The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1181843). - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1181753). - CVE-2021-26932: Fixed improper error handling issues in Linux grant mapping (XSA-361 bsc#1181747). by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#178372). - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).
The following non-security bugs were fixed:
- cifs: check all path components in resolved dfs target (bsc#1180906). - cifs: fix check of tcon dfs in smb1 (bsc#1180906). - cifs: fix nodfs mount option (bsc#1180906). - cifs: introduce helper for finding referral server (bsc#1180906). - kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - kernel-binary.spec: Add back initrd and image symlink ghosts to filelist (bsc#1182140). Fixes: 76a9256314c3 ('rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).') - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) - rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for 'grep -E'. So use the latter instead. - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592) - rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401) - rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082). - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*\.x86_64.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly. - rpm/post.sh: Avoid purge-kernel for the first installed kernel (bsc#1180058) - scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section - scsi: fc: add FPIN ELS definition (bsc#1181441). - scsi/fc: kABI fixes for new ELS_FPIN definition (bsc#1181441) - scsi: fc: Update Descriptor definition and add RDF and Link Integrity FPINs (bsc#1181441). - scsi: Fix trivial spelling (bsc#1181441). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1181441). - scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1181441). - scsi: qla2xxx: Address a set of sparse warnings (bsc#1181441). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1181441). - scsi: qla2xxx: Add SLER and PI control support (bsc#1181441). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1181441). - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (bsc#1181441). - scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1181441). - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1181441). - scsi: qla2xxx: Change post del message from debug level to log level (bsc#1181441). - scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case into lower case (bsc#1181441). - scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (bsc#1181441). - scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1181441). - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (bsc#1181441). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1181441). - scsi: qla2xxx: Do not check for fw_started while posting NVMe command (bsc#1181441). - scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1181441). - scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs() (bsc#1181441). - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (bsc#1181441). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1181441). - scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1181441). - scsi: qla2xxx: Fix crash during driver load on big endian machines (bsc#1181441). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1181441). - scsi: qla2xxx: Fix description for parameter ql2xenforce_iocb_limit (bsc#1181441). - scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1181441). - scsi: qla2xxx: Fix endianness annotations in header files (bsc#1181441). - scsi: qla2xxx: Fix endianness annotations in source files (bsc#1181441). - scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1181441). - scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (bsc#1181441). - scsi: qla2xxx: Fix FW initialization error on big endian machines (bsc#1181441). - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1181441). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1181441). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1181441). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1181441). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1181441). - scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1181441). - scsi: qla2xxx: Fix login timeout (bsc#1181441). - scsi: qla2xxx: Fix memory size truncation (bsc#1181441). - scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1181441). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1181441). - scsi: qla2xxx: Fix N2N and NVMe connect retry failure (bsc#1181441). - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (bsc#1181441). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1181441). - scsi: qla2xxx: Fix regression on sparc64 (bsc#1181441). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1181441). - scsi: qla2xxx: Fix return of uninitialized value in rval (bsc#1181441). - scsi: qla2xxx: Fix spelling of a variable name (bsc#1181441). - scsi: qla2xxx: Fix the call trace for flush workqueue (bsc#1181441). - scsi: qla2xxx: Fix the code that reads from mailbox registers (bsc#1181441). - scsi: qla2xxx: Fix the return value (bsc#1181441). - scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#1181441). - scsi: qla2xxx: Fix warning after FC target reset (bsc#1181441). - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1181441). - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#1181441). - scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#1181441). - scsi: qla2xxx: Flush all sessions on zone disable (bsc#1181441). - scsi: qla2xxx: Flush I/O on zone disable (bsc#1181441). - scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (bsc#1181441). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1181441). - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (bsc#1181441). - scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (bsc#1181441). - scsi: qla2xxx: Indicate correct supported speeds for Mezz card (bsc#1181441). - scsi: qla2xxx: Initialize 'n' before using it (bsc#1181441). - scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (bsc#1181441). - scsi: qla2xxx: Introduce a function for computing the debug message prefix (bsc#1181441). - scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1181441). - scsi: qla2xxx: Limit interrupt vectors to number of CPUs (bsc#1181441). - scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (bsc#1181441). - scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1181441). - scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (bsc#1181441). - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (bsc#1181441). - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1181441). - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (bsc#1181441). - scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1181441). - scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1181441). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1181441). - scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1181441). - scsi: qla2xxx: Performance tweak (bsc#1181441). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1181441). - scsi: qla2xxx: Reduce noisy debug message (bsc#1181441). - scsi: qla2xxx: Remove an unused function (bsc#1181441). - scsi: qla2xxx: Remove a superfluous cast (bsc#1181441). - scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1181441). - scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (bsc#1181441). - scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (bsc#1181441). - scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1181441). - scsi: qla2xxx: Remove redundant variable initialization (bsc#1181441). - scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1181441). - scsi: qla2xxx: Remove superfluous memset() (bsc#1181441). - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (bsc#1181441). - scsi: qla2xxx: Remove trailing semicolon in macro definition (bsc#1181441). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1181441). - scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1181441). - scsi: qla2xxx: SAN congestion management implementation (bsc#1181441). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1181441). - scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (bsc#1181441). - scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1181441). - scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (bsc#1181441). - scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1181441). - scsi: qla2xxx: Tear down session if FW say it is down (bsc#1181441). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1181441). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1181441). - scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1181441). - scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1181441). - scsi: qla2xxx: Use constant when it is known (bsc#1181441). - scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1181441). - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (bsc#1181441). - scsi: qla2xxx: Use register names instead of register offsets (bsc#1181441). - scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1181441). - scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1181441). - scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (bsc#1181441). - scsi: scsi_transport_fc: Add FPIN fc event codes (bsc#1181441). - scsi: scsi_transport_fc: refactor event posting routines (bsc#1181441). - scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (bsc#1181441). - x86/hyperv: Fix kexec panic/hang issues (bsc#1176831). - xen/netback: avoid race in xenvif_rx_ring_slots_available() (bsc#1065600). - xen/netback: fix spurious event detection for common event case (bsc#1182175).
openSUSE Leap 42.1 openSUSE Leap 42.2 openSUSE Leap 42.2 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP4 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Server for SAP Applications 11 SP1-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 11 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4-CLIENT-TOOLS SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12-LTSS SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6 SUSE Package Hub for SUSE Linux Enterprise 12