Oval Definition:	oval:org.opensuse.security:def:4723
Revision Date: 2021-05-14 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue within virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509). - CVE-2021-29650: Fixed an issue within the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208). - CVE-2021-29155: Fixed an issue within kernel/bpf/verifier.c that performed undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations (bnc#1184942). - CVE-2020-36310: Fixed an issue within arch/x86/kvm/svm/svm.c that allowed a set_memory_region_test infinite loop for certain nested page faults (bnc#1184512). - CVE-2021-28950: Fixed an issue within fs/fuse/fuse_i.h where a 'stall on CPU' could have occured because a retry loop continually finds the same bad inode (bnc#1184194, bnc#1184211). - CVE-2020-36322: Fixed an issue within the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bnc#1184211, bnc#1184952). - CVE-2021-3444: Fixed incorrect mod32 BPF verifier truncation (bsc#1184170). The following non-security bugs were fixed: - arm64: PCI: mobiveil: remove driver Prepare to replace it with upstreamed driver - blk-settings: align max_sectors on 'logical_block_size' boundary (bsc#1185195). - block: fix use-after-free on cached last_lookup partition (bsc#1181062). - block: recalculate segment count for multi-segment discards correctly (bsc#1184724). - btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1185549). - btrfs: track qgroup released data in own variable in insert_prealloc_file_extent (bsc#1185549). - cdc-acm: fix BREAK rx code path adding necessary calls (git-fixes). - cxgb4: avoid collecting SGE_QBASE regs during traffic (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584). - drivers/perf: thunderx2_pmu: Fix memory resource error handling (git-fixes). - ext4: find old entry again if failed to rename whiteout (bsc#1184742). - ext4: fix potential error in ext4_do_update_inode (bsc#1184731). - fs: direct-io: fix missing sdio->boundary (bsc#1184736). - handle also the opposite type of race condition - i40e: Fix display statistics for veb_tc (bsc#1111981). - i40e: Fix kernel oops when i40e driver removes VF's (bsc#1101816 ). - i40e: Fix sparse warning: missing error code 'err' (jsc#SLE-4797). - ibmvnic: avoid calling napi_disable() twice (bsc#1065729). - ibmvnic: clean up the remaining debugfs data structures (bsc#1065729). - ibmvnic: Continue with reset if set link down failed (bsc#1184350 ltc#191533). - ibmvnic: improve failover sysfs entry (bsc#1043990 ltc#155681 git-fixes). - ibmvnic: print adapter state as a string (bsc#1152457 ltc#174432 git-fixes). - ibmvnic: print reset reason as a string (bsc#1152457 ltc#174432 git-fixes). - ibmvnic: queue reset work in system_long_wq (bsc#1152457 ltc#174432 git-fixes). - ibmvnic: remove duplicate napi_schedule call in do_reset function (bsc#1065729). - ibmvnic: remove duplicate napi_schedule call in open function (bsc#1065729). - ice: Cleanup fltr list in case of allocation issues (bsc#1118661 ). - ice: Fix for dereference of NULL pointer (bsc#1118661 ). - igc: Fix Pause Frame Advertising (jsc#SLE-4799). - igc: Fix Supported Pause Frame Link Setting (jsc#SLE-4799). - igc: reinit_locked() should be called with rtnl_lock (bsc#1118657). - iopoll: introduce read_poll_timeout macro (git-fixes). - isofs: release buffer head before return (bsc#1182613). - kabi: Fix breakage in NVMe driver (bsc#1181161). - kabi: Fix nvmet error log definitions (bsc#1181161). - kabi: nvme: fix fast_io_fail_tmo (bsc#1181161). - kABI: powerpc/pseries: Add shutdown() to vio_driver and vio_bus (bsc#1184209 ltc#190917). - kernel/smp: make csdlock timeout depend on boot parameter (bsc#1180846). - libbpf: Use SOCK_CLOEXEC when opening the netlink socket (bsc#1109837). - libnvdimm/label: Return -ENXIO for no slot in __blk_label_update (bsc#1185269). - libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels (bsc#1185269). - libnvdimm/security: ensure sysfs poll thread woke up and fetch updated attr (git-fixes). - locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (bsc#1185041). - macros.kernel-source: Use spec_install_pre for certificate installation (boo#1182672). - mmc: sdhci-of-esdhc: make sure delay chain locked for HS400 (git-fixes). - mmc: sdhci-of-esdhc: set the sd clock divisor value above 3 (git-fixes). - mm: fix memory_failure() handling of dax-namespace metadata (bsc#1185335). - net: bcmgenet: use hardware padding of runt frames (git-fixes). - net: cxgb4: fix return error value in t4_prep_fw (git-fixes). - net: hns3: clear VF down state bit before request link status (bsc#1104353). - net/mlx5: Fix PBMC register mapping (bsc#1103990). - net/mlx5: Fix placement of log_max_flow_counter (bsc#1046303 ). - netsec: ignore 'phy-mode' device property on ACPI systems (git-fixes). - nvme: add error log page slot definition (bsc#1181161). - nvme-fabrics: allow to queue requests for live queues (bsc#1181161). - nvme-fabrics: do not check state NVME_CTRL_NEW for request acceptance (bsc#1181161). - nvme-fabrics: reject I/O to offline device (bsc#1181161). - nvme: include admin_q sync with nvme_sync_queues (bsc#1181161). - nvme: introduce 'Command Aborted By host' status code (bsc#1181161). - nvme: introduce nvme_is_fabrics to check fabrics cmd (bsc#1181161). - nvme: introduce nvme_sync_io_queues (bsc#1181161). - nvme: make fabrics command run on a separate request queue (bsc#1181161). - nvme-pci: Sync queues on reset (bsc#1181161). - nvme: prevent warning triggered by nvme_stop_keep_alive (bsc#1181161). - nvme-rdma: avoid race between time out and tear down (bsc#1181161). - nvme-rdma: avoid repeated request completion (bsc#1181161). - nvme-rdma: avoid request double completion for concurrent nvme_rdma_timeout (bsc#1181161). - nvme-rdma: fix controller reset hang during traffic (bsc#1181161). - nvme-rdma: fix possible hang when failing to set io queues (bsc#1181161). - nvme-rdma: fix timeout handler (bsc#1181161). - nvme-rdma: serialize controller teardown sequences (bsc#1181161). - nvme: Restart request timers in resetting state (bsc#1181161). - nvmet: add error-log definitions (bsc#1181161). - nvmet: add error log support for fabrics-cmd (bsc#1181161). - nvme-tcp: avoid race between time out and tear down (bsc#1181161). - nvme-tcp: avoid repeated request completion (bsc#1181161). - nvme-tcp: avoid request double completion for concurrent nvme_tcp_timeout (bsc#1181161). - nvme-tcp: fix controller reset hang during traffic (bsc#1181161). - nvme-tcp: fix possible hang when failing to set io queues (bsc#1181161). - nvme-tcp: fix timeout handler (bsc#1181161). - nvme-tcp: serialize controller teardown sequences (bsc#1181161). - nvme: unlink head after removing last namespace (bsc#1181161). - ocfs2: fix a use after free on error (bsc#1184738). - ocfs2: fix deadlock between setattr and dio_end_io_write (bsc#1185197). - PCI: mobiveil: Add 8-bit and 16-bit CSR register accessors (). - PCI: mobiveil: Add callback function for interrupt initialization (). - PCI: mobiveil: Add callback function for link up check (). - PCI: mobiveil: Add configured inbound windows counter (). - PCI: mobiveil: Add Header Type field check (). - PCI: mobiveil: Add PCIe Gen4 RC driver for Layerscape SoCs (). - PCI: mobiveil: Add upper 32-bit CPU base address setup in outbound window (). - PCI: mobiveil: Add upper 32-bit PCI base address setup in inbound window (). - PCI: mobiveil: Allow mobiveil_host_init() to be used to re-init host (). - PCI: mobiveil: Clean-up program_{ib/ob}_windows() (). - PCI: mobiveil: Clear the control fields before updating it (). - PCI: mobiveil: Collect the interrupt related operations into a function (). - PCI: mobiveil: Fix csr_read()/write() build issue (). - PCI: mobiveil: Fix devfn check in mobiveil_pcie_valid_device() (). - PCI: mobiveil: Fix error return values (). - PCI: mobiveil: Fix infinite-loop in the INTx handling function (). - PCI: mobiveil: Fix INTx interrupt clearing in mobiveil_pcie_isr() (). - PCI: mobiveil: Fix PCI base address in MEM/IO outbound windows (). - PCI: mobiveil: Fix the Class Code field (). - PCI: mobiveil: Fix the CPU base address setup in inbound window (). - PCI: mobiveil: Fix the valid check for inbound and outbound windows (). - PCI: mobiveil: Initialize Primary/Secondary/Subordinate bus numbers (). - PCI: mobiveil: Introduce a new structure mobiveil_root_port (). - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011451 (). - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011577 (). - PCI: mobiveil: ls_pcie_g4: fix SError when accessing config space (). - PCI: mobiveil: Make some register updates more readable (). - PCI: mobiveil: Mask out hardcoded bits in inbound/outbound windows setup (). - PCI: mobiveil: Modularize the Mobiveil PCIe Host Bridge IP driver (). - PCI: mobiveil: Move IRQ chained handler setup out of DT parse (). - PCI: mobiveil: Move PCIe PIO enablement out of inbound window routine (). - PCI: mobiveil: Move the host initialization into a function (). - PCI: mobiveil: Move the link up waiting out of mobiveil_host_init() (). - PCI: mobiveil: Refactor the MEM/IO outbound window initialization (). - PCI: mobiveil: Reformat the code for readability (). - PCI: mobiveil: Remove an unnecessary return value check (). - PCI: mobiveil: Remove the flag MSI_FLAG_MULTI_PCI_MSI (). - PCI: mobiveil: Unify register accessors (). - PCI: mobiveil: Update the resource list traversal function (). - PCI: mobiveil: Use pci_parse_request_of_pci_ranges() (). - PCI: mobiveil: Use the 1st inbound window for MEM inbound transactions (). - PCI: mobiveil: Use WIN_NUM_0 explicitly for CFG outbound window (). - post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388). - powerepc/book3s64/hash: Align start/end address correctly with bolt mapping (bsc#1184957). - powerpc/64s: Fix pte update for kernel memory on radix (bsc#1055117 git-fixes). - powerpc/asm-offsets: GPR14 is not needed either (bsc#1065729). - powerpc/fadump: Mark fadump_calculate_reserve_size as __init (bsc#1065729). - powerpc/mm: Add cond_resched() while removing hpte mappings (bsc#1183289 ltc#191637). - powerpc/perf: Fix PMU constraint check for EBB events (bsc#1065729). - powerpc/prom: Mark identical_pvr_fixup as __init (bsc#1065729). - powerpc/pseries: Add shutdown() to vio_driver and vio_bus (bsc#1184209 ltc#190917). - reiserfs: update reiserfs_xattrs_initialized() condition (bsc#1184737). - Revert 'rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)' This turned out to be a bad idea: the kernel-$flavor-devel package must be usable without kernel-$flavor, e.g. at the build of a KMP. And this change brought superfluous installation of kernel-preempt when a system had kernel-syms (bsc#1185113). - rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514) - rpm/kernel-obs-build.spec.in: Include essiv with dm-crypt (boo#1183063). - rpm/kernel-subpackage-build: Workaround broken bot (https://github.com/openSUSE/openSUSE-release-tools/issues/2439) - rpm/macros.kernel-source: fix KMP failure in %install (bsc#1185244) - rpm/mkspec: Use tilde instead of dot for version string with rc (bsc#1184650) - rtc: pcf2127: fix pcf2127_nvmem_read/write() returns (git-fixes). - sch_red: fix off-by-one checks in red_check_params() (bsc1056787). - scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231). - scsi: libsas: docs: Remove notify_ha_event() (git-fixes). - scsi: lpfc: Copyright updates for 12.8.0.9 patches (bsc#1185472). - scsi: lpfc: Eliminate use of LPFC_DRIVER_NAME in lpfc_attr.c (bsc#1185472). - scsi: lpfc: Fix a bunch of kernel-doc issues (bsc#1185472). - scsi: lpfc: Fix a bunch of kernel-doc misdemeanours (bsc#1185472). - scsi: lpfc: Fix a bunch of misnamed functions (bsc#1185472). - scsi: lpfc: Fix a few incorrectly named functions (bsc#1185472). - scsi: lpfc: Fix a typo (bsc#1185472). - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response (bsc#1185472). - scsi: lpfc: Fix DMA virtual address ptr assignment in bsg (bsc#1185365). - scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode (bsc#1185472). - scsi: lpfc: Fix formatting and misspelling issues (bsc#1185472). - scsi: lpfc: Fix