SUSE-SU-2020:1275-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu May 14 07:15:42 MDT 2020


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:1275-1
Rating:             important
References:         #1056134 #1087813 #1120386 #1133147 #1137325 
                    #1145929 #1149591 #1154118 #1154844 #1155689 
                    #1157155 #1157157 #1157303 #1157804 #1158021 
                    #1158642 #1158819 #1159199 #1159285 #1159297 
                    #1159841 #1159908 #1159910 #1159911 #1159912 
                    #1160195 #1161586 #1162227 #1162928 #1162929 
                    #1162931 #1163508 #1163971 #1164009 #1164051 
                    #1164069 #1164078 #1164846 #1165111 #1165311 
                    #1165873 #1165881 #1165984 #1165985 #1167421 
                    #1167423 #1167629 #1168075 #1168295 #1168424 
                    #1168829 #1168854 #1170056 #1170345 #1170778 
                    #1170847 
Cross-References:   CVE-2017-18255 CVE-2018-12126 CVE-2018-12127
                    CVE-2018-12130 CVE-2018-21008 CVE-2019-11091
                    CVE-2019-14615 CVE-2019-14896 CVE-2019-14897
                    CVE-2019-18675 CVE-2019-19066 CVE-2019-19319
                    CVE-2019-19447 CVE-2019-19767 CVE-2019-19768
                    CVE-2019-19965 CVE-2019-19966 CVE-2019-20054
                    CVE-2019-20096 CVE-2019-3701 CVE-2019-5108
                    CVE-2019-9455 CVE-2019-9458 CVE-2020-10690
                    CVE-2020-10720 CVE-2020-10942 CVE-2020-11494
                    CVE-2020-11608 CVE-2020-11609 CVE-2020-2732
                    CVE-2020-8647 CVE-2020-8648 CVE-2020-8649
                    CVE-2020-8992 CVE-2020-9383
Affected Products:
                    SUSE OpenStack Cloud Crowbar 8
                    SUSE OpenStack Cloud 8
                    SUSE Linux Enterprise Server for SAP 12-SP3
                    SUSE Linux Enterprise Server 12-SP3-LTSS
                    SUSE Linux Enterprise Server 12-SP3-BCL
                    SUSE Linux Enterprise High Availability 12-SP3
                    SUSE Enterprise Storage 5
                    HPE Helion Openstack 8
______________________________________________________________________________

