is now available. Description: The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751). - CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372). - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). - CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831). - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674). The following non-security bugs were fixed: - acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#112128). - acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510). - aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes). - alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510). - alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510). - alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510). - alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510). - alsa: hda: fix unused variable warning (bsc#1051510). - alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510). - alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510). - alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510). - apparmor: Check buffer bounds when mapping permissions mask (git-fixes). - ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468). - ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510). - ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510). - ASoC: rsnd: adg: care clock-frequency size (bsc#1051510). - ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510). - ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510). - ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510). - ASoC: wm8804: Add ACPI support (bsc#1051510). - ath10k: fix kernel panic issue during pci probe (bsc#1051510). - ath10k: fix scan crash due to incorrect length calculation (bsc#1051510). - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510). - autofs: fix autofs_sbi() does not check super block type (git-fixes). - autofs: fix slab out of bounds read in getname_kernel() (git-fixes). - autofs: mount point create should honour passed in mode (git-fixes). - badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes). - batman-adv: Avoid probe ELP information leak (bsc#1051510). - batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510). - batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510). - bdi: Fix another oops in wb_workfn() (bsc#1112746). - bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746). - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819). - blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713). - block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708). - block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712). - block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834). - bpf/verifier: disallow pointer subtraction (bsc#1083647). - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667). - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667). - btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901). - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919). - btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543). - btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915). - btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904). - cdc-acm: fix race between reset and control messaging (bsc#1051510). - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983). - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510). - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902). - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902). - cifs: connect to servername instead of IP for IPC$ share (bsc#1106359). - cifs: fix memory leak in SMB2_open() (bsc#1112894). - cifs: fix memory leak in SMB2_open() (bsc#1112894). - cifs: Fix use after free of a mid_q_entry (bsc#1112903). - cifs: Fix use after free of a mid_q_entry (bsc#1112903). - clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail (bsc#1051510). - clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510). - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510). - clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510). - coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510). - crypto: caam - fix implicit casts in endianness helpers (bsc#1051510). - crypto: ccp - add timeout support in the SEV command (bsc#1106838). - crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510). - crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510). - crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510). - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510). - crypto: tcrypt - fix ghash-generic speed test (bsc#1051510). - dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951). - debugobjects: Make stack check warning more informative (bsc#1051510). - Disable DRM patches that broke vbox video driver KMP (bsc#1111076) - Documentation/l1tf: Fix small spelling typo (bsc#1051510). - do d_instantiate/unlock_new_inode combinations safely (git-fixes). - Do not leak MNT_INTERNAL away from internal mounts (git-fixes). - drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510). - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110) - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510). - drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110) - drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722) - drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510). - drm/amdgpu: revert "fix deadlock of reservation between cs and gpu reset v2" (bsc#1051510). - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510). - drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722) - drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722) - drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722) - drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510). - drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722) - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510). - drm/i915: Restore vblank interrupts earlier (bsc#1051510). - drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510). - drm/mediatek: fix OF sibling-node lookup (bsc#1106110) - drm/msm: fix OF child-node lookup (bsc#1106110) - drm/nouveau/disp: fix DP disable race (bsc#1051510). - drm/nouveau: Do not disable polling in fallback mode (bsc#1103356). - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510). - drm/sti: do not remove the drm_bridge that was never added (bsc#1100132) - drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110) - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722) - e1000: check on netif_running() before calling e1000_up() (bsc#1051510). - e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510). - edac: Raise the maximum number of memory controllers (bsc#1113780). - edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279). - eeprom: at24: change nvmem stride to 1 (bsc#1051510). - eeprom: at24: check at24_read/write arguments (bsc#1051510). - eeprom: at24: correctly set the size for at24mac402 (bsc#1051510). - enic: do not call enic_change_mtu in enic_probe (bsc#1051510). - enic: handle mtu change for vf properly (bsc#1051510). - enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510). - ethtool: fix a privilege escalation bug (bsc#1076830). - ext2, dax: set ext2_dax_aops for dax files (bsc#1112554). - ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736). - ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735). - ext4: check for NUL characters in extended attribute's name (bsc#1112732). - ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734). - ext4: do not mark mmp buffer head dirty (bsc#1112743). - ext4: fix online resize's handling of a too-small final block group (bsc#1112739). - ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740). - ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733). - ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738). - ext4: reset error code in ext4_find_entry in fallback (bsc#1112731). - ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741). - fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510). - firmware: raspberrypi: Register hwmon driver (bsc#1108468). - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510). - fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes). - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes). - fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes). - fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745). - getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes). - gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510). - gpio: Fix crash due to registration race (bsc#1051510). - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510). - gpio: mb86s70: Revert "Return error if requesting an already assigned gpio" (bsc#1051510). - hfsplus: do not return 0 when fill_super() failed (bsc#1051510). - hfsplus: stop workqueue when fill_super() failed (bsc#1051510). - hfs: prevent crash on exit from failed search (bsc#1051510). - hid: add support for Apple Magic Keyboards (bsc#1051510). - hid: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510). - hid: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510). - hid: quirks: fix support for Apple Magic Keyboards (bsc#1051510). - hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510). - hv: avoid crash in vmbus sysfs files (bnc#1108377). - hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1109772). - hv_netvsc: fix schedule in RCU context (). - hwmon: Add support for RPi voltage sensor (bsc#1108468). - hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510). - hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510). - hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468). - hwrng: core - document the quality field (bsc#1051510). - hypfs_kill_super(): deal with failed allocations (bsc#1051510). - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510). - i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510). - iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510). - iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510). - iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510). - Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510). - Input: atakbd - fix Atari keymap (bsc#1051510). - intel_th: pci: Add Ice Lake PCH support (bsc#1051510). - iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237). - iommu/vt-d: Add definitions for PFSID (bsc#1106237). - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237). - iommu/vt-d: Fix scatterlist offset handling (bsc#1106237). - ipc/shm.c add ->pagesize function to shm_vm_ops (bsc#1111811). - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510). - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510). - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510). - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510). - iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510). - iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510). - iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510). - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510). - jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257). - kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240). - KABI: hide new member in struct iommu_table from genksyms (bsc#1061840). - KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840). - kabi/severities: correct nvdimm kabi exclusion - kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI. - kabi/severities: ignore __xive_vm_h_* KVM internal symbols. - Kbuild: fix # escaping in .cmd files for future Make (git-fixes). - kernfs: update comment about kernfs_path() return value (bsc#1051510). - kprobes/x86: Fix %p uses in error messages (bsc#1110006). - ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806). - kvm: Make VM ioctl do valloc for some archs (bsc#1111506). - KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840). - KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840). - KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840). - KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840). - KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840). - KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840). - KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840). - KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840). - KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840). - KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840). - KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840). - KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840). - KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840). - KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840). - KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840). - KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840). - KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840). - KVM: PPC: Book3S HV: Do not use existing "prodded" flag for XIVE escalations (bsc#1061840). - KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840). - KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840). - KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840). - KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840). - KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840). - KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840). - KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840). - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840). - KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840). - KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840). - KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840). - KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840). - KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840). - KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840). - KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840). - KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840). - KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840). - KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840). - KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840). - KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840). - KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840). - KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840). - KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840). - KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840). - KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840). - KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840). - KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840). - KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840). - KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840). - KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840). - KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840). - KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840). - KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840). - KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840). - KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840). - KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840). - KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840). - KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840). - KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840). - KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840). - KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840). - KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840). - KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840). - KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840). - KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840). - KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240). - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240). - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240). - KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240). - KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506). - KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240). - kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506). - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240). - libertas: call into generic suspend code before turning off power (bsc#1051510). - libnvdimm, badrange: remove a WARN for list_empty (bsc#112128). - libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408). - libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972). - libnvdimm: Introduce locked DIMM capacity support (bsc#112128). - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408). - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972). - libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, ). - libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972). - libnvdimm: move poison list functions to a new 'badrange' file (bsc#112128). - libnvdimm/nfit_test: add firmware download emulation (bsc#112128). - libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#112128). - libnvdimm, testing: Add emulation for smart injection commands (bsc#112128). - libnvdimm, testing: update the default smart ctrl_temperature (bsc#112128). - lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510). - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510). - livepatch: create and include UAPI headers (). - lockd: fix "list_add double add" caused by legacy signal interface (git-fixes). - loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711). - loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710). - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284). - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510). - mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510). - mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510). - mac80211: fix a race between restart and CSA flows (bsc#1051510). - mac80211: Fix station bandwidth setting after channel switch (bsc#1051510). - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510). - mac80211_hwsim: require at least one channel (bsc#1051510). - mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510). - mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510). - mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510). - mac80211: shorten the IBSS debug messages (bsc#1051510). - mach64: detect the dot clock divider correctly on sparc (bsc#1051510). - make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes). - md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes). - md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes). - md/raid1: add error handling of read error from FailFast device (git-fixes). - md/raid5-cache: disable reshape completely (git-fixes). - md/raid5: fix data corruption of replacements after originals dropped (git-fixes). - media: af9035: prevent buffer overflow on write (bsc#1051510). - media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510). - media: dvb: fix compat ioctl translation (bsc#1051510). - media: em28xx: fix input name for Terratec AV 350 (bsc#1051510). - media: em28xx: use a default format if TRY_FMT fails (bsc#1051510). - media: pci: cx23885: handle adding to list failure (bsc#1051510). - media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510). - media: tvp5150: fix switch exit in set control handler (bsc#1051510). - media: tvp5150: fix width alignment during set_selection() (bsc#1051510). - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510). - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510). - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510). - media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510). - mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510). - mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510). - mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841). - mm/migrate: Use spin_trylock() while resetting rate limit (). - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907). - modpost: ignore livepatch unresolved relocations (). - move changes without Git-commit out of sorted section - mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510). - net/smc: retain old name for diag_mode field (bsc#1106287, LTC#170892). - net/smc: use __aligned_u64 for 64-bit smc_diag fields (bsc#1101138, LTC#164002). - NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510). - nfit_test: add error injection DSMs (bsc#112128). - nfit_test: fix buffer overrun, add sanity check (bsc#112128). - nfit_test: improve structure offset handling (bsc#112128). - nfit_test: prevent parsing error of nfit_test.0 (bsc#112128). - nfit_test: when clearing poison, also remove badrange entries (bsc#112128). - NFS: Avoid quadratic search when freeing delegations (bsc#1084760). - nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408). - nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, ). - nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, ). - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408). - nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408). - nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972). - of: add helper to lookup compatible child node (bsc#1106110) - orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510). - orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510). - orangefs_kill_sb(): deal with allocation failures (bsc#1051510). - orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510). - ovl: fix format of setxattr debug (git-fixes). - ovl: Sync upper dirty data when syncing overlayfs (git-fixes). - PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510). - PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806). - PCI: hv: Use effective affinity mask (bsc#1109772). - PCI: Reprogram bridge prefetch registers on resume (bsc#1051510). - pipe: match pipe_max_size data type with procfs (git-fixes). - PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510). - powerpc/kvm/booke: Fix altivec related build break (bsc#1061840). - powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840). - powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800). - powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840). - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784). - powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840). - powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120). - powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840). - powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840). - powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840). - powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840). - powerpc/powernv: Rework TCE level allocation (bsc#1061840). - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes). - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes). - powerpc/pseries: Fix "OF: ERROR: Bad of_node_put() on /cpus" during DLPAR (bsc#1113295). - powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295). - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870). - powerpc/xive: Move definition of ESB bits (bsc#1061840). - powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840). - printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170). - printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208). - proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf: - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510). - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510). - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510). - race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes). - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes). - random: rate limit unseeded randomness warnings (git-fixes). - rculist: add list_for_each_entry_from_rcu() (bsc#1084760). - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - rename a hv patch to reduce conflicts in -AZURE - reorder a qedi patch to allow further work in this branch - resource: Include resource end in walk_*() interfaces (bsc#1114279). - Revert "drm/amdgpu: Add an ATPX quirk for hybrid laptop" (bsc#1051510). - Revert "drm/i915/gvt: set max priority for gvt context" (bsc#1051510). - Revert "gpio: set up initial state from .get_direction()" (bsc#1051510). - Revert "iommu/io-pgtable: Avoid redundant TLB syncs" (bsc#1106237). - Revert "mwifiex: fix incorrect ht capability problem" (bsc#1051510). - Revert "mwifiex: handle race during mwifiex_usb_disconnect" (bsc#1051510). - Revert "pinctrl: sunxi: Do not enforce bias disable (for now)" (bsc#1051510). - rpc_pipefs: fix double-dput() (bsc#1051510). - rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes). - sched/numa: Limit the conditions where scan period is reset (). - scripts/series2git: - scripts/series2git: Revert the change mistakenly taken A "fix" for series2git went in mistakenly among other patches. Revert it here. It'll be picked up from a proper branch if need. - scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246). - scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246). - scsi: ipr: Eliminate duplicate barriers (). - scsi: ipr: fix incorrect indentation of assignment statement (). - scsi: ipr: Use