Oval Definition:	oval:org.opensuse.security:def:53096
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782). - CVE-2020-8694: Insufficient access control for some Intel(R) Processors may have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1170415). - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123). - CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182). - CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766). - CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485). - CVE-2020-0430: Fixed an OOB read in skb_headlen of /include/linux/skbuff.h (bnc#1176723). - CVE-2020-14351: Fixed a race in the perf_mmap_close() function (bsc#1177086). - CVE-2020-16120: Fixed a permissions issue in ovl_path_open() (bsc#1177470). - CVE-2020-12351: Implemented a kABI workaround for bluetooth l2cap_ops filter addition (bsc#1177724). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' (bsc#1177725). - CVE-2020-25212: Fixed a TOCTOU mismatch in the NFS client code (bnc#1176381). - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted (bnc#1177511). The following non-security bugs were fixed: - 9P: Cast to loff_t before multiplying (git-fixes). - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes). - ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes). - ACPI: dock: fix enum-conversion warning (git-fixes). - ACPI / extlog: Check for RDMSR failure (git-fixes). - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes). - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes). - ALSA: bebob: potential info leak in hwdep_read() (git-fixes). - ALSA: compress_offload: remove redundant initialization (git-fixes). - ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes). - ALSA: core: pcm: simplify locking for timers (git-fixes). - ALSA: core: timer: clarify operator precedence (git-fixes). - ALSA: core: timer: remove redundant assignment (git-fixes). - ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock (git-fixes). - ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes). - ALSA: hda - Do not register a cb func if it is registered already (git-fixes). - ALSA: hda - Fix the return value if cb func is already registered (git-fixes). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes). - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes). - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes). - ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes). - ALSA: hda: use semicolons rather than commas to separate statements (git-fixes). - ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes). - ALSA: rawmidi: (cosmetic) align function parameters (git-fixes). - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes). - ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes). - ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes). - ALSA: usb-audio: fix spelling mistake 'Frequence' -> 'Frequency' (git-fixes). - amd-xgbe: Add a check for an skb in the timestamp path (git-fixes). - amd-xgbe: Add additional dynamic debug messages (git-fixes). - amd-xgbe: Add additional ethtool statistics (git-fixes). - amd-xgbe: Add ethtool show/set channels support (git-fixes). - amd-xgbe: Add ethtool show/set ring parameter support (git-fixes). - amd-xgbe: Add ethtool support to retrieve SFP module info (git-fixes). - amd-xgbe: Add hardware features debug output (git-fixes). - amd-xgbe: Add NUMA affinity support for IRQ hints (git-fixes). - amd-xgbe: Add NUMA affinity support for memory allocations (git-fixes). - amd-xgbe: Add per queue Tx and Rx statistics (git-fixes). - amd-xgbe: Advertise FEC support with the KR re-driver (git-fixes). - amd-xgbe: Always attempt link training in KR mode (git-fixes). - amd-xgbe: Be sure driver shuts down cleanly on module removal (git-fixes). - amd-xgbe: Convert to generic power management (git-fixes). - amd-xgbe: Fix debug output of max channel counts (git-fixes). - amd-xgbe: Fix error path in xgbe_mod_init() (git-fixes). - amd-xgbe: Fixes for working with PHYs that support 2.5GbE (git-fixes). - amd-xgbe: Fix SFP PHY supported/advertised settings (git-fixes). - amd-xgbe: fix spelling mistake: 'avialable' -> 'available' (git-fixes). - amd-xgbe: Handle return code from software reset function (git-fixes). - amd-xgbe: Improve SFP 100Mbps auto-negotiation (git-fixes). - amd-xgbe: Interrupt summary bits are h/w version dependent (git-fixes). - amd-xgbe: Limit the I2C error messages that are output (git-fixes). - amd-xgbe: Mark expected switch fall-throughs (git-fixes). - amd-xgbe: Optimize DMA channel interrupt enablement (git-fixes). - amd-xgbe: Prepare for ethtool set-channel support (git-fixes). - amd-xgbe: Read and save the port property registers during probe (git-fixes). - amd-xgbe: Remove field that indicates SFP diagnostic support (git-fixes). - amd-xgbe: remove unnecessary conversion to bool (git-fixes). - amd-xgbe: Remove use of comm_owned field (git-fixes). - amd-xgbe: Set the MDIO mode for 10000Base-T configuration (git-fixes). - amd-xgbe: Simplify the burst length settings (git-fixes). - amd-xgbe: use devm_platform_ioremap_resource() to simplify code (git-fixes). - amd-xgbe: use dma_mapping_error to check map errors (git-fixes). - amd-xgbe: Use __napi_schedule() in BH context (git-fixes). - amd-xgbe: Use the proper register during PTP initialization (git-fixes). - ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes). - ASoC: qcom: lpass-platform: fix memory leak (git-fixes). - ata: sata_rcar: Fix DMA boundary mask (git-fixes). - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes). - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes). - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes). - ath10k: provide survey info