gcc -Wstringop-overread warning (bsc#1185472). - scsi: lpfc: Fix illegal memory access on Abort IOCBs (bsc#1183203). - scsi: lpfc: Fix incorrectly documented function lpfc_debugfs_commonxripools_data() (bsc#1185472). - scsi: lpfc: Fix incorrect naming of __lpfc_update_fcf_record() (bsc#1185472). - scsi: lpfc: Fix kernel-doc formatting issue (bsc#1185472). - scsi: lpfc: Fix lack of device removal on port swaps with PRLIs (bsc#1185472). - scsi: lpfc: Fix lpfc_hdw_queue attribute being ignored (bsc#1185472). - scsi: lpfc: Fix missing FDMI registrations after Mgmt Svc login (bsc#1185472). - scsi: lpfc: Fix NMI crash during rmmod due to circular hbalock dependency (bsc#1185472). - scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp() (bsc#1185472). - scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag (bsc#1185472). - scsi: lpfc: Fix silent memory allocation failure in lpfc_sli4_bsg_link_diag_test() (bsc#1185472). - scsi: lpfc: Fix some error codes in debugfs (bsc#1185472). - scsi: lpfc: Fix use-after-free on unused nodes after port swap (bsc#1185472). - scsi: lpfc: Fix various trivial errors in comments and log messages (bsc#1185472). - scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic (bsc#1185472). - scsi: lpfc: Standardize discovery object logging format (bsc#1185472). - scsi: lpfc: Update lpfc version to 12.8.0.9 (bsc#1185472). - scsi: qla2xxx: Add error counters to debugfs node (bsc#1185491). - scsi: qla2xxx: Add H:C:T info in the log message for fc ports (bsc#1185491). - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() (bsc#1185491). - scsi: qla2xxx: Assign boolean values to a bool variable (bsc#1185491). - scsi: qla2xxx: Check kzalloc() return value (bsc#1185491). - scsi: qla2xxx: Consolidate zio threshold setting for both FCP NVMe (bsc#1185491). - scsi: qla2xxx: Constify struct qla_tgt_func_tmpl (bsc#1185491). - scsi: qla2xxx: Do logout even if fabric scan retries got exhausted (bsc#1185491). - scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (bsc#1185491). - scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value (bsc#1185491). - scsi: qla2xxx: Fix a couple of misdocumented functions (bsc#1185491). - scsi: qla2xxx: Fix a couple of misnamed functions (bsc#1185491). - scsi: qla2xxx: Fix broken #endif placement (bsc#1185491). - scsi: qla2xxx: Fix crash in PCIe error handling (bsc#1185491). - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (bsc#1185491). - scsi: qla2xxx: Fix endianness annotations (bsc#1185491). - scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp() (bsc#1185491). - scsi: qla2xxx: Fix IOPS drop seen in some adapters (bsc#1185491). - scsi: qla2xxx: Fix mailbox Ch erroneous error (bsc#1185491). - scsi: qla2xxx: Fix mailbox recovery during PCIe error (bsc#1185491). - scsi: qla2xxx: Fix RISC RESET completion polling (bsc#1185491). - scsi: qla2xxx: Fix some incorrect formatting/spelling issues (bsc#1185491). - scsi: qla2xxx: Fix some memory corruption (bsc#1185491). - scsi: qla2xxx: Fix stuck session (bsc#1185491). - scsi: qla2xxx: Fix use after free in bsg (bsc#1185491). - scsi: qla2xxx: Implementation to get and manage host, target stats and initiator port (bsc#1185491). - scsi: qla2xxx: Move some messages from debug to normal log level (bsc#1185491). - scsi: qla2xxx: Remove redundant NULL check (bsc#1185491). - scsi: qla2xxx: Remove unnecessary NULL check (bsc#1185491). - scsi: qla2xxx: Remove unneeded if-null-free check (bsc#1185491). - scsi: qla2xxx: Replace __qla2x00_marker()'s missing underscores (bsc#1185491). - scsi: qla2xxx: Reserve extra IRQ vectors (bsc#1185491). - scsi: qla2xxx: Reuse existing error handling path (bsc#1185491). - scsi: qla2xxx: Simplify if statement (bsc#1185491). - scsi: qla2xxx: Simplify qla8044_minidump_process_control() (bsc#1185491). - scsi: qla2xxx: Simplify the calculation of variables (bsc#1185491). - scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (bsc#1185491). - scsi: qla2xxx: Update default AER debug mask (bsc#1185491). - scsi: qla2xxx: Update version to 10.02.00.105-k (bsc#1185491). - scsi: qla2xxx: Update version to 10.02.00.106-k (bsc#1185491). - scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1185491). - scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe (bsc#1185491). - scsi: smartpqi: Correct driver removal with HBA disks (bsc#1178089). - scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (bsc#1178089). - scsi: smartpqi: Update version to 1.2.16-012 (bsc#1178089). - smsc95xx: avoid memory leak in smsc95xx_bind (git-fixes). - smsc95xx: check return value of smsc95xx_reset (git-fixes). - spi: spi-fsl-dspi: Fix little endian access to PUSHR CMD and TXDATA (git-fixes). - stop_machine: mark helpers __always_inline (bsc#1087405 git-fixes). - struct usbip_device kABI fixup (git-fixes). - USB: cdc-acm: downgrade message to debug (git-fixes). - USB: CDC-ACM: fix poison/unpoison imbalance (bsc#1184984). - USB: cdc-acm: fix use-after-free after probe failure (git-fixes). - USB: cdc-acm: untangle a circular dependency between callback and softint (git-fixes). - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (git-fixes). - USB: serial: ch341: add new Product ID (git-fixes). - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter (git-fixes). - USB: serial: cp210x: add some more GE USB IDs (git-fixes). - USB: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (git-fixes). - usbip: add sysfs_lock to synchronize sysfs code paths (git-fixe). - usbip: fix vudc to check for stream socket (git-fixes). - usbip: stub-dev synchronize sysfs code paths (git-fixes). - usbip: synchronize event handler with sysfs code paths (git-fixes). - veth: Store queue_mapping independently of XDP prog presence (bsc#1109837). - video: hyperv_fb: Fix a double free in hvfb_probe (bsc#1175306, git-fixes). - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access (bsc#1114648). - x86/insn: Add some Intel instructions to the opcode map (bsc#1184760). - x86/insn: Add some more Intel instructions to the opcode map (bsc#1184760). - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (bsc#1114648). - x86/microcode: Check for offline CPUs before requesting new microcode (bsc#1114648). - x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd (bsc#1114648). - x86/reboot: Force all cpus to exit VMX root if VMX is supported (bsc#1114648). - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model (bsc#1109837). - xhci: Improve detection of device initiated wake signal (git-fixes). Family: unix Class: patch Status: Reference(s): 1012382 1043912 1043990 1044189 1046302 1046303 1046306 1046307 1046543 1047233 1050244 1051510 1054914 1055014 1055117 1055186 1056787 1058659 1060463 1062631 1064232 1065600 1065729 1068032 1069138 1071995 1077761 1077989 1078720 1080157 1082555 1083647 1083663 1084332 1084671 1085042 1085262 1086282 1087405 1089663 1090528 1092903 1092920 1093389 1094244 1095344 1096748 1097105 1097583 1097584 1097585 1097586 1097587 1097588 1098459 1098822 1099922 1099999 1100000 1100001 1100132 1101557 1101669 1101816 1102346 1102870 1102875 1102877 1102879 1102882 1102896 1103363 1103387 1103421 1103948 1103949 1103961 1103990 1104172 1104353 1104824 1105247 1105524 1105536 1105597 1105603 1105672 1105907 1106007 1106016 1106105 1106121 1106170 1106178 1106191 1106229 1106230 1106231 1106233 1106235 1106236 1106237 1106238 1106240 1106291 1106297 1106333 1106369 1106383 1106426 1106427 1106464 1106509 1106511 1106594 1106636 1106688 1106697 1106743 1106779 1106800 1106890 1106891 1106892 1106893 1106894 1106896 1106897 1106898 1106899 1106900 1106901 1106902 1106903 1106905 1106906 1106948 1106995 1107008 1107060 1107061 1107065 1107073 1107074 1107078 1107265 1107319 1107320 1107522 1107535 1107689 1107735 1107756 1107870 1107924 1107945 1107966 1108010 1108093 1108243 1108520 1108870 1109269 1109511 1109837 1111981 1112178 1113956 1114648 1118657 1118661 1133495 1133719 1137137 1138734 1140844 1144348 1144352 1145586 1146025 1149100 1149742 1151377 1151794 1152457 1152990 1152992 1152994 1152995 1154091 1154256 1154366 1155207 1155574 1156213 1156482 