SUSE-SU-2020:2122-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Aug 4 16:13:18 MDT 2020


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:2122-1
Rating:             important
References:         #1051510 #1065729 #1104967 #1111666 #1112178 
                    #1113956 #1114279 #1150660 #1151927 #1152107 
                    #1152624 #1158983 #1159058 #1162002 #1163309 
                    #1167104 #1168959 #1169514 #1169771 #1169795 
                    #1170011 #1170442 #1170617 #1170618 #1171124 
                    #1171424 #1171529 #1171530 #1171558 #1171673 
                    #1171732 #1171739 #1171743 #1171753 #1171759 
                    #1171761 #1171835 #1171841 #1171868 #1171988 
                    #1172247 #1172257 #1172344 #1172484 #1172687 
                    #1172719 #1172871 #1172872 #1172999 #1173060 
                    #1173074 #1173146 #1173265 #1173280 #1173284 
                    #1173428 #1173462 #1173514 #1173567 #1173573 
                    #1173746 #1173818 #1173820 #1173825 #1173826 
                    #1173833 #1173838 #1173839 #1173845 #1173857 
                    #1174113 #1174115 #1174122 #1174123 #1174130 
                    #1174205 #1174296 #1174343 #1174356 #1174409 
                    #1174438 #1174462 #1174543 
Cross-References:   CVE-2019-16746 CVE-2019-20908 CVE-2020-0305
                    CVE-2020-10135 CVE-2020-10769 CVE-2020-10773
                    CVE-2020-10781 CVE-2020-12771 CVE-2020-12888
                    CVE-2020-14331 CVE-2020-14416 CVE-2020-15393
                    CVE-2020-15780
Affected Products:
                    SUSE Linux Enterprise Live Patching 12-SP5
______________________________________________________________________________

   An update that solves 13 vulnerabilities and has 70 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2020-14331: A buffer over write in vgacon_scroll was fixed
     (bnc#1174205).
   - CVE-2020-10135: Legacy pairing and secure-connections pairing
     authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier
     may have allowed an unauthenticated user to complete authentication
     without pairing credentials via adjacent access. An unauthenticated,
     adjacent attacker could impersonate a Bluetooth BR/EDR master or slave
     to pair with a previously paired remote device to successfully complete
     the authentication procedure without knowing the link key (bnc#1171988).
   - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible
     use-after-free due to a race condition. This could lead to local
     escalation of privilege with System execution privileges needed. User
     interaction is not needed for exploitation (bnc#1174462).
   - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c
     where incorrect access permissions for the efivar_ssdt ACPI variable
     could be used by attackers to bypass lockdown or secure boot
     restrictions, aka CID-1957a85b0032 (bnc#1173567).
   - CVE-2020-10781: zram sysfs resource consumption was fixed (bnc#1173074).
   - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c
     where injection of malicious ACPI tables via configfs could be used by
     attackers to bypass lockdown and secure boot restrictions, aka
     CID-75b0cea7bf30 (bnc#1173573).
   - CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a
     memory leak, aka CID-28ebeb8db770 (bnc#1173514).
   - CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a
     deadlock if a coalescing operation fails (bnc#1171732).
   - CVE-2019-16746: net/wireless/nl80211.c did not check the length of
     variable elements in a beacon head, leading to a buffer overflow
     (bnc#1152107).
   - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access
     disabled memory space (bnc#1171868).
   - CVE-2020-10769: A buffer over-read flaw was found in
     crypto_authenc_extractkeys in crypto/authenc.c in the IPsec
     Cryptographic algorithm's module, authenc. When a payload longer than 4
     bytes, and is not following 4-byte alignment boundary guidelines, it
     causes a buffer over-read threat, leading to a system crash. This flaw
     allowed a local attacker with user privileges to cause a denial of
     service (bnc#1173265).
   - CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed
     (bnc#1172999).
   - CVE-2020-14416: A race condition in tty->disc_data handling in the slip
     and slcan line discipline could lead to a use-after-free, aka
     CID-0ace17d56824. This affects drivers/net/slip/slip.c and
     drivers/net/can/slcan.c (bnc#1162002).

   The following non-security bugs were fixed:

   - ACPI: GED: add support for _Exx / _Lxx handler methods (bsc#1111666).
   - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
     (bsc#1111666).
   - ACPI: NFIT: Fix unlock on error in scrub_show() (bsc#1171753).
   - ACPI: sysfs: Fix pm_profile_attr type (bsc#1111666).
   - ACPI: video: Use native backlight on Acer Aspire 5783z (bsc#1111666).
   - ACPI: video: Use native backlight on Acer TravelMate 5735Z (bsc#1111666).
   - ALSA: hda - let hs_mic be picked ahead of hp_mic (bsc#1111666).
   - ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534
     (bsc#1111666).
   - ALSA: lx6464es - add support for LX6464ESe pci express variant
     (bsc#1111666).
   - ALSA: opl3: fix infoleak in opl3 (bsc#1111666).
   - ALSA: usb-audio: add quirk for MacroSilicon MS2109 (bsc#1111666).
   - ALSA: usb-audio: Fix packet size calculation (bsc#1111666).
   - ALSA: usb-audio: Improve frames size computation (bsc#1111666).
   - amdgpu: a NULL ->mm does not mean a thread is a kthread (git-fixes).
   - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (bsc#1111666).
   - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx (bsc#1111666).
   - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg (bsc#1111666).
   - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
     (bsc#1111666).