as accumulated data (git-fixes). - ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes). - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes). - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes). - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes). - backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes). - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750). - block: ensure bdi->io_pages is always initialized (bsc#1177749). - Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes). - Bluetooth: Only mark socket zapped after unlocking (git-fixes). - bnxt: do not enable NAPI until rings are ready (networking-stable-20_09_11). - bnxt_en: Check for zero dir entries in NVRAM (networking-stable-20_09_11). - bpf: Zero-fill re-used per-cpu map element (git-fixes). - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes). - brcmfmac: check ndev pointer (git-fixes). - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes). - btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687). - btrfs: do not force read-only after error in drop snapshot (bsc#1176354). - btrfs: do not set the full sync flag on the inode during page release (bsc#1177687). - btrfs: fix incorrect updating of log root tree (bsc#1177687). - btrfs: fix race between page release and a fast fsync (bsc#1177687). - btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687). - btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687). - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - btrfs: reduce contention on log trees when logging checksums (bsc#1177687). - btrfs: release old extent maps during page release (bsc#1177687). - btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687). - btrfs: remove root usage from can_overcommit (bsc#1131277). - btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687). - btrfs: take overcommit into account in inc_block_group_ro (bsc#1176560). - btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861). - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes). - can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes). - can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes). - can: peak_usb: add range checking in decode operations (git-fixes). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes). - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes). - can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes). - ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234). - ceph: map snapid to anonymous bdev ID (bsc#1178234). - ceph: promote to unsigned long long before shifting (bsc#1178187). - clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes). - clk: at91: remove the checking of parent_name (git-fixes). - clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes). - clk: imx8mq: Fix usdhc parents order (git-fixes). - clk: ti: clockdomain: fix static checker warning (git-fixes). - coredump: fix crash when umh is disabled (bsc#1177753). - crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes). - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes). - crypto: ccp - fix error handling (git-fixes). - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes). - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes). - crypto: omap-sham - fix digcnt register handling with export/import (git-fixes). - cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes). - cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes). - device property: Do not clear secondary pointer for shared primary firmware node (git-fixes). - device property: Keep secondary firmware node secondary by type (git-fixes). - Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes). - docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes). - drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873). - drivers: net: add missing interrupt.h include (git-fixes). - drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (git-fixes). - drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally (git-fixes). - drm/amd/display: HDMI remote sink need mode validation for Linux (git-fixes). - drm/amdgpu: do not map BO in reserved region (git-fixes). - drm/amdgpu: prevent double kfree ttm->sg (git-fixes). - drm/bridge/synopsys: dsi: add support for non-continuous HS clock (git-fixes). - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly (git-fixes). - drm/gma500: fix error check (git-fixes). - drm/i915: Break up error capture compression loops with cond_resched() (git-fixes). - drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes). - drm/imx: tve remove extraneous type qualifier (git-fixes). - drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (git-fixes). - drm/nouveau/mem: guard against NULL pointer access in mem_del (git-fixes). - drm/sun4i: mixer: Extend regmap max_register (git-fixes). - drm/ttm: fix eviction valuable range check (git-fixes). - drm/vc4: drv: Add error handding for bind (git-fixes). - Drop sysctl files for dropped archs, add ppc64le and arm64 (bsc#1178838). - ea43d9709f72 ('nvme: fix identify error status silent ignore') - EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1112178). - eeprom: at25: set minimum read/write access stride to 1 (git-fixes). - efivarfs: Replace invalid slashes with exclamation marks in dentries (git-fixes). - Fix use after free in get_capset_info callback (git-fixes). - ftrace: Fix recursion check for NMI test (git-fixes). - ftrace: Handle tracing when switching between context (git-fixes). - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24). - gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11). - HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes). - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes). - hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820). - hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820). - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820). - hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306). - i2c: imx: Fix external abort on interrupt in exit paths (git-fixes). - i2c: meson: fix clock setting overwrite (git-fixes). - ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897). - ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes). - ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes). - ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes). - icmp: randomize the global rate limiter (git-fixes). - iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes). - iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes). - iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes). - iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes). - iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes). - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes). - iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes). - iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes). - ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes). - include/linux/swapops.h: correct guards for non_swap_entry() (git-fixes (mm/swap)). - Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes). - Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes). - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (git-fixes). - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes). - Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes). - Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes). - Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes). - iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754). - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400). - ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24). - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes). - iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes). - kbuild: enforce -Werror=return-type (bsc#1177281). - kernel-binary.spec.in: Package the obj_install_dir as explicit filelist. - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes). - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes). - leds: mt6323: move period calculation (git-fixes). - libceph: clear con->out_msg on Policy::stateful_server faults (bsc#1178188). - libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873). - lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes). - livepatch: Test if -fdump-ipa-clones is really available - mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes). - mac80211: handle lack of sband->bitrates in rates (git-fixes). - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes). - mailbox: avoid timer start from callback (git-fixes). - media: ati_remote: sanity check for both endpoints (git-fixes). - media: bdisp: Fix runtime PM imbalance on error (git-fixes). - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes). - media: exynos4-is: Fix a reference count leak (git-fixes). - media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes). - media: firewire: fix memory leak (git-fixes). - media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes). - media: media/pci: prevent memory leak in bttv_probe (git-fixes). - media: omap3isp: Fix memleak in isp_probe (git-fixes). - media: platform: fcp: Fix a reference count leak (git-fixes). - media: platform: Improve queue set up flow for bug fixing (git-fixes). - media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes). - media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes). - media: Revert 'media: exynos4-is: Add missed check for pinctrl_lookup_state()' (git-fixes). - media: s5p-mfc: Fix a reference count leak (git-fixes). - media: saa7134: avoid a shift overflow (git-fixes). - media: st-delta: Fix reference count leak in delta_run_work (git-fixes). - media: sti: Fix reference count leaks (git-fixes). - media: tc358743: initialize variable (git-fixes). - media: ti-vpe: Fix a missing check and reference count leak (git-fixes). - media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes). - media: tw5864: check status of tw5864_frameinterval_get (git-fixes). - media: usbtv: Fix refcounting mixup (git-fixes). - media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes). - media: vsp1: Fix runtime PM imbalance on error (git-fixes). - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703). - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes). - memory: omap-gpmc: Fix a couple off by ones (git-fixes). - mfd: sm501: Fix leaks in probe() (git-fixes). - mic: vop: copy data to kernel space then write to io memory (git-fixes). - misc: mic: scif: Fix error handling path (git-fixes). - misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes). - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes). - mlx5 PPC ringsize workaround (bsc#1173432). - mlx5: remove support for ib_get_vector_affinity (bsc#1174748). - mmc: core: do not set limits.discard_granularity as 0 (git-fixes). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes). - mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes). - mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes). - mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)). - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() (git-fixes (mm/hugetlb)). - mm/ksm.c: do not WARN if page is still mapped in remove_stable_node() (git-fixes (mm/hugetlb)). - mm/memcg: fix refcount error while moving and swapping (bsc#1178686). - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685). - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)). - mm/mempolicy.c: use match_string() helper to simplify the code (git-fixes (mm/mempolicy)). - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa (git-fixes (mm/numa)). - mm/page_owner.c: remove drain_all_pages from init_early_allocated_pages (git-fixes (mm/debug)). - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)). - mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)). - mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long divide (git-fixes (mm/writeback)). - mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)). - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes (mm/zsmalloc)). - mm/zsmalloc.c: fix race condition in zs_destroy_pool (git-fixes (mm/zsmalloc)). - mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)). - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely (git-fixes (mm/zsmalloc)). - Move the upstreamed bluetooth fix into sorted section - Move the upstreamed powercap fix into sorted sectio - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes). - mtd: lpddr: fix excessive stack usage with clang (git-fixes). - mtd: mtdoops: Do not write panic data twice (git-fixes). - mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes). - mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes). - mwifiex: fix double free (git-fixes). - mwifiex: remove function pointer check (git-fixes). - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes). - net: 8390: Fix manufacturer name in Kconfig help text (git-fixes). - net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873). - net: amd: fix return type of ndo_start_xmit function (git-fixes). - net/amd: Remove useless driver version (git-fixes). - net: amd-xgbe: fix comparison to bitshift when dealing with a mask (git-fixes). - net: amd-xgbe: Get rid of custom hex_dump_to_buffer() (git-fixes). - net: apple: Fix manufacturer name in Kconfig help text (git-fixes). - net: broadcom: Fix manufacturer name in Kconfig help text (git-fixes). - net: disable netpoll on fresh napis (networking-stable-20_09_11). - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() (git-fixes). - net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes). - netfilter: nat: can't use dst_hold on noref dst (bsc#1178878). - net: Fix potential wrong skb->protocol in skb_vlan_untag() (networking-stable-20_08_24). - net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11). - net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24). - netlabel: fix problems with mapping removal (networking-stable-20_09_11). - net/mlx5e: Take common TIR context settings into a function (bsc#1177740). - net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740). - net: mvmdio: defer probe of orion-mdio if a clock is not ready (git-fixes). - net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24). - net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24). - net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11). - net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx (git-fixes). - net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11). - net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes). - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes). - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes). - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes). - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes). - NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340). - NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340). - NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630). - nl80211: fix non-split wiphy information (git-fixes). - NTB: hw: amd: fix an issue about leak system resources (git-fixes). - nvme: 59c7c3caaaf8 ('fix possible hang when ns scanning fails during error recovery') - nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748). - nvme: do not update disk info for multipathed device (bsc#1171558). - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748). - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748). - nvme: fix possible io failures when removing multipathed ns (bsc#1174748). - nvme: make nvme_identify_ns propagate errors back (bsc#1174748). - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748). - nvme-multipath: do not reset on unknown status (bsc#1174748). - nvme: Namepace identification descriptor list is optional (bsc#1174748). - nvme: pass status to nvme_error_status (bsc#1174748). - nvme-rdma: Avoid double freeing of async event data (bsc#1174748). - nvme-rdma: fix crash due to incorrect cqe (bsc#1174748). - nvme-rdma: fix crash when connect rejected (bsc#1174748). - nvme: return error from nvme_alloc_ns() (bsc#1174748). - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873). - p54: avoid accessing the data mapped to streaming DMA (git-fixes). - pinctrl: intel: Set default bias in case no particular value given (git-fixes). - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes). - platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes). - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes). - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes). - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729). - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729). - powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729). - powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729). - powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729). - powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729). - powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729). - powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729). - powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968). - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes). - powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729). - powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293). - powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293). - power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes). - pty: do tty_flip_buffer_push without port->lock in pty_write (git-fixes). - pwm: lpss: Add range limit check for the base_unit register value (git-fixes). - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes). - regulator: defer probe when trying to get voltage from unresolved supply (git-fixes). - regulator: resolve supply after creating regulator (git-fixes). - Revert 'cdc-acm: hardening against malicious devices' (git-fixes). - ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes). - ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes). - rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592) - rtl8xxxu: prevent potential memory leak (git-fixes). - scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675). - scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683). - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683). - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683). - scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683). - scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683). - scsi: hisi_sas: Do some more tidy-up (bsc#1140683). - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683). - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh: - scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update: - scsi: hisi_sas: Some misc tidy-up (bsc#1140683). - scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729). - scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226). - scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258). - scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538). - sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11). - spi: fsl-espi: Only process interrupts for expected events (git-fixes). - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes). - staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes). - staging: octeon: repair 'fixed-link' support (git-fixes). - tg3: Fix soft lockup when tg3_reset_task() fails (networking-stable-20_09_11). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes). - time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes). - tipc: fix memory leak caused by tipc_buf_append() (git-fixes). - tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11). - tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24). - tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes). - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() (networking-stable-20_08_24). - tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24). - tty: ipwireless: fix error handling (git-fixes). - tty: serial: earlycon dependency (git-fixes). - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes). - Update patches.suse/vfs-add-super_operations-get_inode_dev (bsc#927455 bsc#1176983). - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes). - USB: adutux: fix debugging (git-fixes). - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes). - USB: cdc-acm: fix cooldown mechanism (git-fixes). - usb: cdc-acm: handle broken union descriptors (git-fixes). - usb: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes). - USB: core: driver: fix stray tabs in error messages (git-fixes). - usb: core: Solve race condition in anchor cleanup functions (git-fixes). - usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes). - usb: dwc2: Fix parameter type in function pointer prototype (git-fixes). - usb: dwc3: core: add phy cleanup for probe error handling (git-fixes). - usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes). - usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes). - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes). - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes). - usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes). - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes). - USB: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes). - USB: mtu3: fix panic in mtu3_gadget_stop() (git-fixes). - usb: ohci: Default to per-port over-current protection (git-fixes). - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes). - USB: serial: option: add Cellient MPL200 card (git-fixes). - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes). - USB: serial: option: add Quectel EC200T module support (git-fixes). - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes). - USB: serial: option: Add Telit FT980-KS composition (git-fixes). - USB: serial: pl2303: add device-id for HP GC device (git-fixes). - usb: serial: qcserial: fix altsetting probing (git-fixes). - USB: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes). - USB: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes). - vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202). - video: fbdev: pvr2fb: initialize variables (git-fixes). - video: fbdev: sis: fix null ptr dereference (git-fixes). - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error (git-fixes). - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306). - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306). - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306). - VMCI: check return value of get_user_pages_fast() for errors (git-fixes). - vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes). - vt: Disable KD_FONT_OP_COPY (bsc#1178589). - w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes). - watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101). - watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101). - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes). - writeback: Avoid skipping inode writeback (bsc#1177755). - writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755). - writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755). - x86/apic: Unify duplicated local apic timer clockevent initialization (bsc#1112178). - x86, fakenuma: Fix invalid starting node ID (git-fixes (mm/x86/fakenuma)). - x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178). - x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306). - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1058115 bsc#1176907). - x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713). - xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/events: add a new 'late EOI' evtchn framework (XSA-332 bsc#1177411). - xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411). - xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410). - xen/events: block rogue events for some time (XSA-332 bsc#1177411). - xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411). - xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600). - xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411). - xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411). - xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411). - xen/gntdev.c: Mark pages as dirty (bsc#1065600). - xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen: XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (XSA-332 bsc#1065600). - xfs: avoid infinite loop when cancelling CoW blocks after writeback failure (bsc#1178027). - xfs: do not update mtime on COW faults (bsc#1167030). - xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes). - xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes). - xfs: fix rmap key and record comparison functions (git-fixes). - xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes). - xfs: limit entries returned when counting fsmap records (git-fixes). - xgbe: no need to check return value of debugfs_create functions (git-fixes). - xgbe: switch to more generic VxLAN detection (git-fixes). Family: unix Class: patch Status: Reference(s): 1005879 1018832 1020108 1044231 1051510 1051858 1055014 1056686 1058115 1060463 1061843 1065600 1065729 1066382 1077428 1083647 1085030 1103990 1103992 1104353 1104745 1109837 1109911 1111666 1111974 1112178 1112374 1113956 1114279 1114685 1119680 1120386 1127611 1131277 1133021 1134090 1134760 1136157 1140683 1141895 1144333 1145051 1146539 1157424 1158187 1158983 1159198 1159285 1160659 1161561 1161951 1162171 1162929 1162931 1163592 1164078 1164507 1164777 1164780 1164893 1165019 1165111 1165182 1165185 1165211 1165404 1165488 1165527 1165741 1165813 1165823 1165873 1165929 1165949 1165950 1165980 1165984 1165985 1166003 1166101 1166102 1166103 1166104 1166632 1166730 1166731 1166732 1166733 1166734 1166735 1166982 1167005 1167030 1167216 1167290 1167316 1167421 1167423 1167627 1167629 1168075 1168273 1168276 1168295 1168367 1168424 1168443 1168468 1168552 1168829 1168854 1169013 1169307 1169308 1170415 1170446 1170630 1171558 1171675 1172538 1172873 1173432 1174748 1175306 1175520 1175721 1176354 1176381 1176382 1176400 1176485 1176560 1176713 1176723 1176855 1176907 1176946 1176983 1177027 1177086 1177101 1177258 1177271 1177281 1177340 1177410 1177411 1177470 1177511 1177513 1177685 1177687 1177703 1177719 1177724 1177725 1177740 1177749 1177750 1177753 1177754 1177755 1177766 1177819 1177820 1177855 1177856 1177861 1178003 1178027 1178123 1178166 1178182 1178185 1178187 1178188 1178202 1178234 1178330 1178393 1178589 1178591 1178622 1178686 1178700 1178765 1178782 1178838 1178878 912878 927455 961642 961645 963448 979475 982575 982745 983249 988591 990419 993819 994749 994844 995075 995324 995359 995377 998190 999646 999665 999666 999668 CVE-2009-0037 CVE-2009-0696 CVE-2009-2417 CVE-2009-4022 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2011-0414 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-4313 CVE-2012-1667 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-0249 CVE-2013-1944 CVE-2013-1987 CVE-2013-2063 CVE-2013-2139 CVE-2013-2174 CVE-2013-2266 CVE-2013-4545 CVE-2013-4854 CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-0591 CVE-2014-2653 CVE-2014-3613 CVE-2014-3620 CVE-2014-3707 CVE-2014-7300 CVE-2014-8150 CVE-2014-8500 CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-9140 CVE-2015-0261 CVE-2015-1038 CVE-2015-1349 CVE-2015-1545 CVE-2015-1546 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2015-3138 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 CVE-2015-4620 CVE-2015-5352 CVE-2015-5477 CVE-2015-5600 CVE-2015-5722 CVE-2015-6563 CVE-2015-6564 CVE-2015-6908 CVE-2015-8000 CVE-2015-8325 CVE-2015-8704 CVE-2016-0755 CVE-2016-0777 CVE-2016-0777 CVE-2016-0778 CVE-2016-0778 CVE-2016-1285 CVE-2016-1286 CVE-2016-1908 CVE-2016-2037 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2775 CVE-2016-2776 CVE-2016-3115 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6170 CVE-2016-6210 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6515 CVE-2016-7141 CVE-2016-7444 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7949 CVE-2016-7950 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2016-8610 CVE-2016-8864 CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 CVE-2017-3135 CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 CVE-2017-3142 CVE-2017-3143 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5335 CVE-2017-5336 CVE-2017-5337 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 CVE-2019-19768 CVE-2019-19770 CVE-2019-3701 CVE-2019-9458 CVE-2020-0430 CVE-2020-10942 CVE-2020-11494 CVE-2020-12351 CVE-2020-12352 CVE-2020-14351 CVE-2020-16120 CVE-2020-25212 CVE-2020-25285 CVE-2020-25645 CVE-2020-25656 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-25705 CVE-2020-8647 CVE-2020-8649 CVE-2020-8694 CVE-2020-8834 CVE-2020-9383 SUSE-SU-2015:1433-1 SUSE-SU-2016:0118-1 SUSE-SU-2016:2394-1 SUSE-SU-2017:0348-1 SUSE-SU-2017:0366-1 SUSE-SU-2020:1123-1 SUSE-SU-2020:3484-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Realtime packages 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND chromium-66.0.3359.170-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python-SQLAlchemy-1.2.14-lp151.2.3 is installed OR python-SQLAlchemy-doc-1.2.14-lp151.2.3 is installed OR python2-SQLAlchemy-1.2.14-lp151.2.3 is installed OR python3-SQLAlchemy-1.2.14-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND libotr2-3.2.0-10.