dma_pool_zalloc() (). - scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731). - scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731). - scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731). - scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731). - scsi: qla2xxx: do not allow negative thresholds (bsc#1108870). - scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870). - scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870). - scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870). - scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830). - scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870). - scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870). - scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870). - scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870). - scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870). - scsi: qla2xxx: Return switch command on a timeout (bsc#1108870). - scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928). - serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510). - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006). - smb2: fix missing files in root share directory listing (bsc#1112907). - smb2: fix missing files in root share directory listing (bsc#1112907). - smb3: fill in statfs fsid and correct namelen (bsc#1112905). - smb3: fill in statfs fsid and correct namelen (bsc#1112905). - smb3: fix reset of bytes read and written stats (bsc#1112906). - smb3: fix reset of bytes read and written stats (bsc#1112906). - smb3: on reconnect set PreviousSessionId field (bsc#1112899). - smb3: on reconnect set PreviousSessionId field (bsc#1112899). - sock_diag: fix use-after-free read in __sk_free (bsc#1051510). - soc/tegra: pmc: Fix child-node lookup (bsc#1051510). - soreuseport: initialise timewait reuseport field (bsc#1051510). - sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510). - sound: enable interrupt after dma buffer initialization (bsc#1051510). - spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510). - spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510). - spi: sh-msiof: fix deferred probing (bsc#1051510). - squashfs: be more careful about metadata corruption (bsc#1051510). - Squashfs: Compute expected length from inode size rather than block length (bsc#1051510). - squashfs metadata 2: electric boogaloo (bsc#1051510). - squashfs: more metadata hardening (bsc#1051510). - squashfs: more metadata hardening (bsc#1051510). - staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510). - stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510). - supported.conf: mark raspberrypi-hwmon as supported - switchtec: Fix Spectre v1 vulnerability (bsc#1051510). - sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes). - target: log Data-Out timeouts as errors (bsc#1095805). - target: log NOP ping timeouts as errors (bsc#1095805). - target: split out helper for cxn timeout error stashing (bsc#1095805). - target: stash sess_err_stats on Data-Out timeout (bsc#1095805). - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805). - team: Forbid enslaving team device to itself (bsc#1051510). - tools build: fix # escaping in .cmd files for future Make (git-fixes). - tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#112128). - tools/testing/nvdimm: allow custom error code injection (bsc#112128). - tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#112128). - tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#112128). - tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#112128). - tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#112128). - tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#112128). - tools/testing/nvdimm: improve emulation of smart injection (bsc#112128). - tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#112128). - tools/testing/nvdimm: Make DSM failure code injection an override (bsc#112128). - tools/testing/nvdimm: smart alarm/threshold control (bsc#112128). - tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#112128). - tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#112128). - tools/testing/nvdimm: unit test clear-error commands (bsc#112128). - tools/vm/page-types.c: fix "defined but not used" warning (bsc#1051510). - tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510). - tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219). - tty: Do not block on IO when ldisc change is pending (bnc#1105428). - tty: fix data race between tty_init_dev and flush of buf (bnc#1105428). - tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428). - tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428). - tty/ldsem: Convert to regular lockdep annotations (bnc#1105428). - tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428). - tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428). - tty: Simplify tty->count math in tty_reopen() (bnc#1105428). - Update patches.arch/KVM-PPC-Book3S-HV-Snapshot-timebase-offset-on-guest-.patch (bsc#1061840, bsc#1086196). - Update patches.arch/powerpc-powernv-ioda2-Reduce-upper-limit-for-DMA-win.patch (bsc#1061840, bsc#1055120). - Update patches.fixes/0002-nfs41-do-not-return-ENOMEM-on-LAYOUTUNAVAILABLE.patch (git-fixes, bsc#1103925). - Update patches.fixes/libnvdimm-dimm-maximize-label-transfer-size.patch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/libnvdimm-label-change-nvdimm_num_label_slots-per-uefi-2-7.pa tch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/libnvdimm-label-fix-sparse-warning.patch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/nvdimm-clarify-comment-in-sizeof_namespace_index.patch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/nvdimm-remove-empty-if-statement.patch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/nvdimm-sanity-check-labeloff.patch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/nvdimm-split-label-init-out-from-the-logic-for-getting-config -data.patch (bsc#1111921, bsc#1113408, bsc#1113972). - Update patches.fixes/nvdimm-use-namespace-index-data-to-reduce-number-of-label-rea ds-needed.patch (bsc#1111921, bsc#1113408, bsc#1113972). - usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510). - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510). - usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510). - usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510). - usbip: tools: fix atoi() on non-null terminated string (bsc#1051510). - USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510). - USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510). - USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510). - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510). - USB: yurex: Check for truncation in yurex_read() (bsc#1051510). - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739). - use the new async probing feature for the hyperv drivers (bsc#1109772). - Use upstream version of pci-hyperv patch (35a88a1) - VFS: close race between getcwd() and d_move() (git-fixes). - vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes). - vmbus: do not return values for uninitalized channels (bsc#1051510). - vti4: Do not count header length twice on tunnel setup (bsc#1051510). - vti6: fix PMTU caching and reporting on xmit (bsc#1051510). - vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510). - Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040). - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006). - x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878). - x86/boot: Move EISA setup to a separate file (bsc#1110006). - x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006). - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006). - x86/eisa: Add missing include (bsc#1110006). - x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006). - x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006). - x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772). - x86/kasan: Panic if there is not enough memory to boot (bsc#1110006). - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279). - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006). - x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#112128). - x86/paravirt: Fix some warning messages (bnc#1065600). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536). - x86/time: Correct the attribute on jiffies' definition (bsc#1110006). - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600). - xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600). - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600). - xfrm: use complete IPv6 addresses for hash (bsc#1109330). - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025). - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025). - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510). - xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2018-2803=1 Package List: - SUSE Linux Enterprise Server 12-SP4 (x86_64): kernel-azure-4.12.14-6.3.1 kernel-azure-base-4.12.14-6.3.1 kernel-azure-base-debuginfo-4.12.14-6.3.1 kernel-azure-debuginfo-4.12.14-6.3.1 kernel-azure-debugsource-4.12.14-6.3.1 kernel-azure-devel-4.12.14-6.3.1 kernel-syms-azure-4.12.14-6.3.1 - SUSE Linux Enterprise Server 12-SP4 (noarch): kernel-devel-azure-4.12.14-6.3.1 kernel-source-azure-4.12.14-6.3.1 References: https://www.suse.com/security/cve/CVE-2017-16533.html https://www.suse.com/security/cve/CVE-2017-18224.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18445.html https://www.suse.com/security/cve/CVE-2018-18710.html https://bugzilla.suse.com/1051510 https://bugzilla.suse.com/1055120 https://bugzilla.suse.com/1061840 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1066674 https://bugzilla.suse.com/1067906 https://bugzilla.suse.com/1076830 https://bugzilla.suse.com/1079524 https://bugzilla.suse.com/1083647 https://bugzilla.suse.com/1084760 https://bugzilla.suse.com/1084831 https://bugzilla.suse.com/1086196 https://bugzilla.suse.com/1091800 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1095805 https://bugzilla.suse.com/1100132 https://bugzilla.suse.com/1101138 https://bugzilla.suse.com/1103356 https://bugzilla.suse.com/1103543 https://bugzilla.suse.com/1103925 https://bugzilla.suse.com/1104124 https://bugzilla.suse.com/1104731 https://bugzilla.suse.com/1105025 https://bugzilla.suse.com/1105428 https://bugzilla.suse.com/1105536 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106237 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1106287 https://bugzilla.suse.com/1106359 https://bugzilla.suse.com/1106838 https://bugzilla.suse.com/1108377 https://bugzilla.suse.com/1108468 https://bugzilla.suse.com/1108870 https://bugzilla.suse.com/1109330 https://bugzilla.suse.com/1109739 https://bugzilla.suse.com/1109772 https://bugzilla.suse.com/1109784 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1109907 https://bugzilla.suse.com/1109911 https://bugzilla.suse.com/1109915 https://bugzilla.suse.com/1109919 https://bugzilla.suse.com/1109951 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1111040 https://bugzilla.suse.com/1111076 https://bugzilla.suse.com/1111506 https://bugzilla.suse.com/1111806 https://bugzilla.suse.com/1111811 https://bugzilla.suse.com/1111819 https://bugzilla.suse.com/1111830 https://bugzilla.suse.com/1111834 https://bugzilla.suse.com/1111841 https://bugzilla.suse.com/1111870 https://bugzilla.suse.com/1111901 https://bugzilla.suse.com/1111904 https://bugzilla.suse.com/1111921 https://bugzilla.suse.com/1111928 https://bugzilla.suse.com/1111983 https://bugzilla.suse.com/1112170 https://bugzilla.suse.com/1112173 https://bugzilla.suse.com/1112208 https://bugzilla.suse.com/1112219 https://bugzilla.suse.com/1112221 https://bugzilla.suse.com/1112246 https://bugzilla.suse.com/1112372 https://bugzilla.suse.com/1112514 https://bugzilla.suse.com/1112554 https://bugzilla.suse.com/1112708 https://bugzilla.suse.com/1112710 https://bugzilla.suse.com/1112711 https://bugzilla.suse.com/1112712 https://bugzilla.suse.com/1112713 https://bugzilla.suse.com/1112731 https://bugzilla.suse.com/1112732 https://bugzilla.suse.com/1112733 https://bugzilla.suse.com/1112734 https://bugzilla.suse.com/1112735 https://bugzilla.suse.com/1112736 https://bugzilla.suse.com/1112738 https://bugzilla.suse.com/1112739 https://bugzilla.suse.com/1112740 https://bugzilla.suse.com/1112741 https://bugzilla.suse.com/1112743 https://bugzilla.suse.com/1112745 https://bugzilla.suse.com/1112746 https://bugzilla.suse.com/1112878 https://bugzilla.suse.com/1112894 https://bugzilla.suse.com/1112899 https://bugzilla.suse.com/1112902 https://bugzilla.suse.com/1112903 https://bugzilla.suse.com/1112905 https://bugzilla.suse.com/1112906 https://bugzilla.suse.com/1112907 https://bugzilla.suse.com/1113257 https://bugzilla.suse.com/1113284 https://bugzilla.suse.com/1113295 https://bugzilla.suse.com/1113408 https://bugzilla.suse.com/1113667 https://bugzilla.suse.com/1113722 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113780 https://bugzilla.suse.com/1113972 https://bugzilla.suse.com/1114279 From sle-security-updates at lists.suse.com Wed Nov 28 13:08:42 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Wed, 28 Nov 2018 21:08:42 +0100 (CET) Subject: SUSE-SU-2018:3935-1: moderate: Security update for tomcat6 Message-ID: <20181128200842.EE9DEFCD3@maintenance.suse.de> SUSE Security Update: Security update for tomcat6 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3935-1 Rating: moderate References: #1110850 Cross-References: CVE-2018-11784 Affected Products: SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for tomcat6 fixes the following issue: Security issue fixed: - CVE-2018-11784: Fixed problem with specially crafted URLs that could be used to cause a redirect to any URI of an attackers choise (bsc#1110850). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-tomcat6-13884=1 Package List: - SUSE Linux Enterprise Server 11-SP4 (noarch): tomcat6-6.0.53-0.57.10.1 tomcat6-admin-webapps-6.0.53-0.57.10.1 tomcat6-docs-webapp-6.0.53-0.57.10.1 tomcat6-javadoc-6.0.53-0.57.10.1 tomcat6-jsp-2_1-api-6.0.53-0.57.10.1 tomcat6-lib-6.0.53-0.57.10.1 tomcat6-servlet-2_5-api-6.0.53-0.57.10.1 tomcat6-webapps-6.0.53-0.57.10.1 References: https://www.suse.com/security/cve/CVE-2018-11784.html https://bugzilla.suse.com/1110850 From sle-security-updates at lists.suse.com Fri Nov 30 13:08:44 2018 From: sle-security-updates at lists.suse.com (sle-security-updates at lists.suse.com) Date: Fri, 30 Nov 2018 21:08:44 +0100 (CET) Subject: SUSE-SU-2018:3961-1: important: Security update for the Linux Kernel Message-ID: <20181130200844.5F2C8FFD9@maintenance.suse.de> SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3961-1 Rating: important References: #1012382 #1031392 #1043912 #1044189 #1046302 #1046305 #1046306 #1046307 #1046540 #1046543 #1050244 #1050319 #1050536 #1050540 #1051510 #1054914 #1055014 #1055117 #1055120 #1058659 #1060463 #1061840 #1065600 #1065729 #1066674 #1067126 #1067906 #1068032 #1069138 #1071995 #1076830 #1077761 #1077989 #1078720 #1079524 #1080157 #1082519 #1082555 #1083647 #1083663 #1084760 #1084831 #1085030 #1085042 #1085262 #1086282 #1086283 #1086288 #1086327 #1089663 #1090078 #1091800 #1092903 #1094244 #1094825 #1095344 #1095805 #1096748 #1097105 #1097583 #1097584 #1097585 #1097586 #1097587 #1097588 #1098459 #1098782 #1098822 #1099125 #1099922 #1099999 #1100001 #1100132 #1101480 #1101557 #1101669 #1102346 #1102495 #1102517 #1102715 #1102870 #1102875 #1102877 #1102879 #1102881 #1102882 #1102896 #1103269 #1103308 #1103356 #1103363 #1103387 #1103405 #1103421 #1103543 #1103587 #1103636 #1103948 #1103949 #1103961 #1104172 #1104353 #1104482 #1104683 #1104731 #1104824 #1104888 #1104890 #1105025 #1105190 #1105247 #1105292 #1105322 #1105355 #1105378 #1105396 #1105428 #1105467 #1105524 #1105536 #1105597 #1105603 #1105672 #1105731 #1105795 #1105907 #1106007 #1106016 #1106105 #1106110 #1106121 #1106170 #1106178 #1106229 #1106230 #1106231 #1106233 #1106235 #1106236 #1106237 #1106238 #1106240 #1106291 #1106297 #1106333 #1106369 #1106427 #1106464 #1106509 #1106511 #1106594 #1106636 #1106688 #1106697 #1106779 #1106800 #1106838 #1106890 #1106891 #1106892 #1106893 #1106894 #1106896 #1106897 #1106898 #1106899 #1106900 #1106901 #1106902 #1106903 #1106905 #1106906 #1106948 #1106995 #1107008 #1107060 #1107061 #1107065 #1107074 #1107207 #1107319 #1107320 #1107522 #1107535 #1107685 #1107689 #1107735 #1107756 #1107783 #1107829 #1107870 #1107924 #1107928 #1107945 #1107947 #1107966 #1108010 #1108093 #1108096 #1108170 #1108241 #1108243 #1108260 #1108281 #1108323 #1108377 #1108399 #1108468 #1108520 #1108823 #1108841 #1108870 #1109151 #1109158 #1109217 #1109244 #1109269 #1109330 #1109333 #1109336 #1109337 #1109511 #1109603 #1109739 #1109772 #1109784 #1109806 #1109818 #1109907 #1109915 #1109919 #1109951 #1109979 #1109992 #1110006 #1110096 #1110301 #1110363 #1110538 #1110561 #1110639 #1110642 #1110643 #1110644 #1110645 #1110646 #1110647 #1110649 #1110650 #1111028 #1111040 #1111076 #1111506 #1111806 #1111819 #1111830 #1111834 #1111841 #1111870 #1111901 #1111904 #1111921 #1111928 #1111983 #1112170 #1112208 #1112219 #1112246 #1112372 #1112514 #1112554 #1112708 #1112710 #1112711 #1112712 #1112713 #1112731 #1112732 #1112733 #1112734 #1112735 #1112736 #1112738 #1112739 #1112740 #1112741 #1112743 #1112745 #1112746 #1112878 #1112894 #1112899 #1112902 #1112903 #1112905 #1112906 #1112907 #1113257 #1113284 #1113295 #1113408 #1113667 #1113722 #1113751 #1113780 #1113972 #1114279 #971975 Cross-References: CVE-2017-16533 CVE-2017-18224 CVE-2018-10902 CVE-2018-10938 CVE-2018-10940 CVE-2018-1128 CVE-2018-1129 CVE-2018-12896 CVE-2018-13093 CVE-2018-13095 CVE-2018-14613 CVE-2018-14617 CVE-2018-14633 CVE-2018-15572 CVE-2018-16658 CVE-2018-17182 CVE-2018-18386 CVE-2018-18445 CVE-2018-18710 CVE-2018-6554 CVE-2018-6555 CVE-2018-9363 Affected Products: SUSE Linux Enterprise Module for Public Cloud 15 ______________________________________________________________________________ An update that solves 22 vulnerabilities and has 286 fixes is now available. Description: The SUSE Linux Enterprise 15 azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9363: Fixed an integer overflow that could have been used for an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation (bsc#1105292). - CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c was fixed in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bsc#1106511). - CVE-2018-6554: Fixed memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bsc#1106509). - CVE-2018-18710: An information leak was fixed in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c that could have been used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bsc#1113751). - CVE-2018-18445: Fixed faulty computation of numeric bounds in the BPF verifier that now permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bsc#1112372). - CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c was fixed that was vulnerable to sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. (bsc#1108399). - CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c was fixed that could have leed to be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bsc#1107689). - CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c was not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. (bsc#1102517) - CVE-2018-14633: A security flaw was fixed in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107829). - CVE-2018-14617: A NULL pointer dereference and panic in hfsplus_lookup() was fixed when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. (bsc#1102870) - CVE-2018-14613: An invalid pointer dereference in io_ctl_map_page() was fixed when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. (bsc#1102896) - CVE-2018-13095: A denial of service (memory corruption and BUG) was fixed to prevent a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. (bsc#1099999) - CVE-2018-13093: A NULL pointer dereference and panic in lookup_slow() on a NULL was fixed to prevent pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. (bsc#1100001) - CVE-2018-12896: An integer overflow in the POSIX timer code was fixed to prevent overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. (bsc#1099922) - CVE-2018-1129: The signature calculation was fixed to by the cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. (bsc#1096748) - CVE-2018-1128: The cephx authentication protocol was fixed to verify ceph clients correctly and to prevent the vulnerability to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could have used this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable (bsc#1096748). - CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c was fixed to prevent local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903). - CVE-2018-10938: A flaw was fixed how the kernel handled network packet sent remotely by an attacker that may forced the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. (bsc#1106016) - CVE-2018-10902: The the raw midi kernel driver was fixed to be protected against concurrent access which could have lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bsc#1105322). - CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bsc#1084831). - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bsc#1066674). The following security bug was previously fixed by has now an assigned CVE number: - CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825). The following non-security bugs were fixed: - /dev/mem: Add bounce buffer for copy-out (git-fixes). - /dev/mem: Avoid overwriting "err" in read_mem() (git-fixes). - 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510). - 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510). - 9p: fix multiple NULL-pointer-dereferences (bsc#1051510). - ACPI / APEI: Remove ghes_ioremap_area (bsc#1051510). - ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510). - ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510). - ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510). - ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510). - ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510). - ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172). - ACPI / PM: save NVS memory for ASUS 1025C laptop (bsc#1051510). - ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178). - ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510). - ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510). - ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387). - ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172). - ACPICA: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241). - ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387). - ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path (bsc#1051510). - ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bsc#1051510). - ALSA: cs46xx: Deliver indirect-PCM transfer error (). - ALSA: cs5535audio: Fix invalid endian conversion (bsc#1051510). - ALSA: emu10k1: Deliver indirect-PCM transfer error (). - ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bsc#1051510). - ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510). - ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510). - ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510). - ALSA: fireworks: fix memory leak of response buffer at error path (bsc#1051510). - ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510). - ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510). - ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510). - ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510). - ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bsc#1051510). - ALSA: hda - Turn CX8200 into D3 as well upon reboot (bsc#1051510). - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510). - ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510). - ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510). - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bsc#1051510). - ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bsc#1051510). - ALSA: hda: fix unused variable warning (bsc#1051510). - ALSA: memalloc: Do not exceed over the requested size (bsc#1051510). - ALSA: mips: Deliver indirect-PCM transfer error (). - ALSA: msnd: Fix the default sample sizes (bsc#1051510). - ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510). - ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510). - ALSA: oxfw: fix memory leak of private data (bsc#1051510). - ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers (). - ALSA: pcm: Fix snd_interval_refine first/last with open min/max (bsc#1051510). - ALSA: pcm: Simplify forward/rewind codes (). - ALSA: pcm: Use a common helper for PCM state check and hwsync (). - ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error (). - ALSA: rme32: Deliver indirect-PCM transfer error (). - ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bsc#1051510). - ALSA: usb-audio: update quirk for B W PX to remove microphone (bsc#1051510). - ALSA: virmidi: Fix too long output trigger loop (bsc#1051510). - ALSA: vx222: Fix invalid endian conversions (bsc#1051510). - ALSA: vxpocket: Fix invalid endian conversions (bsc#1051510). - ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510). - ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510). - ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510). - ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468). - ARM: exynos: Clear global variable on init error path (bsc#1051510). - ARM: hisi: check of_iomap and fix missing of_node_put (bsc#1051510). - ARM: hisi: fix error handling and missing of_node_put (bsc#1051510). - ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510). - ARM: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510). - ARM: imx: flag failure of of_iomap (bsc#1051510). - ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510). - ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510). - ARM: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510). - ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510). - ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510). - ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (bsc#1051510). - ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bsc#1051510). - ASoC: cs4265: fix MMTLR Data switch control (bsc#1051510). - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bsc#1051510). - ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510). - ASoC: msm8916-wcd-digital: fix RX2 MIX1 and RX3 MIX1 (bsc#1051510). - ASoC: rsnd: adg: care clock-frequency size (bsc#1051510). - ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510). - ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510). - ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510). - ASoC: rsnd: update pointer more accurate (bsc#1051510). - ASoC: rt5514: Add the I2S ASRC support (bsc#1051510). - ASoC: rt5514: Add the missing register in the readable table (bsc#1051510). - ASoC: rt5514: Eliminate the noise in the ASRC case (bsc#1051510). - ASoC: rt5514: Fix the issue of the delay volume applied (bsc#1051510). - ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510). - ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510). - ASoC: wm8804: Add ACPI support (bsc#1051510). - ASoC: wm8994: Fix missing break in switch (bsc#1051510). - Apparmor fixes from git-fixes - Backport stable-patches for x86 architecture - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bsc#1051510). - Bluetooth: Use lock_sock_nested in bt_accept_enqueue (bsc#1051510). - Bluetooth: avoid killing an already killed socket (bsc#1051510). - Bluetooth: btsdio: Do not bind to non-removable BCM43430 (bsc#1103587). - Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510). - Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510). - Bluetooth: hidp: buffer overflow in hidp_process_report (bsc#1051510). - Btrfs: fix data corruption when deduplicating between different files (bsc#1110647). - Btrfs: fix duplicate extents after fsync of file with prealloc extents (bsc#1110644). - Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901). - Btrfs: fix fsync after hole punching when using no-holes feature (bsc#1110642). - Btrfs: fix loss of prealloc extents past i_size after fsync log replay (bsc#1110643). - Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543). - Btrfs: fix return value on rename exchange failure (bsc#1110645). - Btrfs: fix send failure when root has deleted files still open (bsc#1110650). - Btrfs: rework outstanding_extents (dependency for bsc#1031392). - Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904). - Btrfs: sync log after logging new name (bsc#1110646). - CIFS: check for STATUS_USER_SESSION_DELETED (bsc#1112902). - Cleanup out-of-tree subsection - Disable DRM patches that broke vbox video driver KMP (bsc#1111076) - Do not leak MNT_INTERNAL away from internal mounts (git-fixes). - Documentation/l1tf: Fix small spelling typo (bsc#1051510). - Documentation: add some docs for errseq_t (bsc#1107008). - Documentation: ip-sysctl.txt: document addr_gen_mode (bsc#1051510). - Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207). - Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207). - Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207). - Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207). - Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() (bsc#1051510). - Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207). - Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207). - Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207). - Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207). - Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207). - Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207). - Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207). - Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207). - Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207). - Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207). - Drivers: hv: vmbus: do not mark HV_PCIE as perf_device (bsc#1051510). - Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207). - Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207). - Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207). - EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125). - EDAC, i7core: Fix memleaks and use-after-free on probe and remove (bsc#1051510). - EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125). - EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125). - EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279). - EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125). - EDAC: Fix memleak in module init error path (bsc#1051510). - EDAC: Raise the maximum number of memory controllers (bsc#1113780). - Filesystem and FUSE fixes from upstream - Fix kexec forbidding kernels signed with keys in the secondary keyring to boot (bsc#1110006). - HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510). - HID: add support for Apple Magic Keyboards (bsc#1051510). - HID: hid-ntrig: add error handling for sysfs_create_group (bsc#1051510). - HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510). - HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510). - HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device (). - HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510). - HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510). - IB/IPoIB: Set ah valid flag in multicast send flow (bsc#1046307 ). - IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306). - IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463). - IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463). - IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ). - IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307). - IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ). - IB/mlx4: Test port number before querying type (bsc#1046302 ). - IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ). - IB/mlx5: fix uaccess beyond "count" in debugfs read/write handlers (bsc#1046305). - Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510). - Input: atakbd - fix Atari keymap (bsc#1051510). - Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510). - Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510). - Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510). - Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510). - Input: elantech - enable middle button of touchpad on ThinkPad P72 (bsc#1051510). - Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510). - KABI: hide new member in struct iommu_table from genksyms (bsc#1061840). - KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244). - KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840). - KABI: tpm: change relinquish_locality return value back to void (bsc#1082555). - KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555). - KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006). - KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240). - KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240). - KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840). - KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840). - KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840). - KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840). - KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840). - KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840). - KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840). - KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840). - KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840). - KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840). - KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840). - KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840). - KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840). - KVM: PPC: Book3S HV: Do not use existing "prodded" flag for XIVE escalations (bsc#1061840). - KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840). - KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840). - KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840). - KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840). - KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840). - KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840). - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840). - KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840). - KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840). - KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840). - KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840). - KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840). - KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840). - KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840). - KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840). - KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840). - KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840). - KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840). - KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840). - KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840). - KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840). - KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840). - KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840). - KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840). - KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840). - KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840). - KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840). - KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840). - KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840). - KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840). - KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840). - KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840). - KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840). - KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() (bsc#1061840, git-fixes). - KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840). - KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840). - KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840). - KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840). - KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840). - KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840). - KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840). - KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840). - KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840). - KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840). - KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949). - KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840). - KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840). - KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840). - KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840). - KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840). - KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840). - KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240). - KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1106240). - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240). - KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369). - KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369). - KVM: VMX: raise internal error for exception during invalid protected mode state (bsc#1110006). - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240). - KVM: X86: Fix reserved bits check for MOV to CR3 (bsc#1110006). - KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240). - KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006). - KVM: hyperv: idr_find needs RCU protection (bsc#1107207). - KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207). - KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006). - KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240). - KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240). - KVM: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006). - KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240). - KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240). - KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240). - KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029). - KVM: s390: force bp isolation for VSIE (bsc#1103421). - KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029). - KVM: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006). - KVM: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006). - KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240). - KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240). - KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault (bsc#1106240). - KVM: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240). - KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240). - KVM: x86: Invert emulation re-execute behavior to make it opt-in (bsc#1106240). - KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE (bsc#1106240). - KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418). - KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006). - KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207). - KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506). - KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (bsc#1107207). - KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1107207). - KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006). - KVM: x86: fix APIC page invalidation (bsc#1106240). - KVM: x86: fix escape of guest dr6 to the host (bsc#1110006). - KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207). - KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207). - KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207). - KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207). - KVM: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006). - Kbuild: fix # escaping in .cmd files for future Make (git-fixes). - Limit kernel-source build to architectures for which we build binaries (bsc#1108281). - MAINTAINERS: fix location of ina2xx.txt device tree file (bsc#1051510). - NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01). - NFC: Fix possible memory corruption when handling SHDLC I-Frame commands (bsc#1051510). - NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510). - NFC: trf7970a: fix check of clock frequencies (bsc#1051510). - NFS/filelayout: Fix racy setting of fl->dsaddr in filelayout_check_deviceid() (bsc#1105190). - NFS: Avoid quadratic search when freeing delegations (bsc#1084760). - NFS: Use an appropriate work queue for direct-write completion (bsc#1082519). - NFSv4 client live hangs after live data migration recovery (git-fixes). - NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes). - NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes). - Netperf performance issue due to AppArmor net mediation (bsc#1108520) - PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510). - PCI/portdrv: Compute MSI/MSI-X IRQ vectors after final allocation (bsc#1109806). - PCI/portdrv: Factor out Interrupt Message Number lookup (bsc#1109806). - PCI: Add PCI resource type mask #define (bsc#1105355). - PCI: Add pci_resize_resource() for resizing BARs (bsc#1105355). - PCI: Add resizable BAR infrastructure (bsc#1105355). - PCI: Allow release of resources that were never assigned (bsc#1105355). - PCI: Cleanup PCI_REBAR_CTRL_BAR_SHIFT handling (bsc#1105355). - PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269). - PCI: OF: Fix I/O space page leak (git-fixes). - PCI: Reprogram bridge prefetch registers on resume (bsc#1051510). - PCI: Restore resized BAR state on resume (bsc#1105355). - PCI: Skip MPS logic for Virtual Functions (VFs) (bsc#1051510). - PCI: aardvark: Fix I/O space page leak (git-fixes). - PCI: aardvark: Size bridges before resources allocation (bsc#1109806). - PCI: designware: Fix I/O space page leak (bsc#1109806). - PCI: dwc: Fix scheduling while atomic issues (git-fixes). - PCI: faraday: Add missing of_node_put() (bsc#1109806). - PCI: faraday: Fix I/O space page leak (bsc#1109806). - PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510). - PCI: hv: Convert remove_lock to refcount (bsc#1107207). - PCI: hv: Do not wait forever on a device that has disappeared (bsc#1107207). - PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806). - PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207). - PCI: hv: Make sure the bus domain is really unique (git-fixes). - PCI: hv: Remove unused reason for refcount handler (bsc#1107207). - PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207). - PCI: hv: Use effective affinity mask (bsc#1107207). - PCI: hv: Use list_for_each_entry() (bsc#1107207). - PCI: hv: support reporting serial number as slot information (bsc#1107207). - PCI: mvebu: Fix I/O space end address calculation (bsc#1051510). - PCI: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1051510). - PCI: pciehp: Fix use-after-free on unplug (bsc#1051510). - PCI: versatile: Fix I/O space page leak (bsc#1109806). - PCI: xgene: Fix I/O space page leak (bsc#1109806). - PCI: xilinx-nwl: Add missing of_node_put() (bsc#1109806). - PCI: xilinx: Add missing of_node_put() (bsc#1109806). - PM / Domains: Fix error path during attach in genpd (bsc#1051510). - PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510). - PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510). - PM / core: Clear the direct_complete flag on errors (bsc#1051510). - PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132). - PM / sleep: wakeup: Fix build error caused by missing SRCU support (bsc#1051510). - PM: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006). - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes). - RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244). - RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ). - RDMA/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283). - RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659). - RDMA/uverbs: Expand primary and alt AV port checks (bsc#1046306 ). - Squashfs: Compute expected length from inode size rather than block length (bsc#1051510). - Tools: hv: Fix a bug in the key delete code (bsc#1107207). - USB: Add quirk to support DJI CineSSD (bsc#1051510). - USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510). - USB: cdc-wdm: do not enable interrupts in USB-giveback (bsc#1051510). - USB: fix error handling in usb_driver_claim_interface() (bsc#1051510). - USB: handle NULL config in usb_find_alt_setting() (bsc#1051510). - USB: net2280: Fix erroneous synchronization change (bsc#1051510). - USB: option: add support for DW5821e (bsc#1051510). - USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510). - USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510). - USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510). - USB: serial: kobil_sct: fix modem-status error handling (bsc#1051510). - USB: serial: pl2303: add a new device id for ATEN (bsc#1051510). - USB: serial: sierra: fix potential deadlock at close (bsc#1051510). - USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510). - USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510). - USB: yurex: Check for truncation in yurex_read() (bsc#1051510). - USB: yurex: Fix buffer over-read in yurex_write() (bsc#1051510). - Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603). - VFS: do not test owner for NFS in set_posix_acl() (bsc#1103405). - Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040). - Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510). - X86/Hyper-V: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207). - X86/Hyper-V: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207). - X86/Hyper-V: Consolidate code for converting cpumask to vpset (bsc#1107207). - X86/Hyper-V: Consolidate the allocation of the hypercall input page (bsc#1107207). - X86/Hyper-V: Enable IPI enlightenments (bsc#1107207). - X86/Hyper-V: Enhanced IPI enlightenment (bsc#1107207). - X86/Hyper-V: Enlighten APIC access (bsc#1107207). - acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125). - affs_lookup(): close a race with affs_remove_link() (bsc#1105355). - ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510). - aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes). - apparmor: Check buffer bounds when mapping permissions mask (git-fixes). - apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510). - apparmor: Fix regression in profile conflict logic (bsc#1106427) - apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510). - apparmor: ensure that undecidable profile attachments fail (bsc#1106427). - apparmor: fix an error code in __aa_create_ns() (bsc#1106427). - apparmor: fix mediation of prlimit (bsc#1051510). - apparmor: fix memory leak when deduping profile load (bsc#1051510). - apparmor: fix ptrace read check (bsc#1051510). - apparmor: remove no-op permission check in policy_unpack (bsc#1106427). - arm/asm/tlb.h: Fix build error implicit func declaration (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903). - arm64/kasan: do not allocate extra shadow memory (bsc#1106897). - arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898). - arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890). - arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010). - arm64: Make sure permission updates happen for pmd/pud (bsc#1106891). - arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902). - arm64: enable thunderx gpio driver - arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892). - arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900). - arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896). - arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894). - arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899). - arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906). - arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893). - arm64: move patches to sorted section - arm64: numa: rework ACPI NUMA initialization (bsc#1106905). - arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901). - asix: Check for supported Wake-on-LAN modes (bsc#1051510). - ata: Fix ZBC_OUT all bit handling (bsc#1051510). - ata: Fix ZBC_OUT command block check (bsc#1051510). - ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510). - ata: libahci: Correct setting of DEVSLP register (bsc#1051510). - ath10k: disable bundle mgmt tx completion event support (bsc#1051510). - ath10k: fix kernel panic issue during pci probe (bsc#1051510). - ath10k: fix scan crash due to incorrect length calculation (bsc#1051510). - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510). - ath10k: prevent active scans on potential unusable channels (bsc#1051510). - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510). - ath10k: update the phymode along with bandwidth change request (bsc#1051510). - ath9k: add MSI support (). - ath9k: report tx status on EOSP (bsc#1051510). - ath9k_hw: fix channel maximum power level test (bsc#1051510). - atm: Preserve value of skb->truesize when accounting to vcc (networking-stable-18_07_19). - atm: horizon: Fix irq release error (bsc#1105355). - atm: zatm: Fix potential Spectre v1 (networking-stable-18_07_19). - atm: zatm: fix memcmp casting (bsc#1105355). - audit: Fix extended comparison of GID/EGID (bsc#1051510). - audit: allow not equal op for audit by executable (bsc#1051510). - audit: fix use-after-free in audit_add_watch (bsc#1051510). - autofs: fix autofs_sbi() does not check super block type (git-fixes). - autofs: fix slab out of bounds read in getname_kernel() (git-fixes). - autofs: mount point create should honour passed in mode (git-fixes). - ax88179_178a: Check for supported Wake-on-LAN modes (bsc#1051510). - b43/leds: Ensure NUL-termination of LED name string (bsc#1051510). - b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510). - badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes). - batman-adv: Avoid probe ELP information leak (bsc#1051510). - batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510). - batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510). - batman-adv: Fix segfault when writing to throughput_override (bsc#1051510). - batman-adv: Prevent duplicated gateway_node entry (bsc#1051510). - batman-adv: Prevent duplicated global TT entry (bsc#1051510). - batman-adv: Prevent duplicated nc_node entry (bsc#1051510). - batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510). - batman-adv: Prevent duplicated tvlv handler (bsc#1051510). - batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510). - batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510). - bcache: avoid unncessary cache prefetch bch_btree_node_get(). - bcache: calculate the number of incremental GC nodes according to the total of btree nodes. - bcache: display rate debug parameters to 0 when writeback is not running. - bcache: do not check return value of debugfs_create_dir(). - bcache: finish incremental GC. - bcache: fix I/O significant decline while backend devices registering. - bcache: fix error setting writeback_rate through sysfs interface. - bcache: free heap cache_set->flush_btree in bch_journal_free. - bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section. - bcache: release dc->writeback_lock properly in bch_writeback_thread(). - bcache: set max writeback rate when I/O request is idle. - bcache: simplify the calculation of the total amount of flash dirty data. - bdi: Fix another oops in wb_workfn() (bsc#1112746). - bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746). - be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288). - be2net: remove unused old AIC info (bsc#1086288). - be2net: remove unused old custom busy-poll fields (bsc#1086288 ). - binfmt_elf: Respect error return from `regset->active' (bsc#1051510). - blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713). - blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989). - blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663). - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819). - block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708). - block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238). - block, dax: remove dead code in blkdev_writepages() (bsc#1104888). - block: Invalidate cache on discard v2 (bsc#1109992). - block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712). - block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663). - block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663). - block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834). - block: do not print a message when the device went away (bsc#1098459). - block: do not warn for flush on read-only device (bsc#1107756). - block: fix warning when I/O elevator is changed as request_queue is being removed (bsc#1109979). - block: pass inclusive 'lend' parameter to truncate_inode_pages_range (bsc#1109992). - block: properly protect the 'queue' kobj in blk_unregister_queue (bsc#1109979). - bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319). - bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319). - bnxt_en: Clean up unused functions (bsc#1086282). - bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282). - bnxt_en: Fix VF mac address regression (bsc#1086282 ). - bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244). - bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04). - bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647). - bpf/verifier: disallow pointer subtraction (bsc#1083647). - bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647). - bpf: fix uninitialized variable in bpf tools (bsc#1083647). - bpf: hash map: decrement counter on error (bsc#1083647). - bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096). - bpf: powerpc64: pad function address loads with NOPs (bsc#1083647). - bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647). - brcmfmac: stop watchdog before detach and free everything (bsc#1051510). - brcmsmac: fix wrap around in conversion from constant to s16 (bsc#1051510). - btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667). - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667). - btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105). - btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392). - btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105). - btrfs: Introduce mount time chunk dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912). - btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: Remove unused parameters from various functions (bsc#1110649). - btrfs: Round down values which are written for total_bytes_size (bsc#1043912). - btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: add a comp_refs() helper (dependency for bsc#1031392). - btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392). - btrfs: check-integrity: Fix NULL pointer dereference for degraded mount (bsc#1107947). - btrfs: cleanup extent locking sequence (dependency for bsc#1031392). - btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392). - btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392). - btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535). - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919). - btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915). - btrfs: log csums for all modified extents (bsc#1110639). - btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392). - btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392). - btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392). - btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392). - btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392). - btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392). - btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (dependency for bsc#1031392). - btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (dependency for bsc#1031392). - btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392). - btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependency for bsc#1031392). - btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392). - btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392). - btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392). - btrfs: qgroup: Return actually freed bytes for qgroup release or free data (dependency for bsc#1031392). - btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392). - btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392). - btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392). - btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392). - btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392). - btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392). - btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392). - btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392). - btrfs: round down size diff when shrinking/growing device (bsc#1097105). - btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (follow up for bsc#1108096). - btrfs: scrub: Do not use inode pages for device replace (follow up for bsc#1108096). - btrfs: switch args for comp_*_refs (dependency for bsc#1031392). - btrfs: tests/qgroup: Fix wrong tree backref level (bsc#1107928). - btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,). - cdc-acm: fix race between reset and control messaging (bsc#1051510). - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510). - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983). - ceph: fix incorrect use of strncpy (bsc#1107319). - ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320). - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510). - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510). - cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bsc#1051510). - cgroup: avoid copying strings longer than the buffers (bsc#1051510). - cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510). - cifs: Fix use after free of a mid_q_entry (bsc#1112903). - cifs: check kmalloc before use (bsc#1051510). - cifs: fix memory leak in SMB2_open() (bsc#1112894). - cifs: integer overflow in in SMB2_ioctl() (bsc#1051510). - cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510). - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510). - clk: core: Potentially free connection id (bsc#1051510). - clk: imx6ul: fix missing of_node_put() (bsc#1051510). - clk: meson: gxbb: remove HHI_GEN_CLK_CTNL duplicate definition (bsc#1051510). - clk: mvebu: armada-38x: add support for 1866MHz variants (bsc#1105355). - clk: mvebu: armada-38x: add support for missing clocks (bsc#1105355). - clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510). - clk: rockchip: fix clk_i2sout parent selection bits on rk3399 (bsc#1051510). - clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510). - clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510). - clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail (bsc#1051510). - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510). - clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510). - cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21). - coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510). - coresight: Handle errors in finding input/output ports (bsc#1051510). - coresight: tpiu: Fix disabling timeouts (bsc#1051510). - cpu/hotplug: Fix SMT supported evaluation (bsc#1110006). - cpufreq / CPPC: Set platform specific transition_delay_us (bsc#1101480). - cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bsc#1108841). - cpufreq: CPPC: Do not set transition_latency (bsc#1101480). - cpufreq: CPPC: Use transition_delay_us depending transition_latency (bsc#1101480). - cpufreq: remove setting of policy->cpu in policy->cpus during init (bsc#1101480). - crypto: ablkcipher - fix crash flushing dcache in error path (bsc#1051510). - crypto: blkcipher - fix crash flushing dcache in error path (bsc#1051510). - crypto: caam - fix implicit casts in endianness helpers (bsc#1051510). - crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510). - crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510). - crypto: caam/qi - fix error path in xts setkey (bsc#1051510). - crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510). - crypto: ccp - Check for NULL PSP pointer at module unload (bsc#1051510). - crypto: ccp - Fix command completion detection race (bsc#1051510). - crypto: ccp - add timeout support in the SEV command (bsc#1106838). - crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510). - crypto: clarify licensing of OpenSSL asm code (). - crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510). - crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510). - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510). - crypto: sharah - Unregister correct algorithms for SAHARA 3 (bsc#1051510). - crypto: skcipher - Fix -Wstringop-truncation warnings (bsc#1051510). - crypto: skcipher - fix aligning block size in skcipher_copy_iv() (bsc#1051510). - crypto: skcipher - fix crash flushing dcache in error path (bsc#1051510). - crypto: tcrypt - fix ghash-generic speed test (bsc#1051510). - crypto: vmac - require a block cipher with 128-bit block size (bsc#1051510). - crypto: vmac - separate tfm and request context (bsc#1051510). - crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510). - crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464). - crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() (bsc#1051510). - cxgb4: Fix the condition to check if the card is T5 (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584). - cxgb4: fix abort_req_rss6 struct (bsc#1046540). - cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ). - cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes). - cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes). - dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951). - dax: Introduce a ->copy_to_iter dax operation (bsc#1098782). - dax: Make extension of dax_operations transparent (bsc#1098782). - dax: Report bytes remaining in dax_iomap_actor() (bsc#1098782). - dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007). - dax: remove default copy_from_iter fallback (bsc#1098782). - dax: require 'struct page' by default for filesystem dax (bsc#1104888). - dax: store pfns in the radix (bsc#1104888). - dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17). - debugobjects: Make stack check warning more informative (bsc#1051510). - declance: Fix continuation with the adapter identification message (bsc#1051510). - device-dax: Add missing address_space_operations (bsc#1107783). - device-dax: Enable page_mapping() (bsc#1107783). - device-dax: Set page->index (bsc#1107783). - devicectree: bindings: fix location of leds common file (bsc#1051510). - dma-buf: remove redundant initialization of sg_table (bsc#1051510). - dmaengine: hsu: Support dmaengine_terminate_sync() (bsc#1051510). - dmaengine: idma64: Support dmaengine_terminate_sync() (bsc#1051510). - dmaengine: mv_xor_v2: kill the tasklets upon exit (bsc#1051510). - dmaengine: pl330: fix irq race with terminate_all (bsc#1051510). - do d_instantiate/unlock_new_inode combinations safely (git-fixes). - doc/README.SUSE: Remove mentions of cloneconfig (bsc#1103636). - driver core: add __printf verification to __ata_ehi_pushv_desc (bsc#1051510). - drivers/base: stop new probing during shutdown (bsc#1051510). - drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510). - drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510). - drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722) - drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510). - drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510). - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510). - drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110) - drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510). - drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510). - drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510). - drm/amdgpu: add new polaris pci id (bsc#1051510). - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110) - drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510). - drm/amdgpu: revert "fix deadlock of reservation between cs and gpu reset v2" (bsc#1051510). - drm/amdgpu: update tmr mc address (bsc#1100132). - drm/amdgpu:add new firmware id for VCN (bsc#1051510). - drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510). - drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510). - drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510). - drm/armada: fix colorkey mode property (bsc#1051510). - drm/armada: fix irq handling (bsc#1051510). - drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510). - drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510). - drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510). - drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510). - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510). - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510). - drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510). - drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510). - drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510). - drm/fb-helper: Fix typo on kerneldoc (bsc#1051510). - drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722) - drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722) - drm/i915/aml: Introducing Amber Lake platform (). - drm/i915/audio: Fix audio enumeration issue on BXT (). - drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722) - drm/i915/cfl: Add a new CFL PCI ID (). - drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510). - drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722) - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510). - drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510). - drm/i915/gvt: Off by one in intel_vgpu_write_fence() (bsc#1051510). - drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510). - drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510). - drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510). - drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" (bsc#1051510). - drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510). - drm/i915/whl: Introducing Whiskey Lake platform (). - drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132) - drm/i915: Increase LSPCON timeout (bsc#1051510). - drm/i915: Nuke the LVDS lid notifier (bsc#1051510). - drm/i915: Only show debug for state changes when banning (bsc#1051510). - drm/i915: Restore user forcewake domains across suspend (bsc#1100132). - drm/i915: Restore vblank interrupts earlier (bsc#1051510). - drm/i915: Unmask user interrupts writes into HWSP on snb/ivb/vlv/hsw (bsc#1051510). - drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510). - drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510). - drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510). - drm/mediatek: fix OF sibling-node lookup (bsc#1106110) - drm/modes: Introduce drm_mode_match() (). - drm/msm: fix OF child-node lookup (bsc#1106110) - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510). - drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510). - drm/nouveau/disp: fix DP disable race (bsc#1051510). - drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510). - drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510). - drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510). - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510). - drm/nouveau: Do not disable polling in fallback mode (bsc#1103356). - drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510). - drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510). - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510). - drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1051510). - drm/rockchip: lvds: add missing of_node_put (bsc#1051510). - drm/sti: do not remove the drm_bridge that was never added (bsc#1100132) - drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110) - drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510). - drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170). - drm/tegra: Fix comparison operator for buffer size (bsc#1100132). - drm/vc4: Fix the "no scaling" case on multi-planar YUV formats (bsc#1051510). - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722) - drm: Add DRM client cap for aspect-ratio (). - drm: Add and handle new aspect ratios in DRM layer (). - drm: Add aspect ratio parsing in DRM layer (). - drm: Expose modes with aspect ratio, only if requested (). - drm: Handle aspect ratio info in legacy modeset path (). - drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510). - drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510). - drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510). - dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510). - e1000: check on netif_running() before calling e1000_up() (bsc#1051510). - e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510). - eeprom: at24: change nvmem stride to 1 (bsc#1051510). - eeprom: at24: check at24_read/write arguments (bsc#1051510). - eeprom: at24: correctly set the size for at24mac402 (bsc#1051510). - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006). - enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207) - enable MLX5 in azure (bsc#1108260) - enic: do not call enic_change_mtu in enic_probe (bsc#1051510). - enic: handle mtu change for vf properly (bsc#1051510). - enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510). - errseq: Add to documentation tree (bsc#1107008). - errseq: Always report a writeback error once (bsc#1107008). - ethtool: Remove trailing semicolon for static inline (bsc#1051510). - ethtool: fix a privilege escalation bug (bsc#1076830). - evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510). - ext2, dax: introduce ext2_dax_aops (bsc#1104888). - ext2, dax: set ext2_dax_aops for dax files (bsc#1112554). - ext2: auto disable dax instead of failing mount (bsc#1104888). - ext4, dax: add ext4_bmap to ext4_dax_aops (bsc#1104888). - ext4, dax: introduce ext4_dax_aops (bsc#1104888). - ext4, dax: set ext4_dax_aops for dax files (bsc#1104888). - ext4: auto disable dax instead of failing mount (bsc#1104888). - ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736). - ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735). - ext4: check for NUL characters in extended attribute's name (bsc#1112732). - ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734). - ext4: do not mark mmp buffer head dirty (bsc#1112743). - ext4: fix online resize's handling of a too-small final block group (bsc#1112739). - ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740). - ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733). - ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738). - ext4: reset error code in ext4_find_entry in fallback (bsc#1112731). - ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741). - ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229). - extcon: Release locking when sending the notification of connector state (bsc#1051510). - f2fs: remove unneeded memory footprint accounting (bsc#1106233). - f2fs: remove unneeded memory footprint accounting (bsc#1106297). - f2fs: validate before set/clear free nat bitmap (bsc#1106231). - f2fs: validate before set/clear free nat bitmap (bsc#1106297). - fat: fix memory allocation failure handling of match_strdup() (bsc#1051510). - fb: fix lost console when the user unplugs a USB adapter (bsc#1051510). - fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510). - fbdev/via: fix defined but not used warning (bsc#1051510). - fbdev: Distinguish between interlaced and progressive modes (bsc#1051510). - fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510). - filesystem-dax: Introduce dax_lock_mapping_entry() (bsc#1107783). - filesystem-dax: Set page->index (bsc#1107783). - firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125). - firmware: raspberrypi: Register hwmon driver (bsc#1108468). - fix __legitimize_mnt()/mntput() race (bsc#1106297). - fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510). - fix mntput/mntput race (bsc#1106297). - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510). - fs, dax: prepare for dax-specific address_space_operations (bsc#1104888). - fs, dax: use page->mapping to warn if truncate collides with a busy page (bsc#1104888). - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510). - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes). - fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297). - fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745). - fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes). - fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes). - fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291). - fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510). - fuse: Fix oops at process_init_reply() (bsc#1106291). - fuse: fix double request_end() (bsc#1106291). - fuse: fix initial parallel dirops (bsc#1106291). - fuse: fix unlocked access to processing queue (bsc#1106291). - fuse: umount should wait for all requests (bsc#1106291). - gen_stats: Fix netlink stats dumping in the presence of padding (netfilter-stable-18_07_23). - genirq: Add handle_fasteoi_{level,edge}_irq flow handlers (bsc#1105378). - genirq: Export more irq_chip_*_parent() functions (bsc#1105378). - getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes). - getxattr: use correct xattr length (bsc#1106235). - getxattr: use correct xattr length (bsc#1106297). - gpio: Add gpio driver support for ThunderX and OCTEON-TX (bsc#1105378). - gpio: Fix crash due to registration race (bsc#1051510). - gpio: Fix wrong rounding in gpio-menz127 (bsc#1051510). - gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510). - gpio: mb86s70: Revert "Return error if requesting an already assigned gpio" (bsc#1051510). - gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510). - gpio: pxa: Fix potential NULL dereference (bsc#1051510). - gpio: tegra: Move driver registration to subsys_init level (bsc#1051510). - gpio: thunderx: fix error return code in thunderx_gpio_probe() (bsc#1105378). - gpio: thunderx: remove unused .map() hook from irq_domain_ops (bsc#1105378). - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510). - gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510). - gpiolib: Free the last requested descriptor (bsc#1051510). - gpiolib: Mark gpio_suffixes array with __maybe_unused (bsc#1051510). - gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510). - gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510). - gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes (bsc#1051510). - gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510). - hfs: prevent crash on exit from failed search (bsc#1051510). - hfsplus: do not return 0 when fill_super() failed (bsc#1051510). - hfsplus: stop workqueue when fill_super() failed (bsc#1051510). - hotplug/cpu: Add operation queuing function (). - hotplug/cpu: Conditionally acquire/release DRC index (). - hotplug/cpu: Provide CPU readd operation (). - hv: Synthetic typo correction (bsc#1107207). - hv: add SPDX license id to Kconfig (bsc#1107207). - hv: add SPDX license to trace (bsc#1107207). - hv: avoid crash in vmbus sysfs files (bsc#1108377). - hv_balloon: trace post_status (bsc#1107207). - hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207). - hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207). - hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207). - hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207). - hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207). - hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1107207). - hv_netvsc: Fix the return status in RX path (bsc#1107207). - hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207). - hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207). - hv_netvsc: add trace points (bsc#1107207). - hv_netvsc: fix bogus ifalias on network device (bsc#1107207). - hv_netvsc: fix network namespace issues with VF support (bsc#1107207). - hv_netvsc: fix schedule in RCU context (). - hv_netvsc: fix schedule in RCU context (bsc#1107207). - hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207). - hv_netvsc: ignore devices that are not PCI (bsc#1107207). - hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207). - hv_netvsc: pair VF based on serial number (bsc#1107207). - hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207). - hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207). - hv_netvsc: select needed ucs2_string routine (bsc#1107207). - hv_netvsc: simplify receive side calling arguments (bsc#1107207). - hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207). - hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207). - hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510). - hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510). - hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510). - hwmon: Add support for RPi voltage sensor (bsc#1108468). - hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468). - hwrng: core - document the quality field (bsc#1051510). - hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207). - hypfs_kill_super(): deal with failed allocations (bsc#1051510). - i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510). - i2c: davinci: Avoid zero value of CLKH (bsc#1051510). - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510). - i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510). - i2c: i801: Add support for Intel Cedar Fork (bsc#1051510). - i2c: i801: Add support for Intel Ice Lake (bsc#1051510). - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bsc#1051510). - i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510). - i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510). - i2c: imx: Fix race condition in dma read (bsc#1051510). - i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510). - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510). - i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510). - i2c: xiic: Make the start and the byte count write atomic (bsc#1051510). - i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907). - i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907). - i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907). - i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522). - ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ). - ibmvnic: Include missing return code checks in reset function (bsc#1107966). - ieee802154: ca8210: fix uninitialised data read (bsc#1051510). - ieee802154: fix gcc-4.9 warnings (bsc#1051510). - ieee802154: mrf24j40: fix incorrect mask in mrf24j40_stop (bsc#1051510). - iio: 104-quad-8: Fix off-by-one error in register selection (bsc#1051510). - iio: ad9523: Fix displayed phase (bsc#1051510). - iio: ad9523: Fix return value for ad952x_store() (bsc#1051510). - iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510). - iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510). - iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510). - iio: adc: ina2xx: avoid kthread_stop() with stale task_struct (bsc#1051510). - iio: adc: sun4i-gpadc: select REGMAP_IRQ (bsc#1051510). - iio: sca3000: Fix an error handling path in 'sca3000_probe()' (bsc#1051510). - iio: sca3000: Fix missing return in switch (bsc#1051510). - ima: based on policy verify firmware signatures (pre-allocated buffer) (bsc#1051510). - include/rdma/opa_addr.h: Fix an endianness issue (bsc#1046306 ). - input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510). - intel_th: Fix device removal logic (bsc#1051510). - intel_th: pci: Add Ice Lake PCH support (bsc#1051510). - iommu/amd: Add support for IOMMU XT mode (). - iommu/amd: Add support for higher 64-bit IOMMU Control Register (). - iommu/amd: Clear memory encryption mask from physical address (bsc#1106105). - iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105). - iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105). - iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105). - iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237). - iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237). - iommu/vt-d: Add definitions for PFSID (bsc#1106237). - iommu/vt-d: Fix a potential memory leak (bsc#1106105). - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237). - iommu/vt-d: Fix scatterlist offset handling (bsc#1106237). - iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105). - ioremap: Update pgtable free interfaces with addr (bsc#1110006). - ip: hash fragments consistently (netfilter-stable-18_07_27). - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (netfilter-stable-18_07_27). - ipc/shm: fix shmat() nil address after round-down when remapping (bsc#1090078). - ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes). - ipmi: Fix some counter issues (bsc#1105907). - ipmi: Move BT capabilities detection to the detect call (bsc#1106779). - ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907). - ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510). - ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308). - ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (netfilter-stable-18_07_23). - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes). - ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01). - ipv6: fix useless rol32 call on hash (netfilter-stable-18_07_23). - ipv6: ila: select CONFIG_DST_CACHE (netfilter-stable-18_07_23). - ipv6: make DAD fail with enhanced DAD when nonce length differs (netfilter-stable-18_07_23). - ipv6: sr: fix passing wrong flags to crypto_alloc_shash() (networking-stable-18_07_19). - ipvlan: fix IFLA_MTU ignored on NEWLINK (networking-stable-18_07_19). - irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510). - irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510). - irqdomain: Add irq_domain_{push,pop}_irq() functions (bsc#1105378). - irqdomain: Check for NULL function pointer in irq_domain_free_irqs_hierarchy() (bsc#1105378). - irqdomain: Factor out code to add and remove items to and from the revmap (bsc#1105378). - irqdomain: Prevent potential NULL pointer dereference in irq_domain_push_irq() (bsc#1105378). - irqdomain: Update the comments of fwnode field of irq_domain structure (bsc#1051510). - isdn: Disable IIOCDBGVAR (bsc#1051510). - iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543). - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510). - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510). - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510). - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510). - iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510). - iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510). - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510). - iwlwifi: pcie: do not access periphery registers when not available (bsc#1051510). - iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510). - ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557). - ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557). - jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257). - kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240). - kABI: protect eswitch.h include (kabi). - kABI: protect struct nf_conn (kabi). - kABI: protect struct vsock_sock (kabi). - kABI: reexport tcp_send_ack (kabi). - kABI: reexport vsock_pending_work (kabi). - kabi fix for check_disk_size_change() (bsc#1098459). - kabi protect enum mem_type (bsc#1099125). - kabi protect hnae_ae_ops (bsc#1107924). - kabi protect struct kvm_sync_regs (bsc#1106948). - kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748). - kabi/severities: add qeth inter-module symbols to ignore list. - kabi/severities: ignore __xive_vm_h_* KVM internal symbols. - kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI. - kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421). - kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536). - kernfs: update comment about kernfs_path() return value (bsc#1051510). - kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006). - kprobes/x86: Fix %p uses in error messages (bsc#1110006). - kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006). - kprobes/x86: Release insn_slot in failure path (bsc#1110006). - ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806). - kvm, mm: account shadow page tables to kmemcg (bsc#1110006). - kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506). - kvm: Make VM ioctl do valloc for some archs (bsc#1111506). - kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010). - kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105). - kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240). - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240). - kvm: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207). - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006). - kvm: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207). - kvm: x86: hyperv: guest->host event signaling via eventfd (bsc#1107207). - kvm: x86: vmx: fix vpid leak (bsc#1106240). - kvmclock: fix TSC calibration for nested guests (bsc#1110006). - l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17). - lan78xx: Check for supported Wake-on-LAN modes (bsc#1051510). - lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262). - lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262). - lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262). - leds: max8997: use mode when calling max8997_led_set_mode (bsc#1051510). - lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006). - lib/iov_iter: Fix pipe handling in _copy_to_iter_mcsafe() (bsc#1098782). - lib/rhashtable: consider param->min_size when setting initial table size (bsc#1051510). - lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510). - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510). - lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510). - lib/vsprintf: Remove atomic-unsafe support for %pCr (bsc#1051510). - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510). - libata: Fix command retry decision (bsc#1051510). - libata: Fix compile warning with ATA_DEBUG enabled (bsc#1051510). - libbpf: Makefile set specified permission mode (bsc#1083647). - libceph: check authorizer reply/challenge length before reading (bsc#1096748). - libceph: factor out __ceph_x_decrypt() (bsc#1096748). - libceph: factor out __prepare_write_connect() (bsc#1096748). - libceph: factor out encrypt_authorizer() (bsc#1096748). - libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748). - libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748). - libertas: call into generic suspend code before turning off power (bsc#1051510). - libertas: fix suspend and resume for SDIO connected cards (bsc#1051510). - libnvdimm, btt: fix uninitialized err_lock (bsc#1103961). - libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972). - libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972). - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972). - libnvdimm, nfit: enable support for volatile ranges (bsc#1103961). - libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961). - libnvdimm, pmem: Fix memcpy_mcsafe() return code handling in nsio_rw_bytes() (bsc#1098782). - libnvdimm, pmem: Restore page attributes when clearing errors (bsc#1107783). - libnvdimm: Use max contiguous area for namespace size (git-fixes). - libnvdimm: fix ars_status output length calculation (bsc#1104890). - libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961). - liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126). - liquidio: fix kernel panic in VF driver (bsc#1067126). - livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995). - livepatch: Validate module/old func name length (bsc#1071995). - livepatch: create and include UAPI headers (). - llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17). - lockd: fix "list_add double add" caused by legacy signal interface (git-fixes). - loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711). - loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710). - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284). - mac80211: Fix station bandwidth setting after channel switch (bsc#1051510). - mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510). - mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510). - mac80211: always account for A-MSDU header changes (bsc#1051510). - mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510). - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510). - mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510). - mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510). - mac80211: fix a race between restart and CSA flows (bsc#1051510). - mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510). - mac80211: fix pending queue hang due to TX_DROP (bsc#1051510). - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510). - mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510). - mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510). - mac80211: restrict delayed tailroom needed decrement (bsc#1051510). - mac80211: shorten the IBSS debug messages (bsc#1051510). - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510). - mac80211_hwsim: require at least one channel (bsc#1051510). - mach64: detect the dot clock divider correctly on sparc (bsc#1051510). - macros.kernel-source: pass -b properly in kernel module package (bsc#1107870). - mailbox: xgene-slimpro: Fix potential NULL pointer dereference (bsc#1051510). - make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes). - md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333). - md-cluster: do not send msg if array is closing (bsc#1106333). - md-cluster: release RESYNC lock after the last resync message (bsc#1106688). - md-cluster: show array's status more accurate (bsc#1106333). - md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes). - md/raid1: add error handling of read error from FailFast device (git-fixes). - md/raid5-cache: disable reshape completely (git-fixes). - md/raid5: fix data corruption of replacements after originals dropped (git-fixes). - md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes). - media: Revert "[media] tvp5150: fix pad format frame height" (bsc#1051510). - media: af9035: prevent buffer overflow on write (bsc#1051510). - media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510). - media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510). - media: dvb: fix compat ioctl translation (bsc#1051510). - media: em28xx: fix input name for Terratec AV 350 (bsc#1051510). - media: em28xx: use a default format if TRY_FMT fails (bsc#1051510). - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bsc#1051510). - media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510). - media: helene: fix xtal frequency setting at power on (bsc#1051510). - media: mem2mem: Remove excessive try_run call (bsc#1051510). - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bsc#1051510). - media: pci: cx23885: handle adding to list failure (bsc#1051510). - media: rtl28xxu: be sure that it won't go past the array size (bsc#1051510). - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510). - media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510). - media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510). - media: tm6000: add error handling for dvb_register_adapter (bsc#1051510). - media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510). - media: tvp5150: fix switch exit in set control handler (bsc#1051510). - media: tvp5150: fix width alignment during set_selection() (bsc#1051510). - media: tw686x: Fix oops on buffer alloc failure (bsc#1051510). - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510). - media: v4l2-mem2mem: Fix missing v4l2_m2m_try_run call (bsc#1051510). - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510). - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510). - media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510). - media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510). - mei: bus: type promotion bug in mei_nfc_if_version() (bsc#1051510). - mei: do not update offset in write (bsc#1051510). - mei: ignore not found client in the enumeration (bsc#1051510). - mei: me: enable asynchronous probing (). - memcg, thp: do not invoke oom killer on thp charges (bsc#1089663). - memory: tegra: Apply interrupts mask per SoC (bsc#1051510). - memory: tegra: Do not handle spurious interrupts (bsc#1051510). - merge hyperv part of f5caf621 - mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510). - mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510). - mfd: arizona: Do not use regmap_read_poll_timeout (bsc#1051510). - mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510). - mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510). - mfd: sm501: Set coherent_dma_mask when creating subdevices (bsc#1051510). - mfd: ti_am335x_tscadc: Fix struct clk memory leak (bsc#1051510). - mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17). - mm, dax: introduce pfn_t_special() (bsc#1104888). - mm, madvise_inject_error: Disable MADV_SOFT_OFFLINE for ZONE_DEVICE pages (bsc#1107783). - mm, madvise_inject_error: Let memory_failure() optionally take a page reference (bsc#1107783). - mm, memory_failure: Collect mapping size in collect_procs() (bsc#1107783). - mm, memory_failure: Teach memory_failure() about dev_pagemap pages (bsc#1107783). - mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bsc#1101669 optimise numa balancing for fast migrate). - mm, numa: Remove rate-limiting of automatic numa balancing migration (bsc#1101669 optimise numa balancing for fast migrate). - mm, numa: Remove rate-limiting of automatic numa balancing migration kabi (bsc#1101669 optimise numa balancing for fast migrate). - mm, page_alloc: double zone's batchsize (bsc#971975 VM performance -- page allocator). - mm/huge_memory.c: fix data loss when splitting a file pmd (bsc#1107074). - mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bsc#1106697). - mm/migrate: Use spin_trylock() while resetting rate limit (). - mm/vmalloc: add interfaces to free unmapped page table (bsc#1110006). - mm/vmscan: wake up flushers for legacy cgroups too (bsc#1107061). - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907). - mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028). - mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841). - mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800). - mm: memcg: fix use after free in mem_cgroup_iter() (bsc#1107065). - mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510). - mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510). - mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips (bsc#1051510). - mmc: sdhci: do not try to use 3.3V signaling if not supported (bsc#1051510). - mmc: tegra: prevent HS200 on Tegra 3 (bsc#1051510). - modpost: ignore livepatch unresolved relocations (). - module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995). - move a hyperv related patch to correct place in series.conf - move changes without Git-commit out of sorted section - mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510). - net/9p/client.c: version pointer uninitialized (bsc#1051510). - net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510). - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510). - net/9p: Switch to wait_event_killable() (bsc#1051510). - net/9p: fix error path of p9_virtio_probe (bsc#1051510). - net/ipv4: Set oif in fib_compute_spec_dst (netfilter-stable-18_07_23). - net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager (networking-stable-18_07_19). - net/mlx5e: Avoid dealing with vport representors if not being e-switch manager (networking-stable-18_07_19). - net/packet: fix use-after-free (networking-stable-18_07_19). - net: add support for Cavium PTP coprocessor (bsc#1110096). - net: bcmgenet: Fix sparse warnings in bcmgenet_put_tx_csum() (bsc#1051510). - net: bcmgenet: Fix unmapping of fragments in bcmgenet_xmit() (bsc#1051510). - net: bcmgenet: correct bad merge (bsc#1051510). - net: bcmgenet: enable loopback during UniMAC sw_reset (bsc#1051510). - net: bcmgenet: prevent duplicate calls of bcmgenet_dma_teardown (bsc#1051510). - net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096). - net: cavium: use module_pci_driver to simplify the code (bsc#1110096). - net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (networking-stable-18_07_19). - net: dccp: switch rx_tstamp_last_feedback to monotonic clock (networking-stable-18_07_19). - net: diag: Do not double-free TCP_NEW_SYN_RECV sockets in tcp_abort (netfilter-stable-18_07_23). - net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04). - net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093). - net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01). - net: ena: fix device destruction to gracefully free resources (bsc#1108093). - net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093). - net: ena: fix incorrect usage of memory barriers (bsc#1108093). - net: ena: fix missing calls to READ_ONCE (bsc#1108093). - net: ena: fix missing lock during device destruction (bsc#1108093). - net: ena: fix potential double ena_destroy_device() (bsc#1108093). - net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093). - net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21). - net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01). - net: fix use-after-free in GRO with ESP (networking-stable-18_07_19). - net: hns3: Fix MSIX allocation issue for VF (bsc#1104353 ). - net: hns3: Fix comments for hclge_get_ring_chain_from_mbx (bsc#1104353). - net: hns3: Fix desc num set to default when setting channel (bsc#1104353). - net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero (bsc#1104353). - net: hns3: Fix for information of phydev lost problem when down/up (bsc#1104353). - net: hns3: Fix for l4 checksum offload bug (bsc#1104353 ). - net: hns3: Fix for mac pause not disable in pfc mode (bsc#1104353). - net: hns3: Fix for mailbox message truncated problem (bsc#1104353). - net: hns3: Fix for phy link issue when using marvell phy driver (bsc#1104353). - net: hns3: Fix for reset_level default assignment probelm (bsc#1104353). - net: hns3: Fix for using wrong mask and shift in hclge_get_ring_chain_from_mbx (bsc#1104353). - net: hns3: Fix for waterline not setting correctly (bsc#1104353). - net: hns3: Fix get_vector ops in hclgevf_main module (bsc#1104353). - net: hns3: Fix return value error in hns3_reset_notify_down_enet (bsc#1104353). - net: hns3: Fix warning bug when doing lp selftest (bsc#1104353 ). - net: hns3: Prevent sending command during global or core reset (bsc#1104353). - net: hns3: Standardize the handle of return value (bsc#1104353 ). - net: hns3: add unlikely for error check (bsc#1104353 ). - net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353). - net: hns3: fix return value error while hclge_cmd_csq_clean failed (bsc#1104353). - net: hns3: modify hnae_ to hnae3_ (bsc#1104353). - net: hns3: remove some redundant assignments (bsc#1104353 ). - net: hns3: remove unnecessary ring configuration operation while resetting (bsc#1104353). - net: hns3: simplify hclge_cmd_csq_clean (bsc#1104353 ). - net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924). - net: hns: add the code for cleaning pkt in chip (bsc#1107924). - net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01). - net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21). - net: mvneta: fix the Rx desc DMA address in the Rx path (networking-stable-18_07_19). - net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv (netfilter-stable-18_07_27). - net: phy: fix flag masking in __set_phy_supported (netfilter-stable-18_07_23). - net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes). - net: skb_segment() should not return NULL (netfilter-stable-18_07_27). - net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04). - net: stmmac: mark PM functions as __maybe_unused (git-fixes). - net: sungem: fix rx checksum support (networking-stable-18_07_19). - net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite (netfilter-stable-18_07_23). - net: thunder: change q_len's type to handle max ring size (bsc#1110096). - net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096). - net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096). - net: thunderx: add XCAST messages handlers for PF (bsc#1110096). - net: thunderx: add multicast filter