   An update that solves 35 vulnerabilities and has 21 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2020-11494: An issue was discovered in slc_bump in
     drivers/net/can/slcan.c, which allowed attackers to read uninitialized
     can_frame data, potentially containing sensitive information from kernel
     stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
     (bnc#1168424).
   - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks
     validation of an sk_family field, which might allow attackers to trigger
     kernel stack corruption via crafted system calls (bnc#1167629).
   - CVE-2020-8647: Fixed a use-after-free vulnerability in the vc_do_resize
     function in drivers/tty/vt/vt.c (bnc#1162929).
   - CVE-2020-8649: Fixed a use-after-free vulnerability in the
     vgacon_invert_region function in drivers/video/console/vgacon.c
     (bnc#1162931).
   - CVE-2020-9383: Fixed an issue in set_fdc in drivers/block/floppy.c,
     which leads to a wait_til_ready out-of-bounds read (bnc#1165111).
   - CVE-2019-9458: In the video driver there was a use after free due to a
     race condition. This could lead to local escalation of privilege with no
     additional execution privileges needed (bnc#1168295).
   - CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a
     system crash (bnc#1120386).
   - CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function
     in kernel/trace/blktrace.c (bnc#1159285).
   - CVE-2020-11609: Fixed a NULL pointer dereference in the stv06xx
     subsystem caused by mishandling invalid descriptors (bnc#1168854).
   - CVE-2020-10720: Fixed a use-after-free read in napi_gro_frags()
     (bsc#1170778).
   - CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev
     (bsc#1170056).
   - CVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a
     video driver. This could lead to local information disclosure with
     System execution privileges needed (bnc#1170345).
   - CVE-2020-11608: Fixed an issue in drivers/media/usb/gspca/ov519.c caused
     by a NULL pointer dereferences in ov511_mode_init_regs and
     ov518_mode_init_regs when there are zero endpoints (bnc#1168829).
   - CVE-2017-18255: The perf_cpu_time_max_percent_handler function in
     kernel/events/core.c allowed local users to cause a denial of service
     (integer overflow) or possibly have unspecified other impact via a large
     value, as demonstrated by an incorrect sample-rate calculation
     (bnc#1087813).
   - CVE-2020-8648: There was a use-after-free vulnerability in the
     n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).
   - CVE-2020-2732: A flaw was discovered in the way that the KVM hypervisor
     handled instruction emulation for an L2 guest when nested virtualisation
     is enabled. Under some circumstances, an L2 guest may trick the L0 guest
     into accessing sensitive L1 resources that should be inaccessible to the
     L2 guest (bnc#1163971).
   - CVE-2019-5108: Fixed a denial-of-service vulnerability caused by
     triggering AP to send IAPP location updates for stations before the
     required authentication process has completed (bnc#1159912).
   - CVE-2020-8992: ext4_protect_reserved_inode in fs/ext4/block_validity.c
     allowed attackers to cause a denial of service (soft lockup) via a
     crafted journal size (bnc#1164069).
   - CVE-2018-21008: Fixed a use-after-free which could be caused by the
     function rsi_mac80211_detach in the file
     drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591).
   - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in
     Marvell WiFi chip driver. A remote attacker could cause a denial of
     service (system crash) or, possibly execute arbitrary code, when the
     lbs_ibss_join_existing function is called after a STA connects to an AP
     (bnc#1157157).
   - CVE-2019-14897: A stack-based buffer overflow was found in Marvell WiFi
     chip driver. An attacker is able to cause a denial of service (system
     crash) or, possibly execute arbitrary code, when a STA works in IBSS
     mode (allows connecting stations together without the use of an AP) and
     connects to another STA (bnc#1157155).
   - CVE-2019-18675: Fixed an integer overflow in cpia2_remap_buffer in
     drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap
     implementation. This allowed local users (with /dev/video0 access) to
     obtain read and write permissions on kernel physical pages, which can
     possibly result in a privilege escalation (bnc#1157804).
   - CVE-2019-14615: Insufficient control flow in certain data structures for
     some Intel(R) Processors with Intel(R) Processor Graphics may have
     allowed an unauthenticated user to potentially enable information
     disclosure via local access (bnc#1160195, bsc#1165881).
   - CVE-2019-19965: Fixed a NULL pointer dereference in
     drivers/scsi/libsas/sas_discover.c because of mishandling of port
     disconnection during discovery, related to a PHY down race condition
     (bnc#1159911).
   - CVE-2019-20054: Fixed a NULL pointer dereference in drop_sysctl_table()
     in fs/proc/proc_sysctl.c, related to put_links (bnc#1159910).
   - CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in
     net/dccp/feat.c, which may cause denial of service (bnc#1159908).
   - CVE-2019-19966: Fixed a use-after-free in cpia2_exit() in
     drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service
     (bnc#1159841).
   - CVE-2019-19447: Fixed an issue with mounting a crafted ext4 filesystem
     image, performing some operations, and unmounting could lead to a
     use-after-free in ext4_put_super in fs/ext4/super.c, related to
     dump_orphan_list in fs/ext4/super.c (bnc#1158819).
   - CVE-2019-19319: Fixed an issue with a setxattr operation, after a mount
     of a crafted ext4 image, can cause a slab-out-of-bounds write access
     because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c
     when a large old_size value is used in a memset call (bnc#1158021).
   - CVE-2019-19767: Fixed mishandling of ext4_expand_extra_isize, as
     demonstrated by use-after-free errors in __ext4_expand_extra_isize and
     ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c
     (bnc#1159297).
   - CVE-2019-11091,CVE-2018-12126,CVE-2018-12130,CVE-2018-12127: Earlier
     mitigations for the "MDS" Microarchitectural Data Sampling attacks were
     not complete. An additional fix was added to the x86_64 fast systemcall
     path to further mitigate these attacks. (bsc#1164846 bsc#1170847)


   The following non-security bugs were fixed:

   - blk: Fix kabi due to blk_trace_mutex addition (bsc#1159285).
   - blktrace: fix dereference after null check (bsc#1159285).
   - blktrace: fix trace mutex deadlock (bsc#1159285).
   - btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered
     extents (bsc#1163508).
   - btrfs: fix panic during relocation after ENOSPC before writeback happens
     (bsc#1163508).
   - btrfs: qgroup: Fix root item corruption when multiple same source
     snapshots are created with quota enabled (bsc#1158642)
   - btrfs: relocation: fix reloc_root lifespan and access (bsc#1164009).
   - enic: prevent waking up stopped tx queues over watchdog reset
     (bsc#1133147).
   - fix PageHeadHuge() race with THP split (VM Functionality, bsc#1165311).
   - fs/xfs: fix f_ffree value for statfs when project quota is set
     (bsc#1165985).
   - ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).
   - ibmvnic: Fix completion structure initialization (bsc#1155689
     ltc#182047).
   - ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).
   - ibmvnic: Terminate waiting device threads after loss of service
     (bsc#1155689 ltc#182047).
   - input: add safety guards to input_set_keycode() (bsc#1168075).
   - ipv4: correct gso_size for UFO (bsc#1154844).
   - ipv6: fix memory accounting during ipv6 queue expire (bsc#1162227)
     (bsc#1162227).
   - ipvlan: do not add hardware address of master to its unicast filter list
     (bsc#1137325).
   - md: add mddev->pers to avoid potential NULL pointer dereference
     (bsc#1056134).
   - md/bitmap: do not read page from device with Bitmap_sync (bsc#1056134).
   - md: change the initialization value for a spare device spot to
     MD_DISK_ROLE_SPARE (bsc#1056134).
   - md: Delete gendisk before cleaning up the request queue (bsc#1056134).
   - md: do not call bitmap_create() while array is quiesced (bsc#1056134).
   - md: do not set In_sync if array is frozen (bsc#1056134).
   - md: fix a potential deadlock of raid5/raid10 reshape (bsc#1056134).
   - md: md.c: Return -ENODEV when mddev is NULL in rdev_attr_show
     (bsc#1056134).
   - md: notify about new spare disk in the container (bsc#1056134).
   - md/raid0: Fix buffer overflow at debug print (bsc#1164051).
   - md/raid10: end bio when the device faulty (bsc#1056134).
   - md/raid10: Fix raid10 replace hang when new added disk faulty
     (bsc#1056134).
   - md/raid1,raid10: silence warning about wait-within-wait (bsc#1056134).
   - md: return -ENODEV if rdev has no mddev assigned (bsc#1056134).
   - media: ov519: add missing endpoint sanity checks (bsc#1168829).
   - media: stv06xx: add missing descriptor sanity checks (bsc#1168854).
   - net: ena: Add PCI shutdown handler to allow safe kexec (bsc#1167421,
     bsc#1167423).
   - netfilter: conntrack: sctp: use distinct states for new SCTP connections
     (bsc#1159199).
   - net/ibmvnic: Fix typo in retry check (bsc#1155689 ltc#182047).
   - rpm/kernel-binary.spec.in: Replace Novell with SUSE
   - sched/fair: Scale bandwidth quota and period without losing quota/period
     ratio precision (bsc#1161586).
   - scsi: core: avoid repetitive logging of device offline messages
     (bsc#1145929).
   - scsi: core: kABI fix already_offline (bsc#1145929).
   - tcp: clear tp->packets_out when purging write queue (bsc#1154118).
   - x86/mitigations: Clear CPU buffers on the SYSCALL fast path (bsc#1164846
     bsc#1170847).
   - xfs: also remove cached ACLs when removing the underlying attr
     (bsc#1165873).
   - xfs: bulkstat should copy lastip whenever userspace supplies one
     (bsc#1165984).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 8:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1275=1

   - SUSE OpenStack Cloud 8:

      zypper in -t patch SUSE-OpenStack-Cloud-8-2020-1275=1

   - SUSE Linux Enterprise Server for SAP 12-SP3:

      zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1275=1

   - SUSE Linux Enterprise Server 12-SP3-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1275=1

   - SUSE Linux Enterprise Server 12-SP3-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1275=1

