Oval Definition:	oval:org.opensuse.security:def:8352
Revision Date: 2020-12-10 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141). - CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178123). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182). - CVE-2020-25704: Fixed a leak in perf_event_parse_addr_filter() (bsc#1178393). - CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107) - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589). - CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429). - CVE-2020-25705: Fixed an issue which could have allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization (bsc#1175721). - CVE-2020-28941: Fixed an issue where local attackers on systems with the speakup driver could cause a local denial of service attack (bsc#1178740). - CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666). - CVE-2020-29369: Fixed a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe (bnc#1173504 1179432). The following non-security bugs were fixed: - 9P: Cast to loff_t before multiplying (git-fixes). - ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes). - ACPICA: Add NHLT table signature (bsc#1176200). - ACPI: dock: fix enum-conversion warning (git-fixes). - ACPI / extlog: Check for RDMSR failure (git-fixes). - ACPI: GED: fix -Wformat (git-fixes). - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes). - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes). - Add bug reference to two hv_netvsc patches (bsc#1178853). - ALSA: ctl: fix error path at adding user-defined element set (git-fixes). - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes). - ALSA: fix kernel-doc markups (git-fixes). - ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes). - ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes). - ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes). - ALSA: hda/realtek - Add supported mute Led for HP (git-fixes). - ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes). - ALSA: hda/realtek - Fixed HP headset Mic can't be detected (git-fixes). - ALSA: hda/realtek - HP Headset Mic can't detect after boot (git-fixes). - ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes). - ALSA: mixart: Fix mutex deadlock (git-fixes). - ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes). - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes). - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes). - arm64: bpf: Fix branch offset in JIT (git-fixes). - arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes). - arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes). - arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes). - arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes). - arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes). - arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes). - arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes). - arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes). - arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes). - arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes). - arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes). - arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes). - arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes). - arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes). - arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs (git-fixes). - arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes). - arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes). - arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes). - arm64: vdso: Add '-Bsymbolic' to ldflags (git-fixes). - arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes). - ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes). - ASoC: cs42l51: manage mclk shutdown delay (git-fixes). - ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes). - ASoC: qcom: lpass-platform: Fix memory leak (git-fixes). - ASoC: qcom: sdm845: set driver name correctly (git-fixes). - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes). - ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes). - batman-adv: set .owner to THIS_MODULE (git-fixes). - bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274). - bnxt_en: Check abort error state in bnxt_open_nic() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix NULL ptr dereference crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Invoke cancel_delayed_work_sync() for PFs also (jsc#SLE-8371 bsc#1153274). - bnxt_en: return proper error codes in bnxt_show_temp (git-fixes). - bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274). - bpf: Do not rely on GCC __attribute__((optimize)) to disable GCSE (bsc#1155518). - bpf: Fix comment for helper bpf_current_task_under_cgroup() (bsc#1155518). - bpf: Zero-fill re-used per-cpu map element (bsc#1155518). - btrfs: Account for merged patches upstream Move below patches to sorted section. - btrfs: cleanup cow block on error (bsc#1178584). - btrfs: fix bytes_may_use underflow in prealloc error condtition (bsc#1179217). - btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217). - btrfs: fix relocation failure due to race with fallocate (bsc#1179217). - btrfs: remove item_size member of struct btrfs_clone_extent_info (bsc#1179217). - btrfs: rename btrfs_insert_clone_extent() to a more generic name (bsc#1179217). - btrfs: rename btrfs_punch_hole_range() to a more generic name (bsc#1179217). - btrfs: rename struct btrfs_clone_extent_info to a more generic name (bsc#1179217). - btrfs: reschedule if necessary when logging directory items (bsc#1178585). - btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579). - btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581). - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes). - can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes). - can: dev: can_restart(): post buffer from the right context (git-fixes). - can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes). - can: flexcan: flexcan_setup_stop_mode(): add missing 'req_bit' to stop mode property comment (git-fixes). - can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes). - can: gs_usb: fix endianess problem with candleLight firmware (git-fixes). - can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits (git-fixes). - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes). - can: m_can: m_can_handle_state_change(): fix state change (git-fixes). - can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes). - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes). - can: peak_usb: add range checking in decode operations (git-fixes). - can: peak_usb: fix potential integer overflow on shift of a int (git-fixes). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes). - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes). - ceph: add check_session_state() helper and make it global (bsc#1179012). - ceph: check session state after bumping session->s_seq (bsc#1179012). - ceph: check the sesion state and return false in case it is closed (bsc#1179012). - ceph: downgrade warning from mdsmap decode to debug (bsc#1178653). - ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635). - cfg80211: initialize wdev data earlier (git-fixes). - cfg80211: regulatory: Fix inconsistent format argument (git-fixes). - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211). - cifs: remove bogus debug code (bsc#1179427). - cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426). - clk: define to_clk_regmap() as inline function (git-fixes). - Convert trailing spaces and periods in path components (bsc#1179424). - cosa: Add missing kfree in error path of cosa_write (git-fixes). - dax: fix detection of dax support for non-persistent memory block devices (bsc#1171073). - dax: Fix stack overflow when mounting fsdax pmem device (bsc#1171073). - Delete patches.suse/fs-select.c-batch-user-writes-in-do_sys_poll.patch (bsc#1179419) - devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353). - docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes). - Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076). - Do not create null.i000.ipa-clones file (bsc#1178330) Kbuild cc-option compiles /dev/null file to test for an option availability. Filter out -fdump-ipa-clones so that null.i000.ipa-clones file is not generated in the process. - drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873). - drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397). - drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes). - Drop sysctl files for dropped archs, add ppc64le and arm (bsc#1178838). Also correct the page size on ppc64. - EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001). - EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001). - EDAC/amd64: Gather hardware information early (bsc#1179001). - EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001). - EDAC/amd64: Make struct amd64_family_type global (bsc#1179001). - EDAC/amd64: Save max number of controllers to family type (bsc#1179001). - EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001). - efi: add missed destroy_workqueue when efisubsys_init fails (git-fixes). - efi: efibc: check for efivars write capability (git-fixes). - efi: EFI_EARLYCON should depend on EFI (git-fixes). - efi/efivars: Set generic ops before loading SSDT (git-fixes). - efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes). - efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes). - efi: provide empty efi_enter_virtual_mode implementation (git-fixes). - efivarfs: fix memory leak in efivarfs_create() (git-fixes). - efivarfs: revert 'fix memory leak in efivarfs_create()' (git-fixes). - efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes). - efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes). - efi/x86: Fix the deletion of variables in mixed mode (git-fixes). - efi/x86: Free efi_pgd with free_pages() (git-fixes). - efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes). - efi/x86: Ignore the memory attributes table on i386 (git-fixes). - efi/x86: Map the entire EFI vendor string before copying it (git-fixes). - exfat: fix name_hash computation on big endian systems (git-fixes). - exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes). - exfat: fix possible memory leak in exfat_find() (git-fixes). - exfat: fix use of uninitialized spinlock on error path (git-fixes). - exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes). - fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (git-fixes). - Fix wrongly set CONFIG_SOUNDWIRE=y (bsc#1179201) CONFIG_SOUNDWIRE was mistakenly set as built-in. Mark it as module. - ftrace: Fix recursion check for NMI test (git-fixes). - ftrace: Handle tracing when switching between context (git-fixes). - futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1149032). - futex: Handle transient 'ownerless' rtmutex state correctly (bsc#1149032). - gpio: pcie-idio-24: Enable PEX8311 interrupts (git-fixes). - gpio: pcie-idio-24: Fix IRQ Enable Register value (git-fixes). - gpio: pcie-idio-24: Fix irq mask when masking (git-fixes). - HID: logitech-dj: Fix an error in mse_bluetooth_descriptor (git-fixes). - HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes). - HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes). - HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes). - hv_balloon: disable warning when floor reached (git-fixes). - hv: clocksource: Add notrace attribute to read_hv_sched_clock_*() functions (git-fixes). - hv_netvsc: Add XDP support (bsc#1177820). - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177820). - hv_netvsc: make recording RSS hash depend on feature flag (bsc#1177820). - hv_netvsc: record hardware hash in skb (bsc#1177820). - hwmon: (pwm-fan) Fix RPM calculation (git-fixes). - hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306). - i2c: mediatek: move dma reset before i2c reset (git-fixes). - i2c: sh_mobile: implement atomic transfers (git-fixes). - igc: Fix not considering the TX delay for timestamps (bsc#1160634). - igc: Fix wrong timestamp latency numbers (bsc#1160634). - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes). - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes). - iio: adc: mediatek: fix unset field (git-fixes). - iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes). - Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes). - Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes). - intel_idle: Customize IceLake server support (bsc#1178286). - ionic: check port ptr before use (bsc#1167773). - iwlwifi: mvm: write queue_sync_state only for sync (git-fixes). - kABI: revert use_mm name change (MM Functionality, bsc#1178426). - kABI workaround for HD-audio (git-fixes). - kernel: better document the use_mm/unuse_mm API contract (MM Functionality, bsc#1178426). - kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082) - kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install - kernel/watchdog: fix watchdog_allowed_mask not used warning (git-fixes). - kgdb: Fix spurious true from in_dbg_master() (git-fixes). - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes). - KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 does not return SMCCC_RET_NOT_REQUIRED (git-fixes). - lan743x: fix 'BUG: invalid wait context' when setting rx mode (git-fixes). - lan743x: fix issue causing intermittent kernel log warnings (git-fixes). - lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes). - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes). - libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518). - libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873). - lib/crc32test: remove extra local_irq_disable/enable (git-fixes). - libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - lib/strncpy_from_user.c: Mask out bytes after NUL terminator (bsc#1155518). - mac80211: always wind down STA state (git-fixes). - mac80211: fix use of skb payload instead of header (git-fixes). - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - mac80211: minstrel: fix tx status processing corner case (git-fixes). - mac80211: minstrel: remove deferred sampling code (git-fixes). - media: imx274: fix frame interval handling (git-fixes). - media: platform: Improve queue set up flow for bug fixing (git-fixes). - media: tw5864: check status of tw5864_frameinterval_get (git-fixes). - media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes). - media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes). - mei: protect mei_cl_mtu from null dereference (git-fixes). - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703). - mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes). - mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (git-fixes). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes). - mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes). - mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426). - mm: fix kthread_use_mm() vs TLB invalidate (MM Functionality, bsc#1178426). - mm/gup: allow FOLL_FORCE for get_user_pages_fast() (git fixes (mm/gup)). - mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235). - mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)). - mm, memcg: fix inconsistent oom event behavior (bsc#1178659). - mm/memcg: fix refcount error while moving and swapping (bsc#1178686). - mm/memcontrol.c: add missed css_put() (bsc#1178661). - mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)). - mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes). - mm: swap: make page_evictable() inline (git fixes (mm/vmscan)). - mm: swap: use smp_mb__after_atomic() to order LRU bit set (git fixes (mm/vmscan)). - mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755). - modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076). - net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873). - net: ena: Capitalize all log strings and improve code readability (bsc#1177397). - net: ena: Change license into format to SPDX in all files (bsc#1177397). - net: ena: Change log message to netif/dev function (bsc#1177397). - net: ena: Change RSS related macros and variables names (bsc#1177397). - net: ena: ethtool: Add new device statistics (bsc#1177397). - net: ena: ethtool: add stats printing to XDP queues (bsc#1177397). - net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397). - net: ena: Fix all static chekers' warnings (bsc#1177397). - net: ena: fix packet's addresses for rx_offset feature (bsc#1174852). - net: ena: handle bad request id in ena_netdev (bsc#1174852). - net: ena: Remove redundant print of placement policy (bsc#1177397). - net: ena: xdp: add queue counters for xdp actions (bsc#1177397). - net: fix pos incrementment in ipv6_route_seq_next (bsc#1154353). - net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h (bsc#1172873). - net/mlx5: Clear bw_share upon VF disable (jsc#SLE-8464). - net/mlx5: E-Switch, Fail mlx5_esw_modify_vport_rate if