   - ax25: fix setsockopt(SO_BINDTODEVICE) (networking-stable-20_05_27).
   - b43: Fix connection problem with WPA3 (bsc#1111666).
   - b43_legacy: Fix connection problem with WPA3 (bsc#1111666).
   - be2net: fix link failure after ethtool offline test (git-fixes).
   - block, bfq: add requeue-request hook (bsc#1104967 bsc#1171673).
   - block, bfq: postpone rq preparation to insert or merge (bsc#1104967
     bsc#1171673). Refresh
     patches.suse/block-bfq-fix-use-after-free-in-bfq_idle_slice_timer.patch
   - block: nr_sects_write(): Disable preemption on seqcount write
     (bsc#1173818).
   - Bluetooth: Add SCO fallback for invalid LMP parameters error
     (bsc#1111666).
   - bnxt_en: Fix AER reset logic on 57500 chips (git-fixes).
   - bnxt_en: Fix ethtool selftest crash under error conditions (git-fixes).
   - bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
     (git-fixes).
   - bnxt_en: Fix ipv6 RFS filter matching logic (git-fixes).
   - bnxt_en: fix NULL dereference in case SR-IOV configuration fails
     (git-fixes).
   - bnxt_en: Fix VF anti-spoof filter setup (networking-stable-20_05_12).
   - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features()
     (networking-stable-20_05_12).
   - bnxt_en: Improve AER slot reset (networking-stable-20_05_12).
   - brcmfmac: Transform compatible string for FW loading (bsc#1169771).
   - btrfs: add assertions for tree == inode->io_tree to extent IO helpers
     (bsc#1174438).
   - btrfs: add new helper btrfs_lock_and_flush_ordered_range (bsc#1174438).
   - btrfs: Always use a cached extent_state in
     btrfs_lock_and_flush_ordered_range (bsc#1174438).
   - btrfs: always wait on ordered extents at fsync time (bsc#1171761).
   - btrfs: clean up the left over logged_list usage (bsc#1171761).
   - btrfs: drop argument tree from btrfs_lock_and_flush_ordered_range
     (bsc#1174438).
   - btrfs: fix extent_state leak in btrfs_lock_and_flush_ordered_range
     (bsc#1174438).
   - btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof
     (bsc#1174438).
   - btrfs: fix hang on snapshot creation after RWF_NOWAIT write
     (bsc#1174438).
   - btrfs: fix list_add corruption and soft lockups in fsync (bsc#1171761).
   - btrfs: fix missing data checksums after a ranged fsync (msync)
     (bsc#1171761).
   - btrfs: fix missing file extent item for hole after ranged fsync
     (bsc#1171761).
   - btrfs: fix missing hole after hole punching and fsync when using
     NO_HOLES (bsc#1171761).
   - btrfs: fix missing semaphore unlock in btrfs_sync_file (bsc#1171761).
   - btrfs: fix rare chances for data loss when doing a fast fsync
     (bsc#1171761).
   - btrfs: fix RWF_NOWAIT write not failling when we need to cow
     (bsc#1174438).
   - btrfs: fix RWF_NOWAIT writes blocking on extent locks and waiting for IO
     (bsc#1174438).
   - btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after
     disable (bsc#1172247).
   - btrfs: Remove extra parentheses from condition in copy_items()
     (bsc#1171761).
   - btrfs: remove no longer used io_err from btrfs_log_ctx (bsc#1171761).
   - btrfs: remove no longer used logged range variables when logging extents
     (bsc#1171761).
   - btrfs: remove no longer used 'sync' member from transaction handle
     (bsc#1171761).
   - btrfs: remove remaing full_sync logic from btrfs_sync_file (bsc#1171761).
   - btrfs: remove the logged extents infrastructure (bsc#1171761).
   - btrfs: remove the wait ordered logic in the log_one_extent path
     (bsc#1171761).
   - btrfs: Return EAGAIN if we can't start no snpashot write in
     check_can_nocow (bsc#1174438).
   - btrfs: use correct count in btrfs_file_write_iter() (bsc#1174438).
   - btrfs: Use newly introduced btrfs_lock_and_flush_ordered_range
     (bsc#1174438).
   - btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124).
   - bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
     (bsc#1111666).
   - carl9170: remove P2P_GO support (bsc#1111666).
   - ceph: convert mdsc->cap_dirty to a per-session list (bsc#1167104).
   - ceph: request expedited service on session's last cap flush
     (bsc#1167104).
   - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
     (bsc#1173857).
   - clocksource: dw_apb_timer: Make CPU-affiliation being optional
     (bsc#1111666).
   - crypto: algboss - do not wait during notifier callback (bsc#1111666).
   - crypto: algif_skcipher - Cap recv SG list at ctx->used (bsc#1111666).
   - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
     fully iterated (bsc#1111666).
   - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
     fully iterated (git-fixes).
   - crypto/chcr: fix for ccm(aes) failed test (bsc#1111666).
   - crypto: talitos - fix IPsec cipher in length (git-fixes).
   - crypto: talitos - reorder code in talitos_edesc_alloc() (git-fixes).
   - debugfs: Check module state before warning in {full/open}_proxy_open()
     (bsc#1173746).
   - devinet: fix memleak in inetdev_init() (networking-stable-20_06_07).
   - /dev/mem: Add missing memory barriers for devmem_inode (git-fixes).
   - /dev/mem: Revoke mappings when a driver claims the region (git-fixes).
