Oval Definition:oval:org.opensuse.security:def:81360
Revision Date:2017-04-06Version:1
Title:Security update for dracut (Moderate)
Description:



This update for dracut fixes the following issues:

Security issues fixed:

- CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd would be read-only available for all users, allowing local users to retrieve secrets stored in the initial ramdisk. (bsc#1008340)

Non security issues fixed:

- Remove zlib module as requirement. (bsc#1020063) - Unlimit TaskMax for xfs_repair in emergency shell. (bsc#1019938) - Resolve symbolic links for -i and -k parameters. (bsc#902375) - Enhance purge-kernels script to handle kgraft patches. (bsc#1017141) - Allow booting from degraded MD arrays with systemd. (bsc#1017695) - Allow booting on s390x with fips=1 on the kernel command line. (bnc#1021687) - Start multipath services before local-fs-pre.target. (bsc#1005410, bsc#1006118, bsc#1007925) - Fix /sbin/installkernel to handle kernel packages built with 'make bin-rpmpkg'. (bsc#1008648)
Family:unixClass:patch
Status:Reference(s):1005410
1006118
1007925
1008340
1008648
1017141
1017695
1019938
1020063
1021687
902375
CVE-2016-8637
SUSE-SU-2017:0951-1
Platform(s):SUSE Linux Enterprise Server 12 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • dracut-044-108.1 is installed
  • OR dracut-fips-044-108.1 is installed
    • BACK