qos disabled (jsc#SLE-8464). - net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461). - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes). - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes). - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139). - NFSv4: Handle NFS4ERR_OLD_STATEID in CLOSE/OPEN_DOWNGRADE (bsc#1176180). - NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE (bsc#1176180). - NFSv4.x recover from pre-mature loss of openstateid (bsc#1176180). - nvme: do not update disk info for multipathed device (bsc#1171558). - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873). - p54: avoid accessing the data mapped to streaming DMA (git-fixes). - PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes). - pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes). - pinctrl: amd: use higher precision for 512 RtcClk (git-fixes). - pinctrl: aspeed: Fix GPI only function problem (git-fixes). - pinctrl: intel: Set default bias in case no particular value given (git-fixes). - platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time (git-fixes). - platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes). - PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes). - powerpc/64s/radix: Fix mm_cpumask trimming race vs kthread_use_mm (MM Functionality, bsc#1178426). - powerpc: Inline doorbell sending functions (jsc#SLE-15869 jsc#SLE-16321). - powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jsc#SLE-16360 jsc#SLE-16915). - powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pseries: Add KVM guest doorbell restrictions (jsc#SLE-15869 jsc#SLE-16321). - powerpc/pseries: new lparcfg key/value pair: partition_affinity_score (jsc#SLE-16360 jsc#SLE-16915). - powerpc/pseries: Use doorbells even if XIVE is available (jsc#SLE-15869 jsc#SLE-16321). - powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM (MM Functionality, bsc#1178426). - powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293). - power: supply: bq27xxx: report 'not charging' on all types (git-fixes). - power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes). - qla2xxx: Add MODULE_VERSION back to driver (bsc#1179160). - RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP (jsc#SLE-8449). - RDMA/hns: Fix the wrong value of rnr_retry when querying qp (jsc#SLE-8449). - RDMA/hns: Fix wrong field of SRQ number the device supports (jsc#SLE-8449). - RDMA/hns: Solve the overflow of the calc_pg_sz() (jsc#SLE-8449). - RDMA/mlx5: Fix devlink deadlock on net namespace deletion (jsc#SLE-8464). - RDMA/qedr: Fix return code if accept is called on a destroyed qp (jsc#SLE-8215). - RDMA/ucma: Add missing locking around rdma_leave_multicast() (git-fixes). - reboot: fix overflow parsing reboot cpu number (git-fixes). - Refresh patches.suse/vfs-add-super_operations-get_inode_dev. (bsc#1176983) - regulator: avoid resolve_supply() infinite recursion (git-fixes). - regulator: defer probe when trying to get voltage from unresolved supply (git-fixes). - regulator: fix memory leak with repeated set_machine_constraints() (git-fixes). - regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} (git-fixes). - regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes). - regulator: workaround self-referent regulators (git-fixes). - Restore the header of series.conf The header of series.conf was accidentally changed by abb50be8e6bc '(kABI: revert use_mm name change (MM Functionality, bsc#1178426))'. - Revert 'cdc-acm: hardening against malicious devices' (git-fixes). - Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (git-fixes). - Revert 'xfs: complain if anyone tries to create a too-large buffer' (bsc#1179425, bsc#1179550). - rfkill: Fix use-after-free in rfkill_resume() (git-fixes). - ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes). - rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger - - rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two. - rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for 'grep -E'. So use the latter instead. - rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401) - rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082). - rpm/mkspec: do not build kernel-obs-build on x86_32 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*\.x86_64.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly. - s390/bpf: Fix multiple tail calls (git-fixes). - s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175918 LTC#187935). - s390/cpum_sf.c: fix file permission for cpum_sfb_size (git-fixes). - s390/dasd: fix null pointer dereference for ERP requests (git-fixes). - s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes). - s390/zcrypt: fix kmalloc 256k failure (bsc#1177066 LTC#188341). - s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (bsc#1177070 LTC#188342). - sched/fair: Ensure tasks spreading in LLC during LB (git fixes (sched)). - sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (git fixes (sched)). - sched: Fix loadavg accounting race on arm64 kabi (bnc#1178227). - sched: Fix rq->nr_iowait ordering (git fixes (sched)). - scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section - scsi: libiscsi: Fix NOP race condition (bsc#1176481). - scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873). - serial: 8250_mtk: Fix uart_get_baud_rate warning (git-fixes). - serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes). - spi: lpspi: Fix use-after-free on unbind (git-fixes). - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes). - staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes). - staging: octeon: repair 'fixed-link' support (git-fixes). - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes). - SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1154353). - SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow() (git-fixes). - svcrdma: fix bounce buffers for unaligned offsets and multiple pages (git-fixes). - tcp: use sendpage_ok() to detect misused .sendpage (bsc#1172873). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes). - thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services() (git-fixes). - timer: Fix wheel index calculation on last level (git-fixes). - timer: Prevent base->clk from moving backward (git-fixes). - tpm: efi: Do not create binary_bios_measurements file for an empty log (git-fixes). - tpm_tis: Disable interrupts on ThinkPad T490s (git-fixes). - tracing: Fix out of bounds write in get_trace_buf (git-fixes). - tty: serial: fsl_lpuart: add LS1028A support (git-fixes). - tty: serial: fsl_lpuart: LS1021A had a FIFO size of 16 words, like LS1028A (git-fixes). - tty: serial: imx: fix potential deadlock (git-fixes). - tty: serial: imx: keep console clocks always on (git-fixes). - uio: Fix use-after-free in uio_unregister_device() (git-fixes). - uio: free uio id after uio file node is freed (git-fixes). - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes). - USB: adutux: fix debugging (git-fixes). - USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes). - USB: cdc-acm: fix cooldown mechanism (git-fixes). - USB: core: Change %pK for __user pointers to %px (git-fixes). - USB: core: driver: fix stray tabs in error messages (git-fixes). - USB: core: Fix regression in Hercules audio card (git-fixes). - USB: gadget: Fix memleak in gadgetfs_fill_super (git-fixes). - USB: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes). - USB: gadget: goku_udc: fix potential crashes in probe (git-fixes). - USB: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes). - USB: mtu3: fix panic in mtu3_gadget_stop() (git-fixes). - USB: serial: cyberjack: fix write-URB completion race (git-fixes). - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes). - USB: serial: option: add Quectel EC200T module support (git-fixes). - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes). - USB: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes). - USB: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes). - USB: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes). - video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes). - video: hyperv_fb: include vmalloc.h (git-fixes). - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306). - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306). - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306). - virtio: virtio_console: fix DMA memory allocation for rproc serial (git-fixes). - vt: Disable KD_FONT_OP_COPY (bsc#1178589). - x86/hyperv: Clarify comment on x2apic mode (git-fixes). - x86/i8259: Use printk_deferred() to prevent deadlock (git-fixes). - x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306). - x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1152489). - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1152489). - xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146). - xfs: do not update mtime on COW faults (bsc#1167030). - xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes). - xfs: fix brainos in the refcount scrubber's rmap fragment processor (git-fixes). - xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes). - xfs: fix rmap key and record comparison functions (git-fixes). - xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes). - xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes). - xfs: introduce XFS_MAX_FILEOFF (bsc#1166166). - xfs: prohibit fs freezing when using empty transactions (bsc#1179442). - xfs: remove unused variable 'done' (bsc#1166166). - xfs: revert 'xfs: fix rmap key and record comparison functions' (git-fixes). - xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents (git-fixes). - xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes). - xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166). - xhci: Fix sizeof() mismatch (git-fixes). - xhci: hisilicon: fix refercence leak in xhci_histb_probe (git-fixes). kernel-default-base fixes the following issues: - Add wireguard kernel module (bsc#1179225) - Create the list of crypto kernel modules dynamically, supersedes hardcoded list of crc32 implementations (bsc#1177577) Family: unix Class: patch Status: Reference(s): 1149032 1152489 1153274 1154353 1155518 1160634 1166146 1166166 1167030 1167773 1170139 1171073 1171558 1172873 1173504 1174852 1175306 1175918 1176109 1176180 1176200 1176481 1176586 1176855 1176983 1177066 1177070 1177353 1177397 1177577 1177666 1177703 1177820 1178123 1178182 1178227 1178286 1178304 1178330 1178393 1178401 1178426 1178461 1178579 1178581 1178584 1178585 1178589 1178635 1178653 1178659 1178661 1178669 1178686 1178740 1178755 1178762 1178838 1178853 1178886 1179001 1179012 1179014 1179015 1179045 1179076 1179082 1179107 1179140 1179141 1179160 1179201 1179211 1179217 1179225 1179419 1179424 1179425 1179426 1179427 1179429 1179432 1179442 1179550 CVE-2008-3825 CVE-2009-0023 CVE-2009-0793 CVE-2009-1384 CVE-2009-1494 CVE-2009-1720 CVE-2009-1721 CVE-2009-2412 CVE-2009-3560 CVE-2009-3720 CVE-2010-1623 CVE-2011-4971 CVE-2012-0247 CVE-2012-0248 CVE-2012-0786 CVE-2012-1185 CVE-2012-1186 CVE-2012-2669 CVE-2012-2673 CVE-2012-5532 CVE-2013-0179 CVE-2013-1983 CVE-2013-4276 CVE-2013-7239 CVE-2013-7290 CVE-2013-7291 CVE-2014-10070 CVE-2014-10071 CVE-2014-10072 CVE-2014-8119 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2014-9907 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-10046 