1157627 1158485 1159814 1160790 1161088 1161089 1161436 1161670 1162108 1162202 1162396 1162675 1164804 1165849 1167527 1168468 1168630 1168683 1168874 1169972 1171675 1171688 1171742 1172053 1172189 1172795 1172796 1173115 1173304 1174899 1175228 1175306 1175749 1175882 1176011 1176022 1176038 1176235 1176242 1176278 1176316 1176317 1176318 1176319 1176320 1176321 1176381 1176395 1176410 1176423 1176482 1176507 1176536 1176544 1176545 1176546 1176548 1176579 1176659 1176698 1176699 1176700 1176721 1176722 1176725 1176732 1176788 1176789 1176869 1176877 1176935 1176950 1176962 1176966 1176990 1177027 1177030 1177041 1177042 1177043 1177044 1177121 1177206 1177258 1177291 1177293 1177294 1177295 1177296 1178089 1178171 1178666 1178667 1178668 1180624 1180846 1181062 1181161 1182613 1182672 1183063 1183203 1183289 1184170 1184194 1184208 1184209 1184211 1184350 1184388 1184509 1184512 1184514 1184647 1184650 1184724 1184731 1184736 1184737 1184738 1184742 1184760 1184942 1184952 1184957 1184984 1185041 1185113 1185195 1185197 1185244 1185269 1185335 1185365 1185472 1185491 1185549 920344 935393 945190 CVE-2012-6708 CVE-2014-3577 CVE-2015-3243 CVE-2015-5262 CVE-2015-9251 CVE-2018-10938 CVE-2018-10940 CVE-2018-1128 CVE-2018-1129 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-14613 CVE-2018-14617 CVE-2018-16658 CVE-2018-6554 CVE-2018-6555 CVE-2019-14491 CVE-2019-14492 CVE-2019-15845 CVE-2019-15939 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2019-18634 CVE-2019-20386 CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-10703 CVE-2020-12802 CVE-2020-12803 CVE-2020-14059 CVE-2020-14381 CVE-2020-14390 CVE-2020-1472 CVE-2020-1712 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-26088 CVE-2020-36310 CVE-2020-36312 CVE-2020-36322 CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-8130 CVE-2021-28950 CVE-2021-29155 CVE-2021-29650 SUSE-SU-2018:1937-2 SUSE-SU-2018:2980-1 SUSE-SU-2019:3192-1 SUSE-SU-2020:0335-1 SUSE-SU-2020:0408-1 SUSE-SU-2020:0737-1 SUSE-SU-2020:1027-1 SUSE-SU-2020:1250-1 SUSE-SU-2020:1769-1 SUSE-SU-2020:2217-1 SUSE-SU-2020:2730-1 SUSE-SU-2020:2905-1 SUSE-SU-2020:3151-1 SUSE-SU-2020:3269-1 SUSE-SU-2020:3455-1 SUSE-SU-2021:1605-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Python2 packages 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Real Time Extension 12 SP5 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-2.4.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND kdump-0.8.16-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND python-PyYAML-3.10-15.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP1 is installed AND Package Information libpacemaker3-1.1.13-20.1 is installed OR pacemaker-1.1.13-20.1 is installed OR pacemaker-cli-1.1.13-20.1 is installed OR pacemaker-cts-1.1.13-20.1 is installed OR pacemaker-remote-1.1.13-20.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND haproxy-1.6.5-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information hawk-1.0.0+git.1448981395.15fb8b9-4.3.1 is installed OR hawk-templates-1.0.0+git.1448981395.15fb8b9-4.3.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information apache-commons-beanutils-1.9.2-3.3 is installed OR apache-commons-beanutils-javadoc-1.9.2-3.3 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 is installed AND Package Information kgraft-patch-3_12_38-44-default-1-2.2 is installed OR kgraft-patch-3_12_38-44-xen-1-2.2 is installed OR kgraft-patch-SLE12_Update_3-1-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed AND Package Information samba-4.11.13+git.189.e9bd318cd13-4.11 is installed OR samba-ad-dc-4.11.13+git.189.e9bd318cd13-4.11 is installed OR samba-dsdb-modules-4.11.13+git.189.e9bd318cd13-4.11 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information rsyslog-8.33.1-3.3 is installed OR rsyslog-module-gssapi-8.33.1-3.3 is installed OR rsyslog-module-mysql-8.33.1-3.3 is installed OR rsyslog-module-pgsql-8.33.1-3.3 is installed OR rsyslog-module-relp-8.33.1-3.3 is installed OR rsyslog-module-snmp-8.33.1-3.3 is installed OR rsyslog-module-udpspoof-8.33.