   - dpaa_eth: fix usage as DSA master, try 3 (networking-stable-20_05_27).
   - driver-core, libnvdimm: Let device subsystems add local lockdep coverage
     (bsc#1171753).
   - Drivers: hv: Change flag to write log level in panic msg to false
     (bsc#1170617, bsc#1170618).
   - drm: bridge: adv7511: Extend list of audio sample rates (bsc#1111666).
   - drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1113956)  * context
     changes
   - drm: encoder_slave: fix refcouting error for modules (bsc#1111666).
   - drm: encoder_slave: fix refcouting error for modules (bsc#1114279)
   - drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
     (bsc#1112178)
   - drm/mediatek: Check plane visibility in atomic_update (bsc#1113956)  *
     context changes
   - drm/msm/dpu: fix error return code in dpu_encoder_init (bsc#1111666).
   - drm: panel-orientation-quirks: Add quirk for Asus T101HA panel
     (bsc#1111666).
   - drm: panel-orientation-quirks: Use generic orientation-data for Acer
     S1003 (bsc#1111666).
   - drm/qxl: Use correct notify port address when creating cursor ring
     (bsc#1113956)
   - drm/radeon: fix double free (bsc#1113956)
   - drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1113956)
   - drm/sun4i: hdmi ddc clk: Fix size of m divider (bsc#1111666).
   - drm/tegra: hub: Do not enable orphaned window group (bsc#1111666).
   - drm/vkms: Hold gem object while still in-use (bsc#1113956)  * context
     changes
   - e1000: Distribute switch variables for initialization (bsc#1111666).
   - e1000e: Disable TSO for buffer overrun workaround (bsc#1051510).
   - e1000e: Do not wake up the system via WOL if device wakeup is disabled
     (bsc#1051510).
   - e1000e: Relax condition to trigger reset for ME workaround (bsc#1111666).
   - EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279).
   - ext4: fix a data race at inode->i_blocks (bsc#1171835).
   - ext4: fix partial cluster initialization when splitting extent
     (bsc#1173839).
   - ext4: fix race between ext4_sync_parent() and rename() (bsc#1173838).
   - ext4, jbd2: ensure panic by fix a race between jbd2 abort and ext4 error
     handlers (bsc#1173833).
   - fanotify: fix ignore mask logic for events on child and on dir
     (bsc#1172719).
   - Fix boot crash with MD (bsc#1174343) Refresh
     patches.suse/mdraid-fix-read-write-bytes-accounting.patch
   - fix multiplication overflow in copy_fdtable() (bsc#1173825).
   - Fix Patch-mainline tag in the previous zram fix patch
   - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks
     (networking-stable-20_05_12).
   - gpu: host1x: Detach driver on unregister (bsc#1111666).
   - HID: magicmouse: do not set up autorepeat (git-fixes).
   - hv_netvsc: Fix netvsc_start_xmit's return type (git-fixes).
   - hwmon: (acpi_power_meter) Fix potential memory leak in
     acpi_power_meter_add() (bsc#1111666).
   - hwmon: (emc2103) fix unable to change fan pwm1_enable attribute
     (bsc#1111666).
   - hwmon: (max6697) Make sure the OVERT mask is set correctly (bsc#1111666).
   - i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665
     (bsc#1111666).
   - i2c: eg20t: Load module automatically if ID matches (bsc#1111666).
   - i2c: mlxcpld: check correct size of maximum RECV_LEN packet
     (bsc#1111666).
   - i40e: reduce stack usage in i40e_set_fc (git-fixes).
   - IB/hfi1: Do not destroy hfi1_wq when the device is shut down
     (bsc#1174409).
   - IB/hfi1: Do not destroy link_wq when the device is shut down
     (bsc#1174409).
   - ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).
   - ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280
     ltc#185369).
   - ibmvnic: Flush existing work items before device removal (bsc#1065729).
   - ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).
   - iio:health:afe4404 Fix timestamp alignment and prevent data leak
     (bsc#1111666).
   - iio:humidity:hdc100x Fix alignment and data leak issues (bsc#1111666).
   - iio:magnetometer:ak8974: Fix alignment and data leak issues
     (bsc#1111666).
   - iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe()
     (bsc#1111666).
   - iio:pressure:ms5611 Fix buffer element alignment (bsc#1111666).
   - iio: pressure: zpa2326: handle pm_runtime_get_sync failure (bsc#1111666).
   - Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list
     (bsc#1111666).
   - input: i8042 - Remove special PowerPC handling (git-fixes).
   - Input: synaptics - add a second working PNP_ID for Lenovo T470s
     (bsc#1111666).
   - intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115).
   - intel_th: Fix a NULL dereference when hub driver is not loaded
     (bsc#1111666).
   - iommu/vt-d: Enable PCI ACS for platform opt in hint (bsc#1174130).
   - ipvlan: call dev_change_flags when ipvlan mode is reset (git-fixes).
   - ixgbevf: Remove limit of 10 entries for unicast filter list (git-fixes).
   - jbd2: avoid leaking transaction credits when unreserving handle
     (bsc#1173845).
   - jbd2: Preserve kABI when adding j_abort_mutex (bsc#1173833).
   - kabi: hv: prevent struct device_node to become defined (bsc#1172871).
   - kABI: protect struct mlx5_cmd_work_ent (kabi).
   - kABI: reintroduce inet_hashtables.h include to l2tp_ip (kabi).
   - kernfs: fix barrier usage in __kernfs_new_node() (bsc#1111666).
   - KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS
     (bsc#1114279).
   - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
     (bsc#1114279).
   - KVM: x86: Fix APIC page invalidation race (bsc#1174122).
   - l2tp: add sk_family checks to l2tp_validate_socket
     (networking-stable-20_06_07).
   - l2tp: do not use inet_hash()/inet_unhash() (networking-stable-20_06_07).
   - libceph: do not omit recovery_deletes in target_copy() (bsc#1173462).
   - libceph: do not omit recovery_deletes in target_copy() (bsc#1174113).
   - libceph: ignore pool overlay and cache logic on redirects (bsc#1173146).
   - libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock
     (bsc#1171753).
   - libnvdimm/bus: Prepare the nd_ioctl() path to be re-entrant
     (bsc#1171753).
   - libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl()
     (bsc#1171753).
   - libnvdimm: cover up changes in struct nvdimm_bus (bsc#1171753).
   - libnvdimm: cover up nd_pfn_sb changes (bsc#1171759).
   - libnvdimm/dax: Pick the right alignment default when creating dax
     devices (bsc#1171759).
   - libnvdimm/label: Remove the dpa align check (bsc#1171759).
   - libnvdimm/of_pmem: Provide a unique name for bus provider (bsc#1171739).
   - libnvdimm/pfn_dev: Add a build check to make sure we notice when struct
     page size change (bsc#1171743).
   - libnvdimm/pfn_dev: Add page size and struct page size to pfn superblock
     (bsc#1171759).
   - libnvdimm/pfn: Prevent raw mode fallback if pfn-infoblock valid
     (bsc#1171743).
   - libnvdimm/pmem: Advance namespace seed for specific probe errors
     (bsc#1171743).
   - libnvdimm/region: Initialize bad block for volatile namespaces
     (bnc#1151927 5.3.6).
   - libnvdimm/region: Rewrite _probe_success() to _advance_seeds()
     (bsc#1171743).
   - libnvdimm: Use PAGE_SIZE instead of SZ_4K for align check (bsc#1171759).
   - loop: replace kill_bdev with invalidate_bdev (bsc#1173820).
   - lpfc_debugfs: get rid of pointless access_ok() (bsc#1172687 bsc#1171530).
   - lpfc: Synchronize NVME transport and lpfc driver devloss_tmo
     (bcs#1173060).
   - media: cec: silence shift wrapping warning in __cec_s_log_addrs()
     (git-fixes).
   - media: si2157: Better check for running tuner in init (bsc#1111666).
   - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue
     (git-fixes).
   - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue (git-fixes).
   - mlxsw: pci: Return error on PCI reset timeout (git-fixes).
   - mlxsw: spectrum_acl_tcam: Position vchunk in a vregion list properly
     (networking-stable-20_05_12).
   - mlxsw: spectrum: Disallow prio-tagged packets when PVID is removed
     (git-fixes).
   - mlxsw: spectrum_dpipe: Add missing error path (git-fixes).
   - mlxsw: spectrum: Prevent force of 56G (git-fixes).
   - mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead
     (git-fixes).
   - mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON()
     (git-fixes).
   - mlxsw: spectrum_switchdev: Add MDB entries in prepare phase (git-fixes).
   - mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky
     (git-fixes).
   - mmc: sdhci: do not enable card detect interrupt for gpio cd type
     (bsc#1111666).
   - mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
     (bsc#1111666).
   - mvpp2: remove misleading comment (git-fixes).
   - net: be more gentle about silly gso requests coming from user
     (networking-stable-20_06_07).
   - net: check untrusted gso_size at kernel entry
     (networking-stable-20_06_07).
   - net/cxgb4: Check the return from t4_query_params properly (git-fixes).
   - net: dsa: bcm_sf2: Fix node reference count (git-fixes).
   - net: dsa: loop: Add module soft dependency (networking-stable-20_05_16).
   - net: dsa: mt7530: fix roaming from DSA user ports
     (networking-stable-20_05_27).
   - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
     (git-fixes).
   - net: ena: add missing ethtool TX timestamping indication (git-fixes).
   - net: ena: avoid memory access violation by validating req_id properly
     (git-fixes).
   - net: ena: do not wake up tx queue when down (git-fixes).
   - net: ena: ena-com.c: prevent NULL pointer dereference (git-fixes).
   - net: ena: ethtool: use correct value for crc32 hash (git-fixes).
   - net: ena: fix continuous keep-alive resets (git-fixes).
   - net: ena: fix corruption of dev_idx_to_host_tbl (git-fixes).
   - net: ena: fix default tx interrupt moderation interval (git-fixes).
   - net: ena: fix incorrect default RSS key (git-fixes).
   - net: ena: fix incorrectly saving queue numbers when setting RSS
     indirection table (git-fixes).
   - net: ena: fix issues in setting interrupt moderation params in ethtool
     (git-fixes).
   - net: ena: fix potential crash when rxfh key is NULL (git-fixes).
   - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
     (git-fixes).
   - net: ena: fix uses of round_jiffies() (git-fixes).
   - net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE (git-fixes).
   - net: ena: reimplement set/get_coalesce() (git-fixes).
   - net: ena: rss: do not allocate key when not supported (git-fixes).
   - net: ena: rss: fix failure to get indirection table (git-fixes).
   - net: ena: rss: store hash function as values and not bits (git-fixes).
   - netfilter: ctnetlink: netns exit must wait for callbacks (bsc#1169795).