CVE-2016-10048 CVE-2016-10049 CVE-2016-10050 CVE-2016-10051 CVE-2016-10052 CVE-2016-10059 CVE-2016-10060 CVE-2016-10061 CVE-2016-10062 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10068 CVE-2016-10069 CVE-2016-10070 CVE-2016-10071 CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2016-10714 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5118 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-6520 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540 CVE-2016-7799 CVE-2016-7800 CVE-2016-7837 CVE-2016-7944 CVE-2016-7996 CVE-2016-7997 CVE-2016-8677 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684 CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9427 CVE-2016-9556 CVE-2016-9559 CVE-2016-9773 CVE-2016-9797 CVE-2016-9798 CVE-2016-9800 CVE-2016-9801 CVE-2016-9802 CVE-2016-9804 CVE-2016-9917 CVE-2016-9918 CVE-2017-1000250 CVE-2017-1000445 CVE-2017-1000476 CVE-2017-10800 CVE-2017-10928 CVE-2017-10995 CVE-2017-11141 CVE-2017-11166 CVE-2017-11170 CVE-2017-11188 CVE-2017-11403 CVE-2017-11446 CVE-2017-11448 CVE-2017-11449 CVE-2017-11450 CVE-2017-11478 CVE-2017-11505 CVE-2017-11523 CVE-2017-11524 CVE-2017-11525 CVE-2017-11526 CVE-2017-11527 CVE-2017-11528 CVE-2017-11529 CVE-2017-11530 CVE-2017-11531 CVE-2017-11532 CVE-2017-11533 CVE-2017-11534 CVE-2017-11535 CVE-2017-11537 CVE-2017-11539 CVE-2017-11638 CVE-2017-11639 CVE-2017-11640 CVE-2017-11642 CVE-2017-11644 CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-12140 CVE-2017-12418 CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12431 CVE-2017-12432 CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 CVE-2017-12563 CVE-2017-12564 CVE-2017-12565 CVE-2017-12566 CVE-2017-12587 CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12667 CVE-2017-12668 CVE-2017-12669 CVE-2017-12670 CVE-2017-12671 CVE-2017-12672 CVE-2017-12673 CVE-2017-12674 CVE-2017-12675 CVE-2017-12676 CVE-2017-12691 CVE-2017-12692 CVE-2017-12693 CVE-2017-12935 CVE-2017-12983 CVE-2017-13058 CVE-2017-13059 CVE-2017-13060 CVE-2017-13061 CVE-2017-13062 CVE-2017-13080 CVE-2017-13081 CVE-2017-13131 CVE-2017-13133 CVE-2017-13134 CVE-2017-13139 CVE-2017-13141 CVE-2017-13142 CVE-2017-13146 CVE-2017-13147 CVE-2017-13194 CVE-2017-13648 CVE-2017-13658 CVE-2017-13758 CVE-2017-13768 CVE-2017-13769 CVE-2017-14042 CVE-2017-14060 CVE-2017-14103 CVE-2017-14138 CVE-2017-14139 CVE-2017-14172 CVE-2017-14173 CVE-2017-14174 CVE-2017-14175 CVE-2017-14224 CVE-2017-14249 CVE-2017-14314 CVE-2017-14325 CVE-2017-14326 CVE-2017-14341 CVE-2017-14342 CVE-2017-14343 CVE-2017-14505 CVE-2017-14531 CVE-2017-14533 CVE-2017-14607 CVE-2017-14649 CVE-2017-14682 CVE-2017-14733 CVE-2017-14739 CVE-2017-14989 CVE-2017-14997 CVE-2017-15016 CVE-2017-15017 CVE-2017-15033 CVE-2017-15108 CVE-2017-15217 CVE-2017-15218 CVE-2017-15277 CVE-2017-15281 CVE-2017-15930 CVE-2017-16352 CVE-2017-16353 CVE-2017-16545 CVE-2017-16546 CVE-2017-16669 CVE-2017-17504 CVE-2017-17680 CVE-2017-17681 CVE-2017-17682 CVE-2017-17879 CVE-2017-17881 CVE-2017-17882 CVE-2017-17884 CVE-2017-17885 CVE-2017-17887 CVE-2017-17914 CVE-2017-17934 CVE-2017-18008 CVE-2017-18022 CVE-2017-18027 CVE-2017-18028 CVE-2017-18029 CVE-2017-18205 CVE-2017-18209 CVE-2017-18211 CVE-2017-18250 CVE-2017-18251 CVE-2017-18252 CVE-2017-18254 CVE-2017-18271 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511 CVE-2017-5715 CVE-2017-6502 CVE-2017-7555 CVE-2017-7606 CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8343 CVE-2017-8344 CVE-2017-8345 CVE-2017-8346 CVE-2017-8347 CVE-2017-8348 CVE-2017-8349 CVE-2017-8350 CVE-2017-8351 CVE-2017-8352 CVE-2017-8353 CVE-2017-8354 CVE-2017-8355 CVE-2017-8356 CVE-2017-8357 CVE-2017-8765 CVE-2017-8830 CVE-2017-9098 CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 CVE-2017-9261 CVE-2017-9262 CVE-2017-9405 CVE-2017-9407 CVE-2017-9409 CVE-2017-9439 CVE-2017-9440 CVE-2017-9500 CVE-2017-9501 CVE-2017-9951 CVE-2018-1000115 CVE-2018-10177 CVE-2018-1071 CVE-2018-10804 CVE-2018-10805 CVE-2018-1083 CVE-2018-11251 CVE-2018-11655 CVE-2018-11656 CVE-2018-12599 CVE-2018-12600 CVE-2018-14434 CVE-2018-14435 CVE-2018-14436 CVE-2018-14437 CVE-2018-16323 CVE-2018-16329 CVE-2018-16413 CVE-2018-16640 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645 CVE-2018-16749 CVE-2018-16750 CVE-2018-17965 CVE-2018-17966 CVE-2018-18016 CVE-2018-18024 CVE-2018-5246 CVE-2018-5247 CVE-2018-5357 CVE-2018-5685 CVE-2018-6405 CVE-2018-7443 CVE-2018-7470 CVE-2018-7549 CVE-2018-8804 CVE-2018-8960 CVE-2018-9018 CVE-2018-9133 CVE-2018-9135 CVE-2020-15436 CVE-2020-15437 CVE-2020-25668 CVE-2020-25669 CVE-2020-25704 CVE-2020-27777 CVE-2020-28915 CVE-2020-28941 CVE-2020-28974 CVE-2020-29369 CVE-2020-29371 CVE-2020-4788 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise for SAP 11 SP2 SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP4 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Real Time Extension 11 SP1 SUSE Linux Enterprise Real Time Extension 12 SP3 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information conntrack-tools-1.4.2-5.2 is installed OR libnetfilter_cthelper-1.0.0-7.1 is installed OR libnetfilter_cthelper0-1.0.0-7.1 is installed OR libnetfilter_cttimeout-1.0.0-9.1 is installed OR libnetfilter_cttimeout1-1.0.0-9.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND inst-source-utils-2012.9.13-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND python-setuptools-0.6c11-6.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.540-108.1 is installed OR flash-player-gnome-11.2.202.540-108.