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information flash-player-11.2.202.548-0.26 is installed OR flash-player-gnome-11.2.202.548-0.26 is installed OR flash-player-kde4-11.2.202.548-0.26 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.535-0.20 is installed OR flash-player-gnome-11.2.202.535-0.20 is installed OR flash-player-kde4-11.2.202.535-0.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND p7zip-9.20.1-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libopenssl1_0_0-1.0.1i-52 is installed OR libopenssl1_0_0-32bit-1.0.1i-52 is installed OR openssl-1.0.1i-52 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information curl-7.37.0-28 is installed OR libcurl4-7.37.0-28 is installed OR libcurl4-32bit-7.37.0-28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gnome-settings-daemon-3.20.1-50.5 is installed OR gnome-settings-daemon-lang-3.20.1-50.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.52 is installed OR kernel-azure-base-4.12.14-8.52 is installed OR kernel-azure-devel-4.12.14-8.52 is installed OR kernel-devel-azure-4.12.14-8.52 is installed OR kernel-source-azure-4.12.14-8.52 is installed OR kernel-syms-azure-4.12.14-8.52 is installed Definition Synopsis SUSE Linux Enterprise Module for Realtime packages 15 SP1 is installed AND Package Information cluster-md-kmp-rt-4.12.14-14.23 is installed OR dlm-kmp-rt-4.12.14-14.23 is installed OR gfs2-kmp-rt-4.12.14-14.23 is installed OR kernel-devel-rt-4.12.14-14.23 is installed OR kernel-rt-4.12.14-14.23 is installed OR kernel-rt-base-4.12.14-14.23 is installed OR kernel-rt-devel-4.12.14-14.23 is installed OR kernel-rt_debug-4.12.14-14.23 is installed OR kernel-rt_debug-devel-4.12.14-14.23 is installed OR kernel-source-rt-4.12.14-14.23 is installed OR kernel-syms-rt-4.12.14-14.23 is installed OR ocfs2-kmp-rt-4.12.14-14.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libgnomesu-1.0.0-352 is installed OR libgnomesu-lang-1.0.0-352 is installed OR libgnomesu0-1.0.0-352 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_35-default-6-4 is installed OR kgraft-patch-3_12_69-60_64_35-xen-6-4 is installed OR kgraft-patch-SLE12-SP1_Update_14-6-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information guestfs-data-1.32.4-14 is installed OR guestfs-tools-1.32.4-14 is installed OR guestfsd-1.32.4-14 is installed OR libguestfs0-1.32.4-14 is installed OR perl-Sys-Guestfs-1.32.4-14 is installed OR python-libguestfs-1.32.4-14 is installed OR virt-p2v-1.32.4-14 is installed OR virt-v2v-1.32.4-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libQt5Concurrent5-5.6.1-17.6 is installed OR libQt5Core5-5.6.1-17.6 is installed OR libQt5DBus5-5.6.1-17.6 is installed OR libQt5Gui5-5.6.1-17.6 is installed OR libQt5Network5-5.6.1-17.6 is installed OR libQt5OpenGL5-5.6.1-17.6 is installed OR libQt5PrintSupport5-5.6.1-17.6 is installed OR libQt5Sql5-5.6.1-17.6 is installed OR libQt5Sql5-mysql-5.6.1-17.6 is installed OR libQt5Sql5-postgresql-5.6.1-17.6 is installed OR libQt5Sql5-sqlite-5.6.1-17.6 is installed OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed OR libQt5Test5-5.6.1-17.6 is installed OR libQt5Widgets5-5.6.1-17.6 is installed OR libQt5Xml5-5.6.1-17.6 is installed OR libqt5-qtbase-5.6.1-17.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libjson-c2-0.11-2 is installed OR libjson-c2-32bit-0.11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND binutils-2.32-9.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.11-48.35 is installed OR libwiretap7-2.4.11-48.35 is installed OR libwscodecs1-2.4.11-48.35 is installed OR libwsutil8-2.4.11-48.35 is installed OR wireshark-2.4.11-48.35 is installed OR wireshark-gtk-2.4.11-48.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cyrus-sasl-2.1.26-8.7 is installed OR cyrus-sasl-32bit-2.1.26-8.7 is installed OR cyrus-sasl-crammd5-2.1.26-8.7 is installed OR cyrus-sasl-crammd5-32bit-2.1.26-8.7 is installed OR cyrus-sasl-digestmd5-2.1.26-8.7 is installed OR cyrus-sasl-gssapi-2.1.26-8.7 is installed OR cyrus-sasl-gssapi-32bit-2.1.26-8.7 is installed OR cyrus-sasl-otp-2.1.26-8.7 is installed OR cyrus-sasl-otp-32bit-2.1.26-8.7 is installed OR cyrus-sasl-plain-2.1.26-8.7 is installed OR cyrus-sasl-plain-32bit-2.1.26-8.7 is installed OR cyrus-sasl-saslauthd-2.1.26-8.7 is installed OR cyrus-sasl-sqlauxprop-2.1.26-8.7 is installed OR cyrus-sasl-sqlauxprop-32bit-2.1.26-8.7 is installed OR libsasl2-3-2.1.26-8.7 is installed OR libsasl2-3-32bit-2.1.26-8.7 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information evince-3.10.3-2.3 is installed OR evince-lang-3.10.3-2.3 is installed OR libevdocument3-4-3.10.3-2.3 is installed OR libevview3-3-3.10.3-2.