   - net: fix a potential recursive NETDEV_FEAT_CHANGE
     (networking-stable-20_05_16).
   - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
     (networking-stable-20_05_27).
   - net: ipip: fix wrong address family in init error path
     (networking-stable-20_05_27).
   - net: ipvlan: Fix ipvlan device tso disabled while NETIF_F_IP_CSUM is set
     (git-fixes).
   - net: macsec: preserve ingress frame ordering
     (networking-stable-20_05_12).
   - net/mlx4_core: drop useless LIST_HEAD (git-fixes).
   - net/mlx4_core: fix a memory leak bug (git-fixes).
   - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc()
     (networking-stable-20_05_12).
   - net/mlx5: Add command entry handling completion
     (networking-stable-20_05_27).
   - net/mlx5: Avoid panic when setting vport rate (git-fixes).
   - net/mlx5: Continue driver initialization despite debugfs failure
     (git-fixes).
   - net/mlx5e: ethtool, Fix a typo in WOL function names (git-fixes).
   - net/mlx5e: Fix traffic duplication in ethtool steering (git-fixes).
   - net/mlx5e: Remove unnecessary clear_bit()s (git-fixes).
   - net/mlx5e: Update netdev txq on completions during closure
     (networking-stable-20_05_27).
   - net/mlx5: Fix command entry leak in Internal Error State
     (networking-stable-20_05_12).
   - net/mlx5: Fix crash upon suspend/resume (networking-stable-20_06_07).
   - net/mlx5: Fix forced completion access non initialized command entry
     (networking-stable-20_05_12).
   - net: mvmdio: allow up to four clocks to be specified for orion-mdio
     (git-fixes).
   - net: mvpp2: prs: Do not override the sign bit in SRAM parser shift
     (git-fixes).
   - net: phy: fix aneg restart in phy_ethtool_set_eee
     (networking-stable-20_05_16).
   - netprio_cgroup: Fix unlimited memory leak of v2 cgroups
     (networking-stable-20_05_16).
   - net: qede: stop adding events on an already destroyed workqueue
     (git-fixes).
   - net: qed: fix excessive QM ILT lines consumption (git-fixes).
   - net: qed: fix NVMe login fails over VFs (git-fixes).
   - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
     (networking-stable-20_05_27).
   - net: revert "net: get rid of an signed integer overflow in
     ip_idents_reserve()" (networking-stable-20_05_27).
   - net sched: fix reporting the first-time use timestamp
     (networking-stable-20_05_27).
   - net: stricter validation of untrusted gso packets
     (networking-stable-20_05_12).
   - net/tls: Fix sk_psock refcnt leak in bpf_exec_tx_verdict()
     (networking-stable-20_05_12).
   - net/tls: Fix sk_psock refcnt leak when in tls_data_ready()
     (networking-stable-20_05_12).
   - net: usb: qmi_wwan: add support for DW5816e (networking-stable-20_05_12).
   - net: usb: qmi_wwan: add Telit 0x1050 composition
     (networking-stable-20_06_07).
   - net: usb: qmi_wwan: add Telit LE910C1-EUX composition
     (networking-stable-20_06_07).
   - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
     vmxnet3_get_rss() (bsc#1172484).
   - nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K (git-fixes).
   - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
     (bsc#1173857).
   - nvdimm: Avoid race between probe and reading device attributes
     (bsc#1170442).
   - nvme: check for NVME_CTRL_LIVE in nvme_report_ns_ids() (bcs#1171558
     bsc#1159058).
   - nvme: do not update multipath disk information if the controller is down
     (bcs#1171558 bsc#1159058).
   - objtool: Clean instruction state before each function validation
     (bsc#1169514).
   - objtool: Ignore empty alternatives (bsc#1169514).
   - ocfs2: no need try to truncate file beyond i_size (bsc#1171841).
   - padata: ensure the reorder timer callback runs on the correct CPU
     (git-fixes).
   - padata: reorder work kABI fixup (git-fixes).
   - PCI/AER: Remove HEST/FIRMWARE_FIRST parsing for AER ownership
     (bsc#1174356).
   - PCI/AER: Use only _OSC to determine AER ownership (bsc#1174356).
   - PCI: Generalize multi-function power dependency device links
     (bsc#1111666).
   - PCI: hv: Change pci_protocol_version to per-hbus (bsc#1172871,
     bsc#1172872).
   - PCI: hv: Fix the PCI HyperV probe failure path to release resource
     properly (bsc#1172871, bsc#1172872).
   - PCI: hv: Introduce hv_msi_entry (bsc#1172871, bsc#1172872).
   - PCI: hv: Move hypercall related definitions into tlfs header
     (bsc#1172871, bsc#1172872).
   - PCI: hv: Move retarget related structures into tlfs header (bsc#1172871,
     bsc#1172872).
   - PCI: hv: Reorganize the code in preparation of hibernation (bsc#1172871,
     bsc#1172872).
   - PCI: hv: Retry PCI bus D0 entry on invalid device state (bsc#1172871,
     bsc#1172872).
   - PCI: pciehp: Fix indefinite wait on sysfs requests (git-fixes).
   - PCI: pciehp: Support interrupts sent from D3hot (git-fixes).
   - pci: Revive pci_dev __aer_firmware_first* fields for kABI (bsc#1174356).
   - perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes).
   - perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes).
   - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus
     precise RIP validity (git-fixes).
   - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus
     precise RIP validity (git-fixes).
   - perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops (git-fixes).
   - perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops (git-fixes).
   - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family
     (10h) (git-fixes).
   - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family
     (10h) (git-fixes).
   - perf/x86/amd/iommu: Make the 'amd_iommu_attr_groups' symbol static
     (git-fixes).
   - perf/x86/amd/iommu: Make the 'amd_iommu_attr_groups' symbol static
     (git-fixes).
   - perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3
     PMCs (git-fixes stable).
   - perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3
     PMCs (git-fixes stable).
   - perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs (git-fixes).
   - perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs (git-fixes).
   - perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf
     events (git-fixes stable).
   - perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf
     events (git-fixes stable).
   - perf/x86: Enable free running PEBS for REGS_USER/INTR (git-fixes).
   - perf/x86: Enable free running PEBS for REGS_USER/INTR (git-fixes).
   - perf/x86: Fix incorrect PEBS_REGS (git-fixes).
   - perf/x86: Fix incorrect PEBS_REGS (git-fixes).
   - perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts()
     (git-fixes).
   - perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts()
     (git-fixes).
   - perf/x86/intel: Add proper condition to run sched_task callbacks
     (git-fixes).
   - perf/x86/intel: Add proper condition to run sched_task callbacks
     (git-fixes).
   - perf/x86/intel/bts: Fix the use of page_private() (git-fixes).
   - perf/x86/intel/bts: Fix the use of page_private() (git-fixes).
   - perf/x86/intel: Fix PT PMI handling (git-fixes).
   - perf/x86/intel: Fix PT PMI handling (git-fixes).
   - perf/x86/intel: Move branch tracing setup to the Intel-specific source
     file (git-fixes).
   - perf/x86/intel: Move branch tracing setup to the Intel-specific source
     file (git-fixes).
   - perf/x86/intel/uncore: Add Node ID mask (git-fixes).
   - perf/x86/intel/uncore: Add Node ID mask (git-fixes).
   - perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX (git-fixes).
   - perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX (git-fixes).
   - perf/x86/intel/uncore: Handle invalid event coding for free-running
     counter (git-fixes).
   - perf/x86/uncore: Fix event group support (git-fixes).
   - perf/x86/uncore: Fix event group support (git-fixes).
   - platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
     (bsc#1111666).
   - PM / Domains: Allow genpd users to specify default active wakeup
     behavior (git-fixes).
   - powerpc/book3s64: Export has_transparent_hugepage() related functions
     (bsc#1171759).
   - powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable
     pkey (bsc#1065729).
   - powerpc/fadump: fix race between pstore write and fadump crash trigger
     (bsc#1168959 ltc#185010).
   - powerpc/xmon: Reset RCU and soft lockup watchdogs (bsc#1065729).
   - power: vexpress: add suppress_bind_attrs to true (bsc#1111666).
   - pppoe: only process PADT targeted at local interfaces
     (networking-stable-20_05_16).
   - qed: reduce maximum stack frame size (git-fixes).
   - qlcnic: fix missing release in qlcnic_83xx_interrupt_test (git-fixes).
   - r8152: support additional Microsoft Surface Ethernet Adapter variant
     (networking-stable-20_05_27).
   - RDMA/efa: Set maximum pkeys device attribute (bsc#1111666)
   - README.BRANCH: Add Takashi Iwai as primary maintainer.
   - regmap: debugfs: Do not sleep while atomic for fast_io regmaps
     (bsc#1111666).
   - Revert commit e918e570415c ("tpm_tis: Remove the HID IFX0102")
     (bsc#1111666).
   - Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu"
     (networking-stable-20_05_16).
   - Revert "thermal: mediatek: fix register index error" (bsc#1111666).
   - rpm/kernel-docs.spec.in: Require python-packaging for build.
   - rtnetlink: Fix memory(net_device) leak when ->newlink fails (git-fixes).
   - s390: fix syscall_get_error for compat processes (git-fixes).
   - s390/qdio: consistently restore the IRQ handler (git-fixes).
   - s390/qdio: lock device while installing IRQ handler (git-fixes).
   - s390/qdio: put thinint indicator after early error (git-fixes).
   - s390/qdio: tear down thinint indicator after early error (git-fixes).
   - s390/qeth: fix error handling for isolation mode cmds (git-fixes).
   - sch_choke: avoid potential panic in choke_reset()
     (networking-stable-20_05_12).
   - sch_sfq: validate silly quantum values (networking-stable-20_05_12).
   - scsi: aacraid: fix a signedness bug (bsc#1174296).
   - scsi: hisi_sas: fix calls to dma_set_mask_and_coherent() (bsc#1174296).
   - scsi: lpfc: Add an internal trace log buffer (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Add blk_io_poll support for latency improvment (bsc#1172687
     bsc#1171530).
   - scsi: lpfc: Add support to display if adapter dumps are available
     (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Allow applications to issue Common Set Features mailbox
     command (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Avoid another null dereference in lpfc_sli4_hba_unset()
     (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Fix inconsistent indenting (bsc#1158983).
   - scsi: lpfc: Fix interrupt assignments when multiple vectors are
     supported on same CPU (bsc#1158983).
   - scsi: lpfc: Fix kdump hang on PPC (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Fix language in 0373 message to reflect non-error message
     (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Fix less-than-zero comparison of unsigned value
     (bsc#1158983).
   - scsi: lpfc: Fix missing MDS functionality (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Fix NVMe rport deregister and registration during ADISC
     (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Fix oops due to overrun when reading SLI3 data (bsc#1172687
     bsc#1171530).