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information eog-3.10.2-2.3 is installed OR eog-lang-3.10.2-2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gvim-7.4.326-7 is installed OR vim-7.4.326-7 is installed OR vim-data-7.4.326-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information evince-3.20.1-6.16 is installed OR evince-browser-plugin-3.20.1-6.16 is installed OR evince-lang-3.20.1-6.16 is installed OR evince-plugin-djvudocument-3.20.1-6.16 is installed OR evince-plugin-dvidocument-3.20.1-6.16 is installed OR evince-plugin-pdfdocument-3.20.1-6.16 is installed OR evince-plugin-psdocument-3.20.1-6.16 is installed OR evince-plugin-tiffdocument-3.20.1-6.16 is installed OR evince-plugin-xpsdocument-3.20.1-6.16 is installed OR libevdocument3-4-3.20.1-6.16 is installed OR libevview3-3-3.20.1-6.16 is installed OR nautilus-evince-3.20.1-6.16 is installed OR typelib-1_0-EvinceDocument-3_0-3.20.1-6.16 is installed OR typelib-1_0-EvinceView-3_0-3.20.1-6.16 is installed Definition Synopsis SUSE Linux Enterprise for SAP 11 SP2 is installed AND Package Information java-1_4_2-ibm-sap-1.4.2_sr13.13-0.3.1 is installed OR java-1_4_2-ibm-sap-devel-1.4.2_sr13.13-0.3.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 SP2 is installed AND Package Information cluster-md-kmp-default-5.3.18-24.43.2 is installed OR dlm-kmp-default-5.3.18-24.43.2 is installed OR gfs2-kmp-default-5.3.18-24.43.2 is installed OR ocfs2-kmp-default-5.3.18-24.43.2 is installed Definition Synopsis SUSE Linux Enterprise High Availability Extension 11 SP3 is installed AND rubygem-bundler-1.7.0-0.7.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability Extension 11 SP4 is installed AND Package Information libpacemaker-devel-1.1.12-18.1 is installed OR libpacemaker3-1.1.12-18.1 is installed OR pacemaker-1.1.12-18.1 is installed OR pacemaker-cli-1.1.12-18.1 is installed OR pacemaker-remote-1.1.12-18.1 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_103-6_38-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_7-6-2 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP4 is installed AND Package Information kgraft-patch-4_12_14-95_3-default-3-2 is installed OR kgraft-patch-SLE12-SP4_Update_1-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-45 is installed OR salt-api-2016.11.4-45 is installed OR salt-bash-completion-2016.11.4-45 is installed OR salt-cloud-2016.11.4-45 is installed OR salt-doc-2016.11.4-45 is installed OR salt-master-2016.11.4-45 is installed OR salt-minion-2016.11.4-45 is installed OR salt-proxy-2016.11.4-45 is installed OR salt-ssh-2016.11.4-45 is installed OR salt-syndic-2016.11.4-45 is installed OR salt-zsh-completion-2016.11.4-45 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information ruby2.1-rubygem-rack-1_4-1.4.5-8 is installed OR rubygem-rack-1_4-1.4.5-8 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.2-8 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.2-8 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.2-8 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.2-8 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.32-33 is installed OR kernel-ec2-devel-3.12.32-33 is installed OR kernel-ec2-extra-3.12.32-33 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-15 is installed OR php5-5.5.14-15 is installed OR php5-bcmath-5.5.14-15 is installed OR php5-bz2-5.5.14-15 is installed OR php5-calendar-5.5.14-15 is installed OR php5-ctype-5.5.14-15 is installed OR php5-curl-5.5.14-15 is installed OR php5-dba-5.5.14-15 is installed OR php5-dom-5.5.14-15 is installed OR php5-enchant-5.5.14-15 is installed OR php5-exif-5.5.14-15 is installed OR php5-fastcgi-5.5.14-15 is installed OR php5-fileinfo-5.5.14-15 is installed OR php5-fpm-5.5.14-15 is installed OR php5-ftp-5.5.14-15 is installed OR php5-gd-5.5.14-15 is installed OR php5-gettext-5.5.14-15 is installed OR php5-gmp-5.5.14-15 is installed OR php5-iconv-5.5.14-15 is installed OR php5-intl-5.5.14-15 is installed OR php5-json-5.5.14-15 is installed OR php5-ldap-5.5.14-15 is installed OR php5-mbstring-5.5.14-15 is installed OR php5-mcrypt-5.5.14-15 is installed OR php5-mysql-5.5.14-15 is installed OR php5-odbc-5.5.14-15 is installed OR php5-openssl-5.5.14-15 is installed OR php5-pcntl-5.5.14-15 is installed OR php5-pdo-5.5.14-15 is installed OR php5-pear-5.5.14-15 is installed OR php5-pgsql-5.5.14-15 is installed OR php5-pspell-5.5.14-15 is installed OR php5-shmop-5.5.14-15 is installed OR php5-snmp-5.5.14-15 is installed OR php5-soap-5.5.14-15 is installed OR php5-sockets-5.5.14-15 is installed OR php5-sqlite-5.5.14-15 is installed OR php5-suhosin-5.5.14-15 is installed OR php5-sysvmsg-5.5.14-15 is installed OR php5-sysvsem-5.5.14-15 is installed OR php5-sysvshm-5.5.14-15 is installed OR php5-tokenizer-5.5.14-15 is installed OR php5-wddx-5.5.14-15 is installed OR php5-xmlreader-5.5.14-15 is installed OR php5-xmlrpc-5.5.14-15 is installed OR php5-xmlwriter-5.5.14-15 is installed OR php5-xsl-5.5.14-15 is installed OR php5-zip-5.5.14-15 is installed OR php5-zlib-5.5.14-15 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND Package Information MozillaFirefox-45.2.0esr-45.2 is installed OR MozillaFirefox-branding-SLED-45.0-23.10 is installed OR MozillaFirefox-translations-45.2.0esr-45.2 is installed OR firefox-fontconfig-2.11.0-2.1 is installed OR libfreebl3-3.21.1-35.1 is installed OR libsoftokn3-3.21.1-35.1 is installed OR mozilla-nspr-4.12-29.1 is installed OR mozilla-nss-3.21.1-35.1 is installed OR mozilla-nss-tools-3.21.1-35.1 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND Package Information salt-2016.11.4-46.7 is installed OR salt-minion-2016.11.4-46.7 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 11 SP1 is installed AND iscsitarget-kmp-rt-1.4.19_2.6.33.5_rt23_0.4-0.7.6 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP3 is installed AND Package Information cluster-md-kmp-rt-4.4.162-3.26 is installed OR dlm-kmp-rt-4.4.162-3.26 is installed OR gfs2-kmp-rt-4.4.162-3.26 is installed OR kernel-devel-rt-4.4.162-3.26 is installed OR kernel-rt-4.4.162-3.26 is installed OR kernel-rt-base-4.4.162-3.26 is installed OR kernel-rt-devel-4.4.162-3.26 is installed OR kernel-rt_debug-4.4.162-3.26 is installed OR kernel-rt_debug-devel-4.4.162-3.26 is installed OR kernel-source-rt-4.4.162-3.26 is installed OR kernel-syms-rt-4.4.162-3.26 is installed OR ocfs2-kmp-rt-4.4.162-3.26 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information libMagickCore1-6.4.3.6-7.19.1 is installed OR libMagickCore1-32bit-6.4.3.6-7.19.