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP5 is installed AND Package Information cluster-md-kmp-rt-4.12.14-10.43.1 is installed OR dlm-kmp-rt-4.12.14-10.43.1 is installed OR gfs2-kmp-rt-4.12.14-10.43.1 is installed OR kernel-devel-rt-4.12.14-10.43.1 is installed OR kernel-rt-4.12.14-10.43.1 is installed OR kernel-rt-base-4.12.14-10.43.1 is installed OR kernel-rt-devel-4.12.14-10.43.1 is installed OR kernel-rt_debug-4.12.14-10.43.1 is installed OR kernel-rt_debug-devel-4.12.14-10.43.1 is installed OR kernel-source-rt-4.12.14-10.43.1 is installed OR kernel-syms-rt-4.12.14-10.43.1 is installed OR ocfs2-kmp-rt-4.12.14-10.43.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information NetworkManager-0.7.1_git20090811-3.20.5 is installed OR NetworkManager-glib-0.7.1_git20090811-3.20.5 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2-LTSS is installed AND wget-1.11.4-1.19.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information cpio-2.11-29.1 is installed OR cpio-lang-2.11-29.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.10-14 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.10-14 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.10-14 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.10-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_49-default-4-2.1 is installed OR kgraft-patch-3_12_60-52_49-xen-4-2.1 is installed OR kgraft-patch-SLE12_Update_14-4-2.1 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND apache-commons-httpclient-3.1-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND wget-1.14-10 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libvirt-4.0.0-9.32 is installed OR libvirt-admin-4.0.0-9.32 is installed OR libvirt-client-4.0.0-9.32 is installed OR libvirt-daemon-4.0.0-9.32 is installed OR libvirt-daemon-config-network-4.0.0-9.32 is installed OR libvirt-daemon-config-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-interface-4.0.0-9.32 is installed OR libvirt-daemon-driver-libxl-4.0.0-9.32 is installed OR libvirt-daemon-driver-lxc-4.0.0-9.32 is installed OR libvirt-daemon-driver-network-4.0.0-9.32 is installed OR libvirt-daemon-driver-nodedev-4.0.0-9.32 is installed OR libvirt-daemon-driver-nwfilter-4.0.0-9.32 is installed OR libvirt-daemon-driver-qemu-4.0.0-9.32 is installed OR libvirt-daemon-driver-secret-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-core-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-disk-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-iscsi-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-logical-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-mpath-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-rbd-4.0.0-9.32 is installed OR libvirt-daemon-driver-storage-scsi-4.0.0-9.32 is installed OR libvirt-daemon-hooks-4.0.0-9.32 is installed OR libvirt-daemon-lxc-4.0.0-9.32 is installed OR libvirt-daemon-qemu-4.0.0-9.32 is installed OR libvirt-daemon-xen-4.0.0-9.32 is installed OR libvirt-devel-4.0.0-9.32 is installed OR libvirt-doc-4.0.0-9.32 is installed OR libvirt-libs-4.0.0-9.32 is installed OR libvirt-lock-sanlock-4.0.0-9.32 is installed OR libvirt-nss-4.0.0-9.32 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND fastjar-0.95-1.24.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND perl-SOAP-Lite-0.710.08-3.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND MozillaFirefox-devel-38.4.0esr-51 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND automake-1.13.4-6 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information imap-2007e_suse-19.1 is installed OR libc-client2007e_suse-2007e_suse-19.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.19 is installed OR kernel-default-extra-4.12.14-25.19 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.7.0-3.77 is installed OR MozillaThunderbird-translations-common-68.7.0-3.77 is installed OR MozillaThunderbird-translations-other-68.7.0-3.77 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.9 is installed OR kernel-default-extra-5.3.18-24.9 is installed
BACK