   - scsi: lpfc: Fix shost refcount mismatch when deleting vport (bsc#1172687
     bsc#1171530).
   - scsi: lpfc: Fix stack trace seen while setting rrq active (bsc#1172687
     bsc#1171530).
   - scsi: lpfc: Fix unused assignment in lpfc_sli4_bsg_link_diag_test
     (bsc#1172687 bsc#1171530).
   - scsi: lpfc: Update lpfc version to 12.8.0.2 (bsc#1158983).
   - scsi: megaraid_sas: Fix a compilation warning (bsc#1174296).
   - scsi: mpt3sas: Fix double free in attach error handling (bsc#1174296).
   - scsi: qedf: Add port_id getter (bsc#1150660).
   - scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs()
     (bsc#1174296).
   - scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request
     (bsc#1158983).
   - sctp: Do not add the shutdown timer if its already been added
     (networking-stable-20_05_27).
   - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state
     and socket is closed (networking-stable-20_05_27).
   - spi: fix initial SPI_SR value in spi-fsl-dspi (bsc#1111666).
   - spi: pxa2xx: Apply CS clk quirk to BXT (bsc#1111666).
   - spi: spidev: fix a race between spidev_release and spidev_remove
     (bsc#1111666).
   - spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate
     (bsc#1111666).
   - staging: comedi: verify array index is correct before using it
     (bsc#1111666).
   - SUNRPC: The TCP back channel mustn't disappear while requests are
     outstanding (bsc#1152624).
   - tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes
     (bsc#1173284).
   - timers: Add a function to start/reduce a timer
     (networking-stable-20_05_27).
   - tpm_tis: extra chip->ops check on error path in tpm_tis_core_init
     (bsc#1111666).
   - tpm_tis: Remove the HID IFX0102 (bsc#1111666).
   - tracing: Fix event trigger to accept redundant spaces (git-fixes).
   - tty: hvc_console, fix crashes on parallel open/close (git-fixes).
   - tunnel: Propagate ECT(1) when decapsulating as recommended by RFC6040
     (networking-stable-20_05_12).
   - ubifs: remove broken lazytime support (bsc#1173826).
   - usb: add USB_QUIRK_DELAY_INIT for Logitech C922 (git-fixes).
   - usb: c67x00: fix use after free in c67x00_giveback_urb (bsc#1111666).
   - usb: chipidea: core: add wakeup support for extcon (bsc#1111666).
   - usb: dwc2: Fix shutdown callback in platform (bsc#1111666).
   - usb: dwc3: gadget: introduce cancelled_list (git-fixes).
   - usb: dwc3: gadget: never call ->complete() from ->ep_queue() (git-fixes).
   - usb: dwc3: gadget: Properly handle ClearFeature(halt) (git-fixes).
   - usb: dwc3: gadget: Properly handle failed kick_transfer (git-fixes).
   - usb: ehci: reopen solution for Synopsys HC bug (git-fixes).
   - usb: gadget: fix potential double-free in m66592_probe (bsc#1111666).
   - usb: gadget: udc: atmel: fix uninitialized read in debug printk
     (bsc#1111666).
   - usb: gadget: udc: atmel: remove outdated comment in usba_ep_disable()
     (bsc#1111666).
   - usb: gadget: udc: Potential Oops in error handling code (bsc#1111666).
   - usb: host: ehci-exynos: Fix error check in exynos_ehci_probe()
     (bsc#1111666).
   - usbnet: smsc95xx: Fix use-after-free after removal (bsc#1111666).
   - usb: ohci-sm501: Add missed iounmap() in remove (bsc#1111666).
   - usb: serial: ch341: add new Product ID for CH340 (bsc#1111666).
   - usb: serial: cypress_m8: enable Simply Automated UPB PIM (bsc#1111666).
   - usb: serial: iuu_phoenix: fix memory corruption (bsc#1111666).
   - usb: serial: option: add GosunCn GM500 series (bsc#1111666).
   - usb: serial: option: add Quectel EG95 LTE modem (bsc#1111666).
   - vfio/pci: Fix SR-IOV VF handling with MMIO blocking (bsc#1174123).
   - vfs: Fix EOVERFLOW testing in put_compat_statfs64 (bnc#1151927 5.3.6).
   - virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc
     serial (git-fixes).
   - vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484).
   - vmxnet3: add support to get/set rx flow hash (bsc#1172484).
   - vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484).
   - vmxnet3: avoid format strint overflow warning (bsc#1172484).
   - vmxnet3: prepare for version 4 changes (bsc#1172484).
   - vmxnet3: Remove always false conditional statement (bsc#1172484).
   - vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1172484).
   - vmxnet3: remove unused flag "rxcsum" from struct vmxnet3_adapter
     (bsc#1172484).
   - vmxnet3: Replace msleep(1) with usleep_range() (bsc#1172484).
   - vmxnet3: update to version 4 (bsc#1172484).
   - vmxnet3: use correct hdr reference when packet is encapsulated
     (bsc#1172484).
   - vsock: fix timeout in vsock_accept() (networking-stable-20_06_07).
   - vxlan: Avoid infinite loop when suppressing NS messages with invalid
     options (git-fixes).
   - wil6210: make sure Rx ring sizes are correlated (git-fixes).
   - x86/apic: Install an empty physflat_init_apic_ldr (bsc#1163309).
