SUSE-RU-2017:1227-1: Recommended update for SuSEfirewall2

sle-updates at sle-updates at
Tue May 9 13:14:42 MDT 2017

   SUSE Recommended Update: Recommended update for SuSEfirewall2

Announcement ID:    SUSE-RU-2017:1227-1
Rating:             low
References:         #785299 #798468 #906136 
Affected Products:
                    SUSE Linux Enterprise Server 11-SP4

   An update that has three recommended fixes can now be


   This update for SuSEfirewall2 provides the following fixes:

   - No longer call fillup during postinstall to prevent multiline
     configuration values being broken. (bsc#798468)
   - Ignore the bootlock when incremental updates for hotplugged or virtual
     devices are coming in during boot. This prevents lockups for example
     when drbd is used with FB_BOOT_FULL_INIT. (bsc#785299)
   - Only apply FW_KERNEL_SECURITY proc settings, if not overriden by the
     administrator in /etc/sysctl.conf. This allows you to benefit from some
     of the kernel security settings, while overwriting others. (bsc#906136)

Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP4:

      zypper in -t patch slessp4-SuSEfirewall2-13097=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Server 11-SP4 (noarch):



More information about the sle-updates mailing list