SUSE-SU-2017:2696-1: moderate: Security update for dracut
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Oct 10 13:10:08 MDT 2017
SUSE Security Update: Security update for dracut
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:2696-1
Rating: moderate
References: #1005410 #1006118 #1007925 #1008340 #1008648
#1017695 #1032576 #1035743 #935320 #959803
#986734 #986838
Cross-References: CVE-2016-8637
Affected Products:
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that solves one vulnerability and has 11 fixes is
now available.
Description:
This update for dracut fixes the following issues:
Security issues fixed:
- CVE-2016-8637: When the early microcode loading was enabled during
initrd creation, the initrd would be read-only available for all users,
allowing local users to retrieve secrets stored in the initial ramdisk.
(bsc#1008340)
Non-security issues fixed:
- Skip iBFT discovery for qla4xxx flashnode session. (bsc#935320)
- Set MTU and LLADDR for DHCP if specified. (bsc#959803)
- Allow booting from degraded MD arrays with systemd. (bsc#1017695)
- Start multipath services before local-fs-pre.target. (bsc#1005410,
bsc#1006118, bsc#1007925, bsc#986734, bsc#986838)
- Fixed /sbin/installkernel to handle kernel packages built with 'make
bin-rpmpkg'. (bsc#1008648)
- Fixed typo in installkernel script. (bsc#1032576)
- Fixed subnet calculation in mkinitrd. (bsc#1035743)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2017-1669=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):
dracut-037-51.31.1
dracut-debuginfo-037-51.31.1
dracut-debugsource-037-51.31.1
dracut-fips-037-51.31.1
References:
https://www.suse.com/security/cve/CVE-2016-8637.html
https://bugzilla.suse.com/1005410
https://bugzilla.suse.com/1006118
https://bugzilla.suse.com/1007925
https://bugzilla.suse.com/1008340
https://bugzilla.suse.com/1008648
https://bugzilla.suse.com/1017695
https://bugzilla.suse.com/1032576
https://bugzilla.suse.com/1035743
https://bugzilla.suse.com/935320
https://bugzilla.suse.com/959803
https://bugzilla.suse.com/986734
https://bugzilla.suse.com/986838
More information about the sle-updates
mailing list