   - x86/events/intel/ds: Add PERF_SAMPLE_PERIOD into PEBS_FREERUNNING_FLAGS
     (git-fixes).
   - x86/events/intel/ds: Add PERF_SAMPLE_PERIOD into PEBS_FREERUNNING_FLAGS
     (git-fixes).
   - x86/{mce,mm}: Unmap the entire page if the whole page is affected and
     poisoned (bsc#1172257).
   - x86/reboot/quirks: Add MacBook6,1 reboot quirk (bsc#1114279).
   - xhci: Fix incorrect EP_STATE_MASK (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Live Patching 12-SP5:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-2122=1



Package List:

   - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):

      kernel-default-debuginfo-4.12.14-122.29.1
      kernel-default-debugsource-4.12.14-122.29.1
      kernel-default-kgraft-4.12.14-122.29.1
      kernel-default-kgraft-devel-4.12.14-122.29.1
      kgraft-patch-4_12_14-122_29-default-1-8.3.1


References:

   https://www.suse.com/security/cve/CVE-2019-16746.html
   https://www.suse.com/security/cve/CVE-2019-20908.html
   https://www.suse.com/security/cve/CVE-2020-0305.html
   https://www.suse.com/security/cve/CVE-2020-10135.html
   https://www.suse.com/security/cve/CVE-2020-10769.html
   https://www.suse.com/security/cve/CVE-2020-10773.html
   https://www.suse.com/security/cve/CVE-2020-10781.html
   https://www.suse.com/security/cve/CVE-2020-12771.html
   https://www.suse.com/security/cve/CVE-2020-12888.html
   https://www.suse.com/security/cve/CVE-2020-14331.html
   https://www.suse.com/security/cve/CVE-2020-14416.html
   https://www.suse.com/security/cve/CVE-2020-15393.html
   https://www.suse.com/security/cve/CVE-2020-15780.html
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1104967
   https://bugzilla.suse.com/1111666
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1113956
   https://bugzilla.suse.com/1114279
   https://bugzilla.suse.com/1150660
   https://bugzilla.suse.com/1151927
   https://bugzilla.suse.com/1152107
   https://bugzilla.suse.com/1152624
   https://bugzilla.suse.com/1158983
   https://bugzilla.suse.com/1159058
   https://bugzilla.suse.com/1162002
   https://bugzilla.suse.com/1163309
   https://bugzilla.suse.com/1167104
   https://bugzilla.suse.com/1168959
   https://bugzilla.suse.com/1169514
   https://bugzilla.suse.com/1169771
   https://bugzilla.suse.com/1169795
   https://bugzilla.suse.com/1170011
   https://bugzilla.suse.com/1170442
   https://bugzilla.suse.com/1170617
   https://bugzilla.suse.com/1170618
   https://bugzilla.suse.com/1171124
   https://bugzilla.suse.com/1171424
   https://bugzilla.suse.com/1171529
   https://bugzilla.suse.com/1171530
   https://bugzilla.suse.com/1171558
   https://bugzilla.suse.com/1171673
   https://bugzilla.suse.com/1171732
   https://bugzilla.suse.com/1171739
   https://bugzilla.suse.com/1171743
   https://bugzilla.suse.com/1171753
   https://bugzilla.suse.com/1171759
   https://bugzilla.suse.com/1171761
   https://bugzilla.suse.com/1171835
   https://bugzilla.suse.com/1171841
   https://bugzilla.suse.com/1171868
   https://bugzilla.suse.com/1171988
   https://bugzilla.suse.com/1172247
   https://bugzilla.suse.com/1172257
   https://bugzilla.suse.com/1172344
   https://bugzilla.suse.com/1172484
   https://bugzilla.suse.com/1172687
   https://bugzilla.suse.com/1172719
   https://bugzilla.suse.com/1172871
   https://bugzilla.suse.com/1172872
   https://bugzilla.suse.com/1172999
   https://bugzilla.suse.com/1173060
   https://bugzilla.suse.com/1173074
   https://bugzilla.suse.com/1173146
   https://bugzilla.suse.com/1173265
   https://bugzilla.suse.com/1173280
   https://bugzilla.suse.com/1173284
   https://bugzilla.suse.com/1173428
   https://bugzilla.suse.com/1173462
   https://bugzilla.suse.com/1173514
   https://bugzilla.suse.com/1173567
   https://bugzilla.suse.com/1173573
   https://bugzilla.suse.com/1173746
   https://bugzilla.suse.com/1173818
   https://bugzilla.suse.com/1173820
   https://bugzilla.suse.com/1173825
   https://bugzilla.suse.com/1173826
   https://bugzilla.suse.com/1173833
   https://bugzilla.suse.com/1173838
   https://bugzilla.suse.com/1173839
   https://bugzilla.suse.com/1173845
   https://bugzilla.suse.com/1173857
   https://bugzilla.suse.com/1174113
   https://bugzilla.suse.com/1174115
   https://bugzilla.suse.com/1174122
   https://bugzilla.suse.com/1174123
   https://bugzilla.suse.com/1174130
   https://bugzilla.suse.com/1174205
   https://bugzilla.suse.com/1174296
   https://bugzilla.suse.com/1174343
   https://bugzilla.suse.com/1174356
   https://bugzilla.suse.com/1174409
   https://bugzilla.suse.com/1174438
   https://bugzilla.suse.com/1174462
   https://bugzilla.suse.com/1174543



More information about the sle-security-updates mailing list