   - SUSE Linux Enterprise High Availability 12-SP3:

      zypper in -t patch SUSE-SLE-HA-12-SP3-2020-1275=1

   - SUSE Enterprise Storage 5:

      zypper in -t patch SUSE-Storage-5-2020-1275=1

   - HPE Helion Openstack 8:

      zypper in -t patch HPE-Helion-OpenStack-8-2020-1275=1



Package List:

   - SUSE OpenStack Cloud Crowbar 8 (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - SUSE OpenStack Cloud Crowbar 8 (x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-default-kgraft-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1
      kgraft-patch-4_4_180-94_116-default-1-4.3.1
      kgraft-patch-4_4_180-94_116-default-debuginfo-1-4.3.1

   - SUSE OpenStack Cloud 8 (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - SUSE OpenStack Cloud 8 (x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-default-kgraft-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1
      kgraft-patch-4_4_180-94_116-default-1-4.3.1
      kgraft-patch-4_4_180-94_116-default-debuginfo-1-4.3.1

   - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-default-kgraft-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1
      kgraft-patch-4_4_180-94_116-default-1-4.3.1
      kgraft-patch-4_4_180-94_116-default-debuginfo-1-4.3.1

   - SUSE Linux Enterprise Server for SAP 12-SP3 (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1

   - SUSE Linux Enterprise Server 12-SP3-LTSS (ppc64le x86_64):

      kernel-default-kgraft-4.4.180-94.116.1
      kgraft-patch-4_4_180-94_116-default-1-4.3.1
      kgraft-patch-4_4_180-94_116-default-debuginfo-1-4.3.1

   - SUSE Linux Enterprise Server 12-SP3-LTSS (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - SUSE Linux Enterprise Server 12-SP3-LTSS (s390x):

      kernel-default-man-4.4.180-94.116.1

   - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1

   - SUSE Linux Enterprise Server 12-SP3-BCL (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.4.180-94.116.1
      cluster-md-kmp-default-debuginfo-4.4.180-94.116.1
      dlm-kmp-default-4.4.180-94.116.1
      dlm-kmp-default-debuginfo-4.4.180-94.116.1
      gfs2-kmp-default-4.4.180-94.116.1
      gfs2-kmp-default-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      ocfs2-kmp-default-4.4.180-94.116.1
      ocfs2-kmp-default-debuginfo-4.4.180-94.116.1

   - SUSE Enterprise Storage 5 (aarch64 x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1

   - SUSE Enterprise Storage 5 (x86_64):

      kernel-default-kgraft-4.4.180-94.116.1
      kgraft-patch-4_4_180-94_116-default-1-4.3.1
      kgraft-patch-4_4_180-94_116-default-debuginfo-1-4.3.1

   - SUSE Enterprise Storage 5 (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - HPE Helion Openstack 8 (noarch):

      kernel-devel-4.4.180-94.116.1
      kernel-macros-4.4.180-94.116.1
      kernel-source-4.4.180-94.116.1

   - HPE Helion Openstack 8 (x86_64):

      kernel-default-4.4.180-94.116.1
      kernel-default-base-4.4.180-94.116.1
      kernel-default-base-debuginfo-4.4.180-94.116.1
      kernel-default-debuginfo-4.4.180-94.116.1
      kernel-default-debugsource-4.4.180-94.116.1
      kernel-default-devel-4.4.180-94.116.1
      kernel-default-kgraft-4.4.180-94.116.1
      kernel-syms-4.4.180-94.116.1
      kgraft-patch-4_4_180-94_116-default-1-4.3.1
      kgraft-patch-4_4_180-94_116-default-debuginfo-1-4.3.1


References:

   https://www.suse.com/security/cve/CVE-2017-18255.html
   https://www.suse.com/security/cve/CVE-2018-12126.html
   https://www.suse.com/security/cve/CVE-2018-12127.html
   https://www.suse.com/security/cve/CVE-2018-12130.html
   https://www.suse.com/security/cve/CVE-2018-21008.html
   https://www.suse.com/security/cve/CVE-2019-11091.html
   https://www.suse.com/security/cve/CVE-2019-14615.html
   https://www.suse.com/security/cve/CVE-2019-14896.html
   https://www.suse.com/security/cve/CVE-2019-14897.html
   https://www.suse.com/security/cve/CVE-2019-18675.html
   https://www.suse.com/security/cve/CVE-2019-19066.html
   https://www.suse.com/security/cve/CVE-2019-19319.html
   https://www.suse.com/security/cve/CVE-2019-19447.html
   https://www.suse.com/security/cve/CVE-2019-19767.html
   https://www.suse.com/security/cve/CVE-2019-19768.html
   https://www.suse.com/security/cve/CVE-2019-19965.html
   https://www.suse.com/security/cve/CVE-2019-19966.html
   https://www.suse.com/security/cve/CVE-2019-20054.html
   https://www.suse.com/security/cve/CVE-2019-20096.html
   https://www.suse.com/security/cve/CVE-2019-3701.html
   https://www.suse.com/security/cve/CVE-2019-5108.html
   https://www.suse.com/security/cve/CVE-2019-9455.html
   https://www.suse.com/security/cve/CVE-2019-9458.html
   https://www.suse.com/security/cve/CVE-2020-10690.html
   https://www.suse.com/security/cve/CVE-2020-10720.html
   https://www.suse.com/security/cve/CVE-2020-10942.html
   https://www.suse.com/security/cve/CVE-2020-11494.html
   https://www.suse.com/security/cve/CVE-2020-11608.html
   https://www.suse.com/security/cve/CVE-2020-11609.html
   https://www.suse.com/security/cve/CVE-2020-2732.html
   https://www.suse.com/security/cve/CVE-2020-8647.html
   https://www.suse.com/security/cve/CVE-2020-8648.html
   https://www.suse.com/security/cve/CVE-2020-8649.html
   https://www.suse.com/security/cve/CVE-2020-8992.html
   https://www.suse.com/security/cve/CVE-2020-9383.html
   https://bugzilla.suse.com/1056134
   https://bugzilla.suse.com/1087813
   https://bugzilla.suse.com/1120386
   https://bugzilla.suse.com/1133147
   https://bugzilla.suse.com/1137325
   https://bugzilla.suse.com/1145929
   https://bugzilla.suse.com/1149591
   https://bugzilla.suse.com/1154118
   https://bugzilla.suse.com/1154844
   https://bugzilla.suse.com/1155689
   https://bugzilla.suse.com/1157155
   https://bugzilla.suse.com/1157157
   https://bugzilla.suse.com/1157303
   https://bugzilla.suse.com/1157804
   https://bugzilla.suse.com/1158021
   https://bugzilla.suse.com/1158642
   https://bugzilla.suse.com/1158819
   https://bugzilla.suse.com/1159199
   https://bugzilla.suse.com/1159285
   https://bugzilla.suse.com/1159297
   https://bugzilla.suse.com/1159841
   https://bugzilla.suse.com/1159908
   https://bugzilla.suse.com/1159910
   https://bugzilla.suse.com/1159911
   https://bugzilla.suse.com/1159912
   https://bugzilla.suse.com/1160195
   https://bugzilla.suse.com/1161586
   https://bugzilla.suse.com/1162227
   https://bugzilla.suse.com/1162928
   https://bugzilla.suse.com/1162929
   https://bugzilla.suse.com/1162931
   https://bugzilla.suse.com/1163508
   https://bugzilla.suse.com/1163971
   https://bugzilla.suse.com/1164009
   https://bugzilla.suse.com/1164051
   https://bugzilla.suse.com/1164069
   https://bugzilla.suse.com/1164078
   https://bugzilla.suse.com/1164846
   https://bugzilla.suse.com/1165111
   https://bugzilla.suse.com/1165311
   https://bugzilla.suse.com/1165873
   https://bugzilla.suse.com/1165881
   https://bugzilla.suse.com/1165984
   https://bugzilla.suse.com/1165985
   https://bugzilla.suse.com/1167421
   https://bugzilla.suse.com/1167423
   https://bugzilla.suse.com/1167629
   https://bugzilla.suse.com/1168075
   https://bugzilla.suse.com/1168295
   https://bugzilla.suse.com/1168424
   https://bugzilla.suse.com/1168829
   https://bugzilla.suse.com/1168854
   https://bugzilla.suse.com/1170056
   https://bugzilla.suse.com/1170345
   https://bugzilla.suse.com/1170778
   https://bugzilla.suse.com/1170847



More information about the sle-security-updates mailing list