management support (bsc#1110096). - net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096). - net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096). - net: thunderx: add timestamping support (bsc#1110096). - net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096). - net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096). - net: thunderx: fix double free error (bsc#1110096). - net: thunderx: move filter register related macro into proper place (bsc#1110096). - net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096). - net: thunderx: remove a couple of redundant assignments (bsc#1110096). - net: thunderx: rework mac addresses list to u64 array (bsc#1110096). - net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17). - net_sched: blackhole: tell upper qdisc about dropped packets (networking-stable-18_07_19). - netfilter: do not set F_IFACE on ipv6 fib lookups (netfilter-stable-18_06_25). - netfilter: ip6t_rpfilter: provide input interface for route lookup (netfilter-stable-18_06_25). - netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes). - netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable" (netfilter-stable-17_11_16). - netfilter: nf_tables: add missing netlink attrs to policies (netfilter-stable-18_06_27). - netfilter: nf_tables: do not assume chain stats are set when jumplabel is set (netfilter-stable-18_06_27). - netfilter: nf_tables: fix memory leak on error exit return (netfilter-stable-18_06_27). - netfilter: nf_tables: nft_compat: fix refcount leak on xt module (netfilter-stable-18_06_27). - netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (netfilter-stable-18_06_25). - netfilter: nft_compat: fix handling of large matchinfo size (netfilter-stable-18_06_27). - netfilter: nft_compat: prepare for indirect info storage (netfilter-stable-18_06_27). - netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval (netfilter-stable-18_06_27). - netlink: Do not shift on 64 for ngroups (git-fixes). - netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01). - netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01). - netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04). - nfs/filelayout: fix oops when freeing filelayout segment (bsc#1105190). - nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes). - nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes). - nfsd: remove blocked locks on client teardown (git-fixes). - nl80211: Add a missing break in parse_station_flags (bsc#1051510). - nl80211: check nla_parse_nested() return values (bsc#1051510). - nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972). - nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972). - nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685). - nvme: register ns_id attributes as default sysfs groups (bsc#1105247). - nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189). - objtool, kprobes/x86: Sync the latest asm/insn.h header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006). - of: add helper to lookup compatible child node (bsc#1106110) - orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510). - orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510). - orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510). - orangefs_kill_sb(): deal with allocation failures (bsc#1051510). - ovl: Sync upper dirty data when syncing overlayfs (git-fixes). - ovl: fix format of setxattr debug (git-fixes). - parport: sunbpp: fix error return code (bsc#1051510). - partitions/aix: append null character to print data from disk (bsc#1051510). - partitions/aix: fix usage of uninitialized lv_info and lvname structures (bsc#1051510). - perf/x86/amd/ibs: Do not access non-started event (bsc#1110006). - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006). - perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006). - perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006). - perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006). - perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006). - perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006). - perf/x86/intel: Fix event update for auto-reload (bsc#1110006). - perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006). - perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006). - perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006). - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006). - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006). - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006). - pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510). - pinctrl: cannonlake: Fix HOSTSW_OWN register offset of H variant (bsc#1051510). - pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297). - pipe: match pipe_max_size data type with procfs (git-fixes). - platform/x86: alienware-wmi: Correct a memory leak (bsc#1051510). - platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510). - platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1051510). - platform/x86: toshiba_acpi: Fix defined but not used build warnings (bsc#1051510). - pmem: Switch to copy_to_iter_mcsafe() (bsc#1098782). - pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes). - power: gemini-poweroff: Avoid more spurious poweroffs (bsc#1051510). - power: generic-adc-battery: check for duplicate properties copied from iio channels (bsc#1051510). - power: generic-adc-battery: fix out-of-bounds write when copying channel properties (bsc#1051510). - power: remove possible deadlock when unregistering power_supply (bsc#1051510). - power: supply: axp288_charger: Fix initial constant_charge_current value (bsc#1051510). - power: supply: max77693_charger: fix unintentional fall-through (bsc#1051510). - power: vexpress: fix corruption in notifier registration (bsc#1051510). - powernv/pseries: consolidate code for mce early handling (bsc#1094244). - powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes). - powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117). - powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244). - powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244). - powerpc/fadump: cleanup crash memory ranges support (bsc#1103269). - powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823). - powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158). - powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729). - powerpc/kvm/booke: Fix altivec related build break (bsc#1061840). - powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840). - powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729). - powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244). - powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800). - powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840). - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784). - powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363). - powerpc/perf: Fix IMC allocation routine (bsc#1054914). - powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914). - powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914). - powerpc/pkeys: Fix reading of ibm, processor-storage-keys property (bsc#1109244). - powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120). - powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840). - powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840). - powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840). - powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range (bsc#1055120). - powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840). - powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840). - powerpc/powernv: Rework TCE level allocation (bsc#1061840). - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158). - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158). - powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244). - powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244). - powerpc/pseries: Define MCE error event section (bsc#1094244). - powerpc/pseries: Disable CPU hotplug across migrations (bsc#1065729). - powerpc/pseries: Display machine check error details (bsc#1094244). - powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Fix "OF: ERROR: Bad of_node_put() on /cpus" during DLPAR (bsc#1113295). - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes). - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes). - powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158). - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244). - powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244). - powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337). - powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337). - powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes). - powerpc/rtas: Fix a potential race between CPU-Offline Migration (bsc#1111870). - powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333). - powerpc/tm: Fix userspace r13 corruption (bsc#1109333). - powerpc/topology: Get topology for shared processors at boot (bsc#1104683). - powerpc/xive: Fix trying to "push" an already active pool VP (bsc#1085030, git-fixes). - powerpc/xive: Move definition of ESB bits (bsc#1061840). - powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840). - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes). - powerpc: Avoid code patching freed init sections (bsc#1107735). - powerpc: Fix size calculation using resource_size() (bsc#1012382). - powerpc: KABI add aux_ptr to hole in paca_struct to extend it with additional members (bsc#1094244). - powerpc: KABI: move mce_data_buf into paca_aux (bsc#1094244). - powerpc: make feature-fixup tests fortify-safe (bsc#1065729). - powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295). - ppp: Destroy the mutex when cleanup (bsc#1051510). - ppp: fix __percpu annotation (bsc#1051510). - printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208). - printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170). - proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf: - pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510). - ptp: fix missing break in switch (bsc#1105355). - ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE (bsc#1105355). - ptr_ring: fix up after recent ptr_ring changes (bsc#1105355). - ptr_ring: prevent integer overflow when calculating size (bsc#1105355). - ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006). - pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510). - qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217). - qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536). - qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536). - qed: Fix populating the invalid stag value in multi function mode (bsc#1050536). - qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561). - qed: Prevent a possible deadlock during driver load and unload (bsc#1050536). - qed: Wait for MCP halt and resume commands to take place (bsc#1050536). - qed: Wait for ready indication before rereading the shmem (bsc#1050536). - qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540). - qlge: Fix netdev features configuration (bsc#1098822). - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510). - qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510). - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510). - r8152: Check for supported Wake-on-LAN Modes (bsc#1051510). - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510). - r8169: add support for NCube 8168 network card (bsc#1051510). - race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes). - random: add new ioctl RNDRESEEDCRNG (bsc#1051510). - random: fix possible sleeping allocation from irq context (bsc#1051510). - random: mix rdrand with entropy sent in from userspace (bsc#1051510). - random: rate limit unseeded randomness warnings (git-fixes). - random: set up the NUMA crng instances after the CRNG is fully initialized (bsc#1051510). - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760). - rculist: add list_for_each_entry_from_rcu() (bsc#1084760). - readahead: stricter check for bdi io_pages (VM Functionality, git fixes). - regulator: fix crash caused by null driver data (bsc#1051510). - reiserfs: add check to detect corrupted directory entry (bsc#1109818). - reiserfs: do not panic on bad directory entries (bsc#1109818). - reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236). - rename a hv patch to reduce conflicts in -AZURE - rename/renumber hv patches to simplify upcoming upstream merges Good Bye automerge. Hello Conflicts. - rename/renumber hv patches to simplify upcoming upstream merges No code changes. - reorder a qedi patch to allow further work in this branch - resort series.conf - resource: Include resource end in walk_*() interfaces (bsc#1114279). - rhashtable: add schedule points (bsc#1051510). - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bsc#1051510). - root dentries need RCU-delayed freeing (bsc#1106297). - rpc_pipefs: fix double-dput() (bsc#1051510). - rpm/kernel-binary.spec.in: fix call of split-modules split-modules is called with some parameters depending on config options. But since we do not use backslash consistelny, the call to split-modules might be evaluated so that also the following cat command is appended. Avoid this behaviour by using backslashes everywhere and add %nil to the end. This perhaps never happens, but stay on the safe side. - rpm/mkspec: build dtbs for architectures marked -!needs_updating - rpm/mkspec: fix ppc64 kernel-source build. - rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes). - rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510). - rtc: bq4802: add error handling for devm_ioremap (bsc#1051510). - rtnetlink: add rtnl_link_state check in rtnl_configure_link (netfilter-stable-18_07_27). - rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04). - s390/crypto: Fix return code checking in cbc_paes_crypt() (bsc#1108323, LTC#171709). - s390/entry.S: use assembler alternatives (bsc#1103421). - s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421). - s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421). - s390/mm: fix race on mm->context.flush_mm (bsc#1103421). - s390/pci: fix out of bounds access during irq setup (bsc#1108323, LTC#171068). - s390/qdio: reset old sbal_state flags (LTC#171525, bsc#1106948). - s390/qeth: consistently re-enable device features (bsc#1104482, LTC#170340). - s390/qeth: do not clobber buffer on async TX completion (bsc#1104482, LTC#170340). - s390/qeth: rely on kernel for feature recovery (bsc#1104482, LTC#170340). - s390/qeth: use vzalloc for QUERY OAT buffer (LTC#171527, bsc#1106948). - s390/runtime instrumentation: simplify task exit handling (bsc#1103421). - s390: Prevent hotplug rwsem recursion (bsc#1105731). - s390: always save and restore all registers on context switch (bsc#1103421). - s390: detect etoken facility (bsc#1103421). - s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421). - s390: fix compat system call table (bsc#1103421). - s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421). - s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421). - samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647). - sched/fair: Fix bandwidth timer clock drift condition (Git-fixes). - sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes). - sched/isolcpus: Fix "isolcpus=" boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207). - sched/numa: Avoid task migration for small NUMA improvement (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Evaluate move once per node (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Limit the conditions where scan period is reset (). - sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Pass destination CPU as a parameter to migrate_task_rq kabi (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Remove numa_has_capacity() (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Remove unused task_capacity from 'struct numa_stats' (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Reset scan rate whenever task moves across nodes (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Stop multiple tasks from moving to the CPU at the same time (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: Stop multiple tasks from moving to the CPU at the same time kabi (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: remove unused code from update_numa_stats() (bsc#1101669 optimise numa balancing for fast migrate). - sched/numa: remove unused nr_running field (bsc#1101669 optimise numa balancing for fast migrate). - scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git. - scripts/git_sort/git_sort.py: add libnvdimm-for-next branch - scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue - scripts: modpost: check memory allocation results (bsc#1051510). - scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246). - scsi: cxlflash: Abstract hardware dependent assignments (). - scsi: cxlflash: Acquire semaphore before invoking ioctl services (). - scsi: cxlflash: Adapter context init can return error (). - scsi: cxlflash: Adapter context support for OCXL (). - scsi: cxlflash: Add argument identifier names (). - scsi: cxlflash: Add include guards to backend.h (). - scsi: cxlflash: Avoid clobbering context control register value (). - scsi: cxlflash: Enable OCXL operations (). - scsi: cxlflash: Explicitly cache number of interrupts per context (). - scsi: cxlflash: Handle spurious interrupts (). - scsi: cxlflash: Hardware AFU for OCXL (). - scsi: cxlflash: Introduce OCXL backend (). - scsi: cxlflash: Introduce OCXL context state machine (). - scsi: cxlflash: Introduce object handle fop (). - scsi: cxlflash: Isolate external module dependencies (). - scsi: cxlflash: Limit the debug logs in the IO path (). - scsi: cxlflash: MMIO map the AFU (). - scsi: cxlflash: Preserve number of interrupts for master contexts (). - scsi: cxlflash: Read host AFU configuration (). - scsi: cxlflash: Read host function configuration (). - scsi: cxlflash: Register for translation errors (). - scsi: cxlflash: Remove commmands from pending list on timeout (). - scsi: cxlflash: Remove embedded CXL work structures (). - scsi: cxlflash: Setup AFU PASID (). - scsi: cxlflash: Setup AFU acTag range (). - scsi: cxlflash: Setup LISNs for master contexts (). - scsi: cxlflash: Setup LISNs for user contexts (). - scsi: cxlflash: Setup OCXL transaction layer (). - scsi: cxlflash: Setup function OCXL link (). - scsi: cxlflash: Setup function acTag range (). - scsi: cxlflash: Staging to support future accelerators (). - scsi: cxlflash: Support AFU interrupt management (). - scsi: cxlflash: Support AFU interrupt mapping and registration (). - scsi: cxlflash: Support AFU reset (). - scsi: cxlflash: Support AFU state toggling (). - scsi: cxlflash: Support adapter context discovery (). - scsi: cxlflash: Support adapter context mmap and release (). - scsi: cxlflash: Support adapter context polling (). - scsi: cxlflash: Support adapter context reading (). - scsi: cxlflash: Support adapter file descriptors for OCXL (). - scsi: cxlflash: Support file descriptor mapping (). - scsi: cxlflash: Support image reload policy modification (). - scsi: cxlflash: Support process element lifecycle (). - scsi: cxlflash: Support process specific mappings (). - scsi: cxlflash: Support reading adapter VPD data (). - scsi: cxlflash: Support starting an adapter context (). - scsi: cxlflash: Support starting user contexts (). - scsi: cxlflash: Synchronize reset and remove ops (). - scsi: cxlflash: Use IDR to manage adapter contexts (). - scsi: cxlflash: Use local mutex for AFU serialization (). - scsi: cxlflash: Yield to active send threads (). - scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989). - scsi: hisi_sas: Add SATA FIS check for v3 hw (). - scsi: hisi_sas: Add a flag to filter PHY events during reset (). - scsi: hisi_sas: Add missing PHY spinlock init (). - scsi: hisi_sas: Adjust task reject period during host reset (). - scsi: hisi_sas: Drop hisi_sas_slot_abort() (). - scsi: hisi_sas: Fix the conflict between dev gone and host reset (). - scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout (). - scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw (). - scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw() (). - scsi: hisi_sas: Pre-allocate slot DMA buffers (). - scsi: hisi_sas: Release all remaining resources in clear nexus ha (). - scsi: hisi_sas: Tidy hisi_sas_task_prep() (). - scsi: hisi_sas: Use dmam_alloc_coherent() (). - scsi: hisi_sas: add memory barrier in task delivery function (). - scsi: hisi_sas: relocate some common code for v3 hw (). - scsi: hisi_sas: tidy channel interrupt handler for v3 hw (). - scsi: hisi_sas: tidy host controller reset function a bit (). - scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346). - scsi: ipr: Eliminate duplicate barriers (). - scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336). - scsi: ipr: Use dma_pool_zalloc() (). - scsi: ipr: fix incorrect indentation of assignment statement (). - scsi: libfc: Add lockdep annotations (bsc#1077989). - scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731). - scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989). - scsi: libfc: fixup lockdep annotations (bsc#1077989). - scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989). - scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731). - scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636). - scsi: mpt3sas: Fix calltrace observed while running IO reset (bsc#1077989). - scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207). - scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538). - scsi: qedi: Initialize the stats mutex lock (bsc#1110538). - scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870). - scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870). - scsi: qla2xxx: Add longer window for chip reset (bsc#1086327,). - scsi: qla2xxx: Add mode control for each physical port (bsc#1108870). - scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870). - scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870). - scsi: qla2xxx: Check for Register disconnect (bsc#1108870). - scsi: qla2xxx: Cleanup for N2N code (bsc#1086327,). - scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870). - scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870). - scsi: qla2xxx: Fix ISP recovery on unload (bsc#1086327,). - scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1086327,). - scsi: qla2xxx: Fix N2N link re-connect (bsc#1086327,). - scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870). - scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870). - scsi: qla2xxx: Fix Remote port registration (bsc#1108870). - scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870). - scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870). - scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870). - scsi: qla2xxx: Fix dropped srb resource (bsc#1108870). - scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870). - scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870). - scsi: qla2xxx: Fix early srb free on abort (bsc#1108870). - scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870). - scsi: qla2xxx: Fix iIDMA error (bsc#1108870). - scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870). - scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1086327,). - scsi: qla2xxx: Fix login retry count (bsc#1086327,). - scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830). - scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870). - scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870). - scsi: qla2xxx: Fix premature command free (bsc#1108870). - scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870). - scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1086327,). - scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870). - scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870). - scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870). - scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1086327,). - scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1086327,). - scsi: qla2xxx: Fix stalled relogin (bsc#1086327,). - scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870). - scsi: qla2xxx: Fix unintended Logout (bsc#1086327,). - scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1086327,). - scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870). - scsi: qla2xxx: Increase abort timeout value (bsc#1108870). - scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1086327,). - scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870). - scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870). - scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870). - scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870). - scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1086327,). - scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870). - scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870). - scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870). - scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870). - scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870). - scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870). - scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870). - scsi: qla2xxx: Return switch command on a timeout (bsc#1108870). - scsi: qla2xxx: Save frame payload size from ICB (bsc#1086327,). - scsi: qla2xxx: Serialize mailbox request (bsc#1108870). - scsi: qla2xxx: Silent erroneous message (bsc#1086327,). - scsi: qla2xxx: Spinlock recursion in qla_target (bsc#1086327,). - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870). - scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870). - scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870). - scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1086327,). - scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870). - scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870). - scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870). - scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870). - scsi: qla2xxx: do not allow negative thresholds (bsc#1108870). - scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870). - scsi: storsvc: do not set a bounce limit (bsc#1107207). - scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207). - scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207). - scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207). - scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928). - scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207). - scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138). - scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138). - security: check for kstrdup() failure in lsm_append() (bsc#1051510). - selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647). - selftests/bpf: fix a typo in map in map test (bsc#1083647). - selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006). - selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006). - serial: 8250: Do not service RX FIFO if interrupts are disabled (bsc#1051510). - serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510). - serial: 8250_dw: Add ACPI support for uart on Broadcom SoC (bsc#1051510). - serial: 8250_dw: always set baud rate in dw8250_set_termios (bsc#1051510). - serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510). - serial: core: mark port as initialized after successful IRQ change (bsc#1051510). - serial: cpm_uart: return immediately from console poll (bsc#1051510). - serial: enable spi in sc16is7xx driver References: bsc#1105672 - serial: imx: restore handshaking irq for imx1 (bsc#1051510). - serial: make sc16is7xx driver supported References: bsc#1105672 - serial: pxa: Fix an error handling path in 'serial_pxa_probe()' (bsc#1051510). - serial: sh-sci: Stop RX FIFO timer during port shutdown (bsc#1051510). - serial: xuartps: fix typo in cdns_uart_startup (bsc#1051510). - series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bsc#1112514). - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006). - slab: __GFP_ZERO is incompatible with a constructor (bsc#1107060). - smb2: fix missing files in root share directory listing (bsc#1112907). - smb3: fill in statfs fsid and correct namelen (bsc#1112905). - smb3: fix reset of bytes read and written stats (bsc#1112906). - smb3: on reconnect set PreviousSessionId field (bsc#1112899). - smsc75xx: Check for Wake-on-LAN modes (bsc#1051510). - smsc95xx: Check for Wake-on-LAN modes (bsc#1051510). - soc/tegra: pmc: Fix child-node lookup (bsc#1051510). - soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510). - soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510). - sock_diag: fix use-after-free read in __sk_free (bsc#1051510). - soreuseport: initialise timewait reuseport field (bsc#1051510). - sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510). - sound: enable interrupt after dma buffer initialization (bsc#1051510). - spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT (). - spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510). - spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510). - spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510). - spi: davinci: fix a NULL pointer dereference (bsc#1051510). - spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510). - spi: rspi: Fix interrupted DMA transfers (bsc#1051510). - spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510). - spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510). - spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510). - spi: sh-msiof: fix deferred probing (bsc#1051510). - spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510). - squashfs metadata 2: electric boogaloo (bsc#1051510). - squashfs: be more careful about metadata corruption (bsc#1051510). - squashfs: more metadata hardening (bsc#1051510). - squashfs: more metadata hardening (bsc#1051510). - sr9800: Check for supported Wake-on-LAN modes (bsc#1051510). - sr: get/drop reference to device in revalidate and check_events (bsc#1109979). - staging: bcm2835-audio: Check if workqueue allocation failed (). - staging: bcm2835-audio: Deliver indirect-PCM transfer error (). - staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit() (). - staging: bcm2835-audio: Do not leak workqueue if open fails (). - staging: bcm2835-audio: constify snd_pcm_ops structures (). - staging: bcm2835-audio: make snd_pcm_hardware const (). - staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout (bsc#1051510). - staging: bcm2835-camera: handle wait_for_completion_timeout return properly (bsc#1051510). - staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510). - staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510). - staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510). - staging: lustre: disable preempt while sampling processor id (bsc#1051510). - staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510). - staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510). - staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510). - staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510). - staging: lustre: llite: correct removexattr detection (bsc#1051510). - staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510). - staging: lustre: lmv: correctly iput lmo_root (bsc#1051510). - staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510). - staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510). - staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510). - staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510). - staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510). - staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510). - staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510). - staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510). - staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510). - staging: rts5208: fix missing error check on call to rtsx_write_register (bsc#1051510). - staging: vc04_services: Fix platform_no_drv_owner.cocci warnings (). - staging: vc04_services: bcm2835-audio Format multiline comment (). - staging: vc04_services: bcm2835-audio: Add blank line after declaration (). - staging: vc04_services: bcm2835-audio: Change to unsigned int * (). - staging: vc04_services: bcm2835-audio: add SPDX identifiers (). - staging: vc04_services: bcm2835-audio: remove redundant license text (). - staging: vc04_services: please do not use multiple blank lines (). - stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510). - stmmac: fix DMA channel hang in half-duplex mode (networking-stable-18_07_19). - string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510). - strparser: Remove early eaten to fix full tcp receive buffer stall (networking-stable-18_07_19). - sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510). - switchtec: Fix Spectre v1 vulnerability (bsc#1051510). - sys: do not hold uts_sem while accessing userspace memory (bsc#1106995). - sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes). - target: log Data-Out timeouts as errors (bsc#1095805). - target: log NOP ping timeouts as errors (bsc#1095805). - target: split out helper for cxn timeout error stashing (bsc#1095805). - target: stash sess_err_stats on Data-Out timeout (bsc#1095805). - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805). - target_core_rbd: break up free_device callback (bsc#1105524). - target_core_rbd: use RCU in free_device (bsc#1105524). - team: Forbid enslaving team device to itself (bsc#1051510). - thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510). - thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363). - thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363). - thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363). - ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510). - tools build: fix # escaping in .cmd files for future Make (git-fixes). - tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207). - tools/power turbostat: Read extended processor family from CPUID (bsc#1051510). - tools/power turbostat: fix -S on UP systems (bsc#1051510). - tools/vm/page-types.c: fix "defined but not used" warning (bsc#1051510). - tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510). - tools: hv: fcopy: set 'error' in case an unknown operation was requested (bsc#1107207). - tools: hv: fix compiler warnings about major/target_fname (bsc#1107207). - tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207). - tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207). - tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510). - tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555). - tpm: cmd_ready command can be issued only after granting locality (bsc#1082555). - tpm: fix race condition in tpm_common_write() (bsc#1082555). - tpm: fix use after free in tpm2_load_context() (bsc#1082555). - tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555). - tpm: tpm_crb: relinquish locality on error path (bsc#1082555). - tpm: vtpm_proxy: Implement request_locality function (bsc#1082555). - tracepoint: Do not warn on ENOMEM (bsc#1051510). - tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006). - tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219). - tsl2550: fix lux1_input error in low light (bsc#1051510). - tty/ldsem: Add lockdep asserts for ldisc_sem (bsc#1105428). - tty/ldsem: Convert to regular lockdep annotations (bsc#1105428). - tty/ldsem: Decrement wait_readers on timeouted down_read() (bsc#1105428). - tty/ldsem: Wake up readers after timed out down_write() (bsc#1105428). - tty: Do not block on IO when ldisc change is pending (bsc#1105428). - tty: Drop tty->count on tty_reopen() failure (bsc#1051510). - tty: Hold tty_ldisc_lock() during tty_reopen() (bsc#1105428). - tty: Simplify tty->count math in tty_reopen() (bsc#1105428). - tty: fix data race between tty_init_dev and flush of buf (bsc#1105428). - tty: fix termios input-speed encoding (bsc#1051510). - tty: fix termios input-speed encoding when using BOTHER (bsc#1051510). - tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510). - tty: serial: 8250: Revert NXP SC16C2552 workaround (bsc#1051510). - tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510). - tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510). - tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510). - uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510). - ubifs: Check data node size before truncate (bsc#1051510). - ubifs: Check for name being NULL while mounting (bsc#1051510). - ubifs: Fix directory size calculation for symlinks (bsc#1106230). - ubifs: Fix memory leak in lprobs self-check (bsc#1051510). - ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510). - ubifs: xattr: Do not operate on deleted inodes (bsc#1051510). - udl-kms: avoid division (bsc#1051510). - udl-kms: change down_interruptible to down (bsc#1051510). - udl-kms: fix crash due to uninitialized memory (bsc#1051510). - udl-kms: handle allocation failure (bsc#1051510). - udlfb: set optimal write delay (bsc#1051510). - udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151). - uio, lib: Fix CONFIG_ARCH_HAS_UACCESS_MCSAFE compilation (bsc#1098782). - uio: potential double frees if __uio_register_device() fails (bsc#1051510). - uio_hv_generic: fix subchannel ring mmap (bsc#1107207). - uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207). - uio_hv_generic: set size of ring buffer attribute (bsc#1107207). - uio_hv_generic: support sub-channels (bsc#1107207). - uio_hv_generic: use correct channel in isr (bsc#1107207). - uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006). - uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bsc#1051510). - uprobes: Use synchronize_rcu() not synchronize_sched() (bsc#1051510). - usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510). - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510). - usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510). - usb: cdc_acm: Do not leak URB buffers (bsc#1051510). - usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510). - usb: dwc2: Turn on uframe_sched on "amlogic" platforms (bsc#1102881). - usb: dwc2: Turn on uframe_sched on "bcm" platforms (bsc#1102881). - usb: dwc2: Turn on uframe_sched on "his" platforms (bsc#1102881). - usb: dwc2: Turn on uframe_sched on "stm32f4x9_fsotg" platforms (bsc#1102881). - usb: dwc2: fix isoc split in transfer with no data (bsc#1051510). - usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510). - usb: dwc3: change stream event enable bit back to 13 (bsc#1051510). - usb: dwc3: pci: add support for Intel IceLake (bsc#1051510). - usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510). - usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510). - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510). - usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510). - usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510). - usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510). - usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510). - usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510). - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510). - usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510). - usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510). - usb: uas: add support for more quirk flags (bsc#1051510). - usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510). - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510). - usb: xhci: increase CRS timeout value (bsc#1051510). - usbip: tools: fix atoi() on non-null terminated string (bsc#1051510). - use the new async probing feature for the hyperv drivers (bsc#1107207). - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739). - userns: move user access out of the mutex (bsc#1051510). - uwb: hwa-rc: fix memory leak at probe (bsc#1051510). - vfio/pci: Virtualize Maximum Payload Size (bsc#1051510). - vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510). - vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510). - vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006). - vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes). - vhost: correctly check the iova range when waking virtqueue (bsc#1051510). - vhost: do not try to access device IOTLB when not initialized (bsc#1051510). - vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17). - vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510). - vhost_net: validate sock before trying to put its fd (networking-stable-18_07_19). - video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510). - video: goldfishfb: fix memory leak on driver remove (bsc#1051510). - virtio: pci-legacy: Validate queue pfn (bsc#1051510). - vmbus: do not return values for uninitalized channels (bsc#1051510). - vmbus: do not return values for uninitalized channels (bsc#1107207). - vmci: type promotion bug in qp_host_get_user_memory() (bsc#1105355). - vmw_balloon: VMCI_DOORBELL_SET does not check status (bsc#1051510). - vmw_balloon: do not use 2MB without batching (bsc#1051510). - vmw_balloon: fix VMCI use when balloon built into kernel (bsc#1051510). - vmw_balloon: fix inflation of 64-bit GFNs (bsc#1051510). - vmw_balloon: remove inflation rate limiting (bsc#1051510). - vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17). - vti4: Do not count header length twice on tunnel setup (bsc#1051510). - vti6: fix PMTU caching and reporting on xmit (bsc#1051510). - vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510). - vxlan: add new fdb alloc and create helpers (netfilter-stable-18_07_27). - vxlan: fix default fdb entry netlink notify ordering during netdev create (netfilter-stable-18_07_27). - vxlan: make netlink notify in vxlan_fdb_destroy optional (netfilter-stable-18_07_27). - wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc (bsc#1051510). - watchdog: Mark watchdog touch functions as notrace (git-fixes). - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bsc#1051510). - wlcore: Set rx_status boottime_ns field on rx (bsc#1051510). - x86-64/realmode: Add instruction suffix (bsc#1110006). - x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available (). - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006). - x86/CPU: Add a microcode loader callback (bsc#1110006). - x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006). - x86/CPU: Modify detect_extended_topology() to return result (). - x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006). - x86/Hyper-V/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207). - x86/Hyper-V/hv_apic: Include asm/apic.h (bsc#1107207). - x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006). - x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006). - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006). - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006). - x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006). - x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006). - x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006). - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006). - x86/MCE: Remove min interval polling limitation (bsc#1110006). - x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006). - x86/MCE: Serialize sysfs changes (bsc#1110006). - x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bsc#1110006). - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006). - x86/alternatives: Fixup alternative_call_2 (bsc#1110006). - x86/apic/vector: Fix off by one in error path (bsc#1110006). - x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006). - x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006). - x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006). - x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006). - x86/asm/memcpy_mcsafe: Add labels for __memcpy_mcsafe() write fault handling (bsc#1098782). - x86/asm/memcpy_mcsafe: Add write-protection-fault handling (bsc#1098782). - x86/asm/memcpy_mcsafe: Define copy_to_iter_mcsafe() (bsc#1098782). - x86/asm/memcpy_mcsafe: Fix copy_to_user_mcsafe() exception handling (bsc#1098782). - x86/asm/memcpy_mcsafe: Provide original memcpy_mcsafe_unrolled (bsc#1098782). - x86/asm/memcpy_mcsafe: Remove loop unrolling (bsc#1098782). - x86/asm/memcpy_mcsafe: Return bytes remaining (bsc#1098782). - x86/asm: Add _ASM_ARG* constants for argument registers to asm/asm.h (bsc#1110006). - x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006). - x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006). - x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006). - x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bsc#1112878). - x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006). - x86/boot: Fix if_changed build flip/flop bug (bsc#1110006). - x86/boot: Fix kexec booting failure in the SEV bit detection code (bsc#1110301). - x86/boot: Move EISA setup to a separate file (bsc#1110006). - x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006). - x86/build/64: Force the linker to use 2MB page size (bsc#1109603). - x86/build: Beautify build log of syscall headers (bsc#1110006). - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006). - x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006). - x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006). - x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006). - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006). - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006). - x86/decoder: Add new TEST instruction pattern (bsc#1110006). - x86/dumpstack: Save first regs set for the executive summary (bsc#1110006). - x86/dumpstack: Unify show_regs() (bsc#1110006). - x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006). - x86/eisa: Add missing include (bsc#1110006). - x86/entry/64: Add two more instruction suffixes (bsc#1110006). - x86/entry/64: Remove %ebx handling from error_entry/exit (bsc#1102715). - x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006). - x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() (bsc#1110006). - x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006). - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006). - x86/espfix/64: Fix espfix double-fault handling on 5-level systems (bsc#1110006). - x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da). - x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006). - x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006). - x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006). - x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006). - x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006). - x86/headers/UAPI: Use __u64 instead of u64 in uapi/asm/hyperv.h (bsc#1107207). - x86/hyper-V: Allocate the IDT entry early in boot (bsc#1107207). - x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207). - x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207). - x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207). - x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207). - x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207). - x86/hyper-v: Trace PV IPI send (bsc#1107207). - x86/hyper-v: Use 'fast' hypercall for HVCALL_SEND_IPI (bsc#1107207). - x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207). - x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207). - x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207). - x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207). - x86/hyper-v: detect nested features (bsc#1107207). - x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207). - x86/hyper-v: move hyperv.h out of uapi (bsc#1107207). - x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207). - x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207). - x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207). - x86/hyperv: Add interrupt handler annotations (bsc#1107207). - x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1107207). - x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006). - x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207). - x86/hyperv: Reenlightenment notifications support (bsc#1107207). - x86/idt: Load idt early in start_secondary (bsc#1110006). - x86/init: fix build with CONFIG_SWAP=n (bsc#1106121). - x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006). - x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006). - x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006). - x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006). - x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207). - x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006). - x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772). - x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan). - x86/kasan: Panic if there is not enough memory to boot (bsc#1110006). - x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006). - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279). - x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006). - x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006). - x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207). - x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207). - x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207). - x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006). - x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240). - x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207). - x86/mce/AMD: Get address from already initialized block (bsc#1110006). - x86/mce: Add notifier_block forward declaration (bsc#1110006). - x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006). - x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006). - x86/mce: Fix incorrect "Machine check from unknown source" message (bsc#1110006). - x86/mce: Fix set_mce_nospec() to avoid #GP fault (bsc#1107783). - x86/mce: Improve error message when kernel cannot recover (bsc#1110006). - x86/mce: Improve error message when kernel cannot recover (bsc#1110301). - x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85). - x86/memory_failure: Introduce {set, clear}_mce_nospec() (bsc#1107783). - x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006). - x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006). - x86/microcode/intel: Look into the patch cache first (bsc#1110006). - x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006). - x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006). - x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006). - x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006). - x86/microcode: Do not exit early from __reload_late() (bsc#1110006). - x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006). - x86/microcode: Fix CPU synchronization routine (bsc#1110006). - x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006). - x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006). - x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006). - x86/microcode: Propagate return value from updating functions (bsc#1110006). - x86/microcode: Request microcode on the BSP (bsc#1110006). - x86/microcode: Synchronize late microcode loading (bsc#1110006). - x86/microcode: Update the new microcode revision unconditionally (bsc#1110006). - x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006). - x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006). - x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan). - x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006). - x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006). - x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243). - x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006). - x86/mm/pat: Prepare {reserve, free}_memtype() for "decoy" addresses (bsc#1107783). - x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006). - x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006). - x86/mm/tlb: Always use lazy TLB mode (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - x86/mm/tlb: Leave lazy TLB mode at page table free time (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - x86/mm/tlb: Make lazy TLB mode lazier (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - x86/mm/tlb: Only send page table free TLB flush to lazy TLB CPUs (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - x86/mm/tlb: Restructure switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - x86/mm/tlb: Skip atomic operations for 'init_mm' in switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB). - x86/mm: Add TLB purge to free pmd/pte page interfaces (bsc#1110006). - x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006). - x86/mm: Disable ioremap free page handling on x86-PAE (bsc#1110006). - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006). - x86/mm: Drop TS_COMPAT on 64-bit exec() syscall (bsc#1110006). - x86/mm: Expand static page table for fixmap space (bsc#1110006). - x86/mm: Fix ELF_ET_DYN_BASE for 5-level paging (bsc#1110006). - x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006). - x86/mm: Relocate page fault error codes to traps.h (bsc#1110006). - x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006). - x86/mm: implement free pmd/pte page interfaces (bsc#1110006). - x86/mpx: Do not allow MPX if we have mappings above 47-bit (bsc#1110006). - x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006). - x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006). - x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006). - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006). - x86/paravirt: Fix some warning messages (bsc#1065600). - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bsc#1065600). - x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006). - x86/percpu: Fix this_cpu_read() (bsc#1110006). - x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006). - x86/pkeys: Do not special case protection key 0 (bsc#1110006). - x86/pkeys: Override pkey when moving away from PROT_EXEC (bsc#1110006). - x86/platform/UV: Add adjustable set memory block size function (bsc#1108243). - x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243). - x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243). - x86/platform/UV: Use new set memory block size function (bsc#1108243). - x86/power: Fix swsusp_arch_resume prototype (bsc#1110006). - x86/process: Do not mix user/kernel regs in 64bit __show_regs() (bsc#1110006). - x86/process: Re-export start_thread() (bsc#1110006). - x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006). - x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006). - x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006). - x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006). - x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006). - x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006). - x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453). - x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" (bsc#1110006). - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006). - x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006). - x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006). - x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bsc#1105536). - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536). - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006). - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536). - x86/speculation/l1tf: Invert all not present mappings (bsc#1110006). - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006). - x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006). - x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bsc#1105536). - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006). - x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369). - x86/time: Correct the attribute on jiffies' definition (bsc#1110006). - x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006). - x86/tsc: Add missing header to tsc_msr.c (bsc#1110006). - x86/tsc: Allow TSC calibration without PIT (bsc#1110006). - x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006). - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006). - x86/vdso: Fix lsl operand order (bsc#1110006). - x86/vdso: Fix lsl operand order (bsc#1110301). - x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006). - x86/xen/efi: Initialize only the EFI struct members used by Xen (bsc#1107945). - x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bsc#1065600). - x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006). - x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006). - x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006). - x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006). - x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006). - x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006). - x86: Delay skip of emulated hypercall instruction (bsc#1107207). - x86: Delay skip of emulated hypercall instruction (bsc#1110006). - x86: PM: Make APM idle driver initialize polling state (bsc#1110006). - x86: i8259: Add missing include file (bsc#1110006). - x86: irq_remapping: Move irq remapping mode enum (). - x86: kvm: avoid unused variable warning (bsc#1110006). - x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006). - x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110301). - xen-netfront: fix bug concerning replacement of MAX_SKB_FRAGS with XEN_NETIF_NR_SLOTS_MIN (bsc#1104824). - xen-netfront: fix queue name setting (bsc#1065600). - xen-netfront: fix warn message as irq device name has '/' (bsc#1065600). - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bsc#1065600). - xen/PVH: Set up GS segment for stack canary (bsc#1110006). - xen/blkback: do not keep persistent grants too long (bsc#1085042). - xen/blkback: move persistent grants flags to bool (bsc#1085042). - xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042). - xen/blkfront: cleanup stale persistent grants (bsc#1085042). - xen/blkfront: reorder tests in xlblk_init() (bsc#1085042). - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bsc#1065600). - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006). - xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006). - xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bsc#1065600). - xen: avoid crash in disable_hotplug_cpu (bsc#1106594). - xen: issue warning message when out of grant maptrack entries (bsc#1105795). - xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bsc#1065600). - xen: xenbus_dev_frontend: Really return response string (bsc#1065600). - xenbus: track caller request id (bsc#1065600). - xfrm: use complete IPv6 addresses for hash (bsc#1109330). - xfs, dax: introduce xfs_dax_aops (bsc#1104888). - xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511). - xfs: Remove dead code from inode recover function (bsc#1105396). - xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344). - xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344). - xfs: add a xfs_iext_update_extent helper (bsc#1095344). - xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344). - xfs: add comments documenting the rebalance algorithm (bsc#1095344). - xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344). - xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344). - xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025). - xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344). - xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344). - xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344). - xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344). - xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344). - xfs: fix type usage (bsc#1095344). - xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344). - xfs: inline xfs_shift_file_space into callers (bsc#1095344). - xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344). - xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344). - xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344). - xfs: iterate over extents in xfs_iextents_copy (bsc#1095344). - xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344). - xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344). - xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344). - xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344). - xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344). - xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344). - xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344). - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344). - xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344). - xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344). - xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344). - xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344). - xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344). - xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344). - xfs: refactor xfs_del_extent_real (bsc#1095344). - xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344). - xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344). - xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344). - xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344). - xfs: remove if_rdev (bsc#1095344). - xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344). - xfs: remove support for inlining data/extents into the inode fork (bsc#1095344). - xfs: remove the never fully implemented UUID fork format (bsc#1095344). - xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344). - xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344). - xfs: remove xfs_bmbt_get_state (bsc#1095344). - xfs: remove xfs_bmse_shift_one (bsc#1095344). - xfs: rename bno to end in __xfs_bunmapi (bsc#1095344). - xfs: repair malformed inode items during log recovery (bsc#1105396). - xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344). - xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344). - xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344). - xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344). - xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344). - xfs: simplify the xfs_getbmap interface (bsc#1095344). - xfs: simplify xfs_reflink_convert_cow (bsc#1095344). - xfs: split xfs_bmap_shift_extents (bsc#1095344). - xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344). - xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344). - xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344). - xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344). - xfs: use a b+tree for the in-core extent list (bsc#1095344). - xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344). - xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344). - xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344). - xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344). - xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344). - xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344). - xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344). - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510). - xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510). - xhci: Fix use after free for URB cancellation on a reallocated endpoint (bsc#1051510). - zram: fix null dereference of handle (bsc#1105355). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 15: zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2018-2819=1 Package List: - SUSE Linux Enterprise Module for Public Cloud 15 (x86_64): kernel-azure-4.12.14-5.16.1 kernel-azure-base-4.12.14-5.16.1 kernel-azure-base-debuginfo-4.12.14-5.16.1 kernel-azure-debuginfo-4.12.14-5.16.1 kernel-azure-devel-4.12.14-5.16.1 kernel-syms-azure-4.12.14-5.16.1 - SUSE Linux Enterprise Module for Public Cloud 15 (noarch): kernel-devel-azure-4.12.14-5.16.1 kernel-source-azure-4.12.14-5.16.1 References: https://www.suse.com/security/cve/CVE-2017-16533.html https://www.suse.com/security/cve/CVE-2017-18224.html https://www.suse.com/security/cve/CVE-2018-10902.html https://www.suse.com/security/cve/CVE-2018-10938.html https://www.suse.com/security/cve/CVE-2018-10940.html https://www.suse.com/security/cve/CVE-2018-1128.html https://www.suse.com/security/cve/CVE-2018-1129.html https://www.suse.com/security/cve/CVE-2018-12896.html https://www.suse.com/security/cve/CVE-2018-13093.html https://www.suse.com/security/cve/CVE-2018-13095.html https://www.suse.com/security/cve/CVE-2018-14613.html https://www.suse.com/security/cve/CVE-2018-14617.html https://www.suse.com/security/cve/CVE-2018-14633.html https://www.suse.com/security/cve/CVE-2018-15572.html https://www.suse.com/security/cve/CVE-2018-16658.html https://www.suse.com/security/cve/CVE-2018-17182.html https://www.suse.com/security/cve/CVE-2018-18386.html https://www.suse.com/security/cve/CVE-2018-18445.html https://www.suse.com/security/cve/CVE-2018-18710.html https://www.suse.com/security/cve/CVE-2018-6554.html https://www.suse.com/security/cve/CVE-2018-6555.html https://www.suse.com/security/cve/CVE-2018-9363.html https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1031392 https://bugzilla.suse.com/1043912 https://bugzilla.suse.com/1044189 https://bugzilla.suse.com/1046302 https://bugzilla.suse.com/1046305 https://bugzilla.suse.com/1046306 https://bugzilla.suse.com/1046307 https://bugzilla.suse.com/1046540 https://bugzilla.suse.com/1046543 https://bugzilla.suse.com/1050244 https://bugzilla.suse.com/1050319 https://bugzilla.suse.com/1050536 https://bugzilla.suse.com/1050540 https://bugzilla.suse.com/1051510 https://bugzilla.suse.com/1054914 https://bugzilla.suse.com/1055014 https://bugzilla.suse.com/1055117 https://bugzilla.suse.com/1055120 https://bugzilla.suse.com/1058659 https://bugzilla.suse.com/1060463 https://bugzilla.suse.com/1061840 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1066674 https://bugzilla.suse.com/1067126 https://bugzilla.suse.com/1067906 https://bugzilla.suse.com/1068032 https://bugzilla.suse.com/1069138 https://bugzilla.suse.com/1071995 https://bugzilla.suse.com/1076830 https://bugzilla.suse.com/1077761 https://bugzilla.suse.com/1077989 https://bugzilla.suse.com/1078720 https://bugzilla.suse.com/1079524 https://bugzilla.suse.com/1080157 https://bugzilla.suse.com/1082519 https://bugzilla.suse.com/1082555 https://bugzilla.suse.com/1083647 https://bugzilla.suse.com/1083663 https://bugzilla.suse.com/1084760 https://bugzilla.suse.com/1084831 https://bugzilla.suse.com/1085030 https://bugzilla.suse.com/1085042 https://bugzilla.suse.com/1085262 https://bugzilla.suse.com/1086282 https://bugzilla.suse.com/1086283 https://bugzilla.suse.com/1086288 https://bugzilla.suse.com/1086327 https://bugzilla.suse.com/1089663 https://bugzilla.suse.com/1090078 https://bugzilla.suse.com/1091800 https://bugzilla.suse.com/1092903 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1094825 https://bugzilla.suse.com/1095344 https://bugzilla.suse.com/1095805 https://bugzilla.suse.com/1096748 https://bugzilla.suse.com/1097105 https://bugzilla.suse.com/1097583 https://bugzilla.suse.com/1097584 https://bugzilla.suse.com/1097585 https://bugzilla.suse.com/1097586 https://bugzilla.suse.com/1097587 https://bugzilla.suse.com/1097588 https://bugzilla.suse.com/1098459 https://bugzilla.suse.com/1098782 https://bugzilla.suse.com/1098822 https://bugzilla.suse.com/1099125 https://bugzilla.suse.com/1099922 https://bugzilla.suse.com/1099999 https://bugzilla.suse.com/1100001 https://bugzilla.suse.com/1100132 https://bugzilla.suse.com/1101480 https://bugzilla.suse.com/1101557 https://bugzilla.suse.com/1101669 https://bugzilla.suse.com/1102346 https://bugzilla.suse.com/1102495 https://bugzilla.suse.com/1102517 https://bugzilla.suse.com/1102715 https://bugzilla.suse.com/1102870 https://bugzilla.suse.com/1102875 https://bugzilla.suse.com/1102877 https://bugzilla.suse.com/1102879 https://bugzilla.suse.com/1102881 https://bugzilla.suse.com/1102882 https://bugzilla.suse.com/1102896 https://bugzilla.suse.com/1103269 https://bugzilla.suse.com/1103308 https://bugzilla.suse.com/1103356 https://bugzilla.suse.com/1103363 https://bugzilla.suse.com/1103387 https://bugzilla.suse.com/1103405 https://bugzilla.suse.com/1103421 https://bugzilla.suse.com/1103543 https://bugzilla.suse.com/1103587 https://bugzilla.suse.com/1103636 https://bugzilla.suse.com/1103948 https://bugzilla.suse.com/1103949 https://bugzilla.suse.com/1103961 https://bugzilla.suse.com/1104172 https://bugzilla.suse.com/1104353 https://bugzilla.suse.com/1104482 https://bugzilla.suse.com/1104683 https://bugzilla.suse.com/1104731 https://bugzilla.suse.com/1104824 https://bugzilla.suse.com/1104888 https://bugzilla.suse.com/1104890 https://bugzilla.suse.com/1105025 https://bugzilla.suse.com/1105190 https://bugzilla.suse.com/1105247 https://bugzilla.suse.com/1105292 https://bugzilla.suse.com/1105322 https://bugzilla.suse.com/1105355 https://bugzilla.suse.com/1105378 https://bugzilla.suse.com/1105396 https://bugzilla.suse.com/1105428 https://bugzilla.suse.com/1105467 https://bugzilla.suse.com/1105524 https://bugzilla.suse.com/1105536 https://bugzilla.suse.com/1105597 https://bugzilla.suse.com/1105603 https://bugzilla.suse.com/1105672 https://bugzilla.suse.com/1105731 https://bugzilla.suse.com/1105795 https://bugzilla.suse.com/1105907 https://bugzilla.suse.com/1106007 https://bugzilla.suse.com/1106016 https://bugzilla.suse.com/1106105 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106121 https://bugzilla.suse.com/1106170 https://bugzilla.suse.com/1106178 https://bugzilla.suse.com/1106229 https://bugzilla.suse.com/1106230 https://bugzilla.suse.com/1106231 https://bugzilla.suse.com/1106233 https://bugzilla.suse.com/1106235 https://bugzilla.suse.com/1106236 https://bugzilla.suse.com/1106237 https://bugzilla.suse.com/1106238 https://bugzilla.suse.com/1106240 https://bugzilla.suse.com/1106291 https://bugzilla.suse.com/1106297 https://bugzilla.suse.com/1106333 https://bugzilla.suse.com/1106369 https://bugzilla.suse.com/1106427 https://bugzilla.suse.com/1106464 https://bugzilla.suse.com/1106509 https://bugzilla.suse.com/1106511 https://bugzilla.suse.com/1106594 https://bugzilla.suse.com/1106636 https://bugzilla.suse.com/1106688 https://bugzilla.suse.com/1106697 https://bugzilla.suse.com/1106779 https://bugzilla.suse.com/1106800 https://bugzilla.suse.com/1106838 https://bugzilla.suse.com/1106890 https://bugzilla.suse.com/1106891 https://bugzilla.suse.com/1106892 https://bugzilla.suse.com/1106893 https://bugzilla.suse.com/1106894 https://bugzilla.suse.com/1106896 https://bugzilla.suse.com/1106897 https://bugzilla.suse.com/1106898 https://bugzilla.suse.com/1106899 https://bugzilla.suse.com/1106900 https://bugzilla.suse.com/1106901 https://bugzilla.suse.com/1106902 https://bugzilla.suse.com/1106903 https://bugzilla.suse.com/1106905 https://bugzilla.suse.com/1106906 https://bugzilla.suse.com/1106948 https://bugzilla.suse.com/1106995 https://bugzilla.suse.com/1107008 https://bugzilla.suse.com/1107060 https://bugzilla.suse.com/1107061 https://bugzilla.suse.com/1107065 https://bugzilla.suse.com/1107074 https://bugzilla.suse.com/1107207 https://bugzilla.suse.com/1107319 https://bugzilla.suse.com/1107320 https://bugzilla.suse.com/1107522 https://bugzilla.suse.com/1107535 https://bugzilla.suse.com/1107685 https://bugzilla.suse.com/1107689 https://bugzilla.suse.com/1107735 https://bugzilla.suse.com/1107756 https://bugzilla.suse.com/1107783 https://bugzilla.suse.com/1107829 https://bugzilla.suse.com/1107870 https://bugzilla.suse.com/1107924 https://bugzilla.suse.com/1107928 https://bugzilla.suse.com/1107945 https://bugzilla.suse.com/1107947 https://bugzilla.suse.com/1107966 https://bugzilla.suse.com/1108010 https://bugzilla.suse.com/1108093 https://bugzilla.suse.com/1108096 https://bugzilla.suse.com/1108170 https://bugzilla.suse.com/1108241 https://bugzilla.suse.com/1108243 https://bugzilla.suse.com/1108260 https://bugzilla.suse.com/1108281 https://bugzilla.suse.com/1108323 https://bugzilla.suse.com/1108377 https://bugzilla.suse.com/1108399 https://bugzilla.suse.com/1108468 https://bugzilla.suse.com/1108520 https://bugzilla.suse.com/1108823 https://bugzilla.suse.com/1108841 https://bugzilla.suse.com/1108870 https://bugzilla.suse.com/1109151 https://bugzilla.suse.com/1109158 https://bugzilla.suse.com/1109217 https://bugzilla.suse.com/1109244 https://bugzilla.suse.com/1109269 https://bugzilla.suse.com/1109330 https://bugzilla.suse.com/1109333 https://bugzilla.suse.com/1109336 https://bugzilla.suse.com/1109337 https://bugzilla.suse.com/1109511 https://bugzilla.suse.com/1109603 https://bugzilla.suse.com/1109739 https://bugzilla.suse.com/1109772 https://bugzilla.suse.com/1109784 https://bugzilla.suse.com/1109806 https://bugzilla.suse.com/1109818 https://bugzilla.suse.com/1109907 https://bugzilla.suse.com/1109915 https://bugzilla.suse.com/1109919 https://bugzilla.suse.com/1109951 https://bugzilla.suse.com/1109979 https://bugzilla.suse.com/1109992 https://bugzilla.suse.com/1110006 https://bugzilla.suse.com/1110096 https://bugzilla.suse.com/1110301 https://bugzilla.suse.com/1110363 https://bugzilla.suse.com/1110538 https://bugzilla.suse.com/1110561 https://bugzilla.suse.com/1110639 https://bugzilla.suse.com/1110642 https://bugzilla.suse.com/1110643 https://bugzilla.suse.com/1110644 https://bugzilla.suse.com/1110645 https://bugzilla.suse.com/1110646 https://bugzilla.suse.com/1110647 https://bugzilla.suse.com/1110649 https://bugzilla.suse.com/1110650 https://bugzilla.suse.com/1111028 https://bugzilla.suse.com/1111040 https://bugzilla.suse.com/1111076 https://bugzilla.suse.com/1111506 https://bugzilla.suse.com/1111806 https://bugzilla.suse.com/1111819 https://bugzilla.suse.com/1111830 https://bugzilla.suse.com/1111834 https://bugzilla.suse.com/1111841 https://bugzilla.suse.com/1111870 https://bugzilla.suse.com/1111901 https://bugzilla.suse.com/1111904 https://bugzilla.suse.com/1111921 https://bugzilla.suse.com/1111928 https://bugzilla.suse.com/1111983 https://bugzilla.suse.com/1112170 https://bugzilla.suse.com/1112208 https://bugzilla.suse.com/1112219 https://bugzilla.suse.com/1112246 https://bugzilla.suse.com/1112372 https://bugzilla.suse.com/1112514 https://bugzilla.suse.com/1112554 https://bugzilla.suse.com/1112708 https://bugzilla.suse.com/1112710 https://bugzilla.suse.com/1112711 https://bugzilla.suse.com/1112712 https://bugzilla.suse.com/1112713 https://bugzilla.suse.com/1112731 https://bugzilla.suse.com/1112732 https://bugzilla.suse.com/1112733 https://bugzilla.suse.com/1112734 https://bugzilla.suse.com/1112735 https://bugzilla.suse.com/1112736 https://bugzilla.suse.com/1112738 https://bugzilla.suse.com/1112739 https://bugzilla.suse.com/1112740 https://bugzilla.suse.com/1112741 https://bugzilla.suse.com/1112743 https://bugzilla.suse.com/1112745 https://bugzilla.suse.com/1112746 https://bugzilla.suse.com/1112878 https://bugzilla.suse.com/1112894 https://bugzilla.suse.com/1112899 https://bugzilla.suse.com/1112902 https://bugzilla.suse.com/1112903 https://bugzilla.suse.com/1112905 https://bugzilla.suse.com/1112906 https://bugzilla.suse.com/1112907 https://bugzilla.suse.com/1113257 https://bugzilla.suse.com/1113284 https://bugzilla.suse.com/1113295 https://bugzilla.suse.com/1113408 https://bugzilla.suse.com/1113667 https://bugzilla.suse.com/1113722 https://bugzilla.suse.com/1113751 https://bugzilla.suse.com/1113780 https://bugzilla.suse.com/1113972 https://bugzilla.suse.com/1114279 https://bugzilla.suse.com/971975