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-tablib-0.9.11-3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information ardana-ansible-9.0+git.1568821007.4e73730-3.13 is installed OR ardana-horizon-9.0+git.1569869028.8edfc22-3.10 is installed OR ardana-keystone-9.0+git.1570035317.78077ac-3.10 is installed OR ardana-manila-9.0+git.1569444107.add6a40-3.9 is installed OR ardana-neutron-9.0+git.1571328680.3a89cb8-3.13 is installed OR grafana-6.2.5-3.9 is installed OR openstack-cinder-13.0.8~dev8-3.13 is installed OR openstack-cinder-api-13.0.8~dev8-3.13 is installed OR openstack-cinder-backup-13.0.8~dev8-3.13 is installed OR openstack-cinder-scheduler-13.0.8~dev8-3.13 is installed OR openstack-cinder-volume-13.0.8~dev8-3.13 is installed OR openstack-dashboard-14.0.5~dev1-3.9 is installed OR openstack-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR openstack-keystone-14.1.1~dev26-3.13 is installed OR openstack-manila-7.3.1~dev15-4.13 is installed OR openstack-manila-api-7.3.1~dev15-4.13 is installed OR openstack-manila-data-7.3.1~dev15-4.13 is installed OR openstack-manila-scheduler-7.3.1~dev15-4.13 is installed OR openstack-manila-share-7.3.1~dev15-4.13 is installed OR openstack-neutron-13.0.6~dev3-3.13 is installed OR openstack-neutron-dhcp-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-fwaas-13.0.3~dev2-3.6 is installed OR openstack-neutron-ha-tool-13.0.6~dev3-3.13 is installed OR openstack-neutron-l3-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-lbaas-13.0.1~dev15-3.10 is installed OR openstack-neutron-lbaas-agent-13.0.1~dev15-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-macvtap-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metadata-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-metering-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-openvswitch-agent-13.0.6~dev3-3.13 is installed OR openstack-neutron-server-13.0.6~dev3-3.13 is installed OR openstack-nova-18.2.4~dev18-3.13 is installed OR openstack-nova-api-18.2.4~dev18-3.13 is installed OR openstack-nova-cells-18.2.4~dev18-3.13 is installed OR openstack-nova-compute-18.2.4~dev18-3.13 is installed OR openstack-nova-conductor-18.2.4~dev18-3.13 is installed OR openstack-nova-console-18.2.4~dev18-3.13 is installed OR openstack-nova-novncproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-placement-api-18.2.4~dev18-3.13 is installed OR openstack-nova-scheduler-18.2.4~dev18-3.13 is installed OR openstack-nova-serialproxy-18.2.4~dev18-3.13 is installed OR openstack-nova-vncproxy-18.2.4~dev18-3.13 is installed OR openstack-octavia-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-agent-3.2.1~dev1-3.13 is installed OR openstack-octavia-amphora-image-0.1.1-7.3 is installed OR openstack-octavia-amphora-image-x86_64-0.1.1-7.3 is installed OR openstack-octavia-api-3.2.1~dev1-3.13 is installed OR openstack-octavia-health-manager-3.2.1~dev1-3.13 is installed OR openstack-octavia-housekeeping-3.2.1~dev1-3.13 is installed OR openstack-octavia-worker-3.2.1~dev1-3.13 is installed OR pdns-4.1.8-3.3 is installed OR pdns-backend-mysql-4.1.8-3.3 is installed OR python-Django1-1.11.24-3.12 is installed OR python-cinder-13.0.8~dev8-3.13 is installed OR python-horizon-14.0.5~dev1-3.9 is installed OR python-horizon-plugin-manila-ui-2.16.2~dev2-3.3 is installed OR python-keystone-14.1.1~dev26-3.13 is installed OR python-keystonemiddleware-5.2.1-11 is installed OR python-manila-7.3.1~dev15-4.13 is installed OR python-neutron-13.0.6~dev3-3.13 is installed OR python-neutron-fwaas-13.0.3~dev2-3.6 is installed OR python-neutron-lbaas-13.0.1~dev15-3.10 is installed OR python-nova-18.2.4~dev18-3.13 is installed OR python-octavia-3.2.1~dev1-3.13 is installed OR python-octaviaclient-1.6.1-3.3 is installed OR python-openstack_auth-14.0.5~dev1-3.9 is installed OR python-os-brick-2.5.8-3.6 is installed OR python-os-brick-common-2.5.8-3.6 is installed OR python-oslo.cache-1.30.4-3.3 is installed OR python-oslo.messaging-8.1.4-3.3 is installed OR venv-openstack-barbican-7.0.1~dev18-3.11 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev18-3.11 is installed OR venv-openstack-cinder-13.0.8~dev8-3.11 is installed OR venv-openstack-cinder-x86_64-13.0.8~dev8-3.11 is installed OR venv-openstack-designate-7.0.1~dev22-3.11 is installed OR venv-openstack-designate-x86_64-7.0.1~dev22-3.11 is installed OR venv-openstack-glance-17.0.1~dev30-3.11 is installed OR venv-openstack-glance-x86_64-17.0.1~dev30-3.11 is installed OR venv-openstack-heat-11.0.3~dev23-3.11 is installed OR venv-openstack-heat-x86_64-11.0.3~dev23-3.11 is installed OR venv-openstack-horizon-14.0.5~dev1-4.11 is installed OR venv-openstack-horizon-x86_64-14.0.5~dev1-4.11 is installed OR venv-openstack-keystone-14.1.1~dev26-3.11 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev26-3.11 is installed OR venv-openstack-magnum-7.1.1~dev28-4.11 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.11 is installed OR venv-openstack-manila-7.3.1~dev15-3.11 is installed OR venv-openstack-manila-x86_64-7.3.1~dev15-3.11 is installed OR venv-openstack-monasca-2.7.1~dev10-3.11 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.11 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.11 is installed OR venv-openstack-monasca-x86_64-2.7.1~dev10-3.11 is installed OR venv-openstack-neutron-13.0.6~dev3-6.11 is installed OR venv-openstack-neutron-x86_64-13.0.6~dev3-6.11 is installed OR venv-openstack-nova-18.2.4~dev18-3.11 is installed OR venv-openstack-nova-x86_64-18.2.4~dev18-3.11 is installed OR venv-openstack-octavia-3.2.1~dev1-4.11 is installed OR venv-openstack-octavia-x86_64-3.2.1~dev1-4.11 is installed OR venv-openstack-sahara-9.0.2~dev12-3.11 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev12-3.11 is installed OR venv-openstack-swift-2.19.2~dev1-2.8 is installed OR venv-openstack-swift-x86_64-2.19.2~dev1-2.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
BACK