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information boost-license-1.36.0-11.17 is installed OR libboost_program_options1_36_0-1.36.0-11.17 is installed OR libboost_regex1_36_0-1.36.0-11.17 is installed OR libboost_signals1_36_0-1.36.0-11.17 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND ldapsmb-1.34b-12.24.4 is installed OR libldb1-3.6.3-0.24.4 is installed OR libsmbclient0-3.6.3-0.24.4 is installed OR libsmbclient0-32bit-3.6.3-0.24.4 is installed OR libsmbclient0-x86-3.6.3-0.24.4 is installed OR libtalloc2-3.6.3-0.24.4 is installed OR libtalloc2-32bit-3.6.3-0.24.4 is installed OR libtalloc2-x86-3.6.3-0.24.4 is installed OR libtdb1-3.6.3-0.24.4 is installed OR libtdb1-32bit-3.6.3-0.24.4 is installed OR libtdb1-x86-3.6.3-0.24.4 is installed OR libtevent0-3.6.3-0.24.4 is installed OR libwbclient0-3.6.3-0.24.4 is installed OR libwbclient0-32bit-3.6.3-0.24.4 is installed OR libwbclient0-x86-3.6.3-0.24.4 is installed OR samba-3.6.3-0.24.4 is installed OR samba-32bit-3.6.3-0.24.4 is installed OR samba-client-3.6.3-0.24.4 is installed OR samba-client-32bit-3.6.3-0.24.4 is installed OR samba-client-x86-3.6.3-0.24.4 is installed OR samba-doc-3.6.3-0.24.4 is installed OR samba-krb-printing-3.6.3-0.24.4 is installed OR samba-winbind-3.6.3-0.24.4 is installed OR samba-winbind-32bit-3.6.3-0.24.4 is installed OR samba-winbind-x86-3.6.3-0.24.4 is installed OR samba-x86-3.6.3-0.24.4 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND ldapsmb-1.34b-12.24.4 is installed OR libldb1-3.6.3-0.24.4 is installed OR libsmbclient0-3.6.3-0.24.4 is installed OR libsmbclient0-32bit-3.6.3-0.24.4 is installed OR libsmbclient0-x86-3.6.3-0.24.4 is installed OR libtalloc2-3.6.3-0.24.4 is installed OR libtalloc2-32bit-3.6.3-0.24.4 is installed OR libtalloc2-x86-3.6.3-0.24.4 is installed OR libtdb1-3.6.3-0.24.4 is installed OR libtdb1-32bit-3.6.3-0.24.4 is installed OR libtdb1-x86-3.6.3-0.24.4 is installed OR libtevent0-3.6.3-0.24.4 is installed OR libwbclient0-3.6.3-0.24.4 is installed OR libwbclient0-32bit-3.6.3-0.24.4 is installed OR libwbclient0-x86-3.6.3-0.24.4 is installed OR samba-3.6.3-0.24.4 is installed OR samba-32bit-3.6.3-0.24.4 is installed OR samba-client-3.6.3-0.24.4 is installed OR samba-client-32bit-3.6.3-0.24.4 is installed OR samba-client-x86-3.6.3-0.24.4 is installed OR samba-doc-3.6.3-0.24.4 is installed OR samba-krb-printing-3.6.3-0.24.4 is installed OR samba-winbind-3.6.3-0.24.4 is installed OR samba-winbind-32bit-3.6.3-0.24.4 is installed OR samba-winbind-x86-3.6.3-0.24.4 is installed OR samba-x86-3.6.3-0.24.4 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information bind-9.6ESVR5P1-0.8.1 is installed OR bind-chrootenv-9.6ESVR5P1-0.8.1 is installed OR bind-doc-9.6ESVR5P1-0.8.1 is installed OR bind-libs-9.6ESVR5P1-0.8.1 is installed OR bind-libs-32bit-9.6ESVR5P1-0.8.1 is installed OR bind-libs-x86-9.6ESVR5P1-0.8.1 is installed OR bind-utils-9.6ESVR5P1-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2-LTSS is installed AND Package Information java-1_7_0-ibm-1.7.0_sr9.40-52.1 is installed OR java-1_7_0-ibm-alsa-1.7.0_sr9.40-52.1 is installed OR java-1_7_0-ibm-devel-1.7.0_sr9.40-52.1 is installed OR java-1_7_0-ibm-jdbc-1.7.0_sr9.40-52.1 is installed OR java-1_7_0-ibm-plugin-1.7.0_sr9.40-52.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND apache2-mod_security2-2.7.1-0.2.18.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND apache2-mod_security2-2.7.1-0.2.18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information PolicyKit-0.9-14.41.1 is installed OR PolicyKit-32bit-0.9-14.41.1 is installed OR PolicyKit-doc-0.9-14.39.2 is installed OR PolicyKit-x86-0.9-14.41.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information MozillaFirefox-45.3.0esr-50.1 is installed OR MozillaFirefox-translations-45.3.0esr-50.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND NetworkManager-gnome-0.7.1-5.22.28 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 is installed AND MozillaFirefox-38.6.1esr-60 is installed OR MozillaFirefox-translations-38.6.1esr-60 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 is installed AND MozillaFirefox-38.6.1esr-60 is installed OR MozillaFirefox-translations-38.6.1esr-60 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information MozillaFirefox-31.7.0esr-34 is installed OR MozillaFirefox-translations-31.7.0esr-34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_0-openjdk-1.7.0.95-24 is installed OR java-1_7_0-openjdk-demo-1.7.0.95-24 is installed OR java-1_7_0-openjdk-devel-1.7.0.95-24 is installed OR java-1_7_0-openjdk-headless-1.7.0.95-24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information openvpn-2.3.8-16.17.1 is installed OR openvpn-auth-pam-plugin-2.3.8-16.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libIlmImf-Imf_2_1-21-2.1.0-4 is installed OR openexr-2.1.0-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libquicktime-1.2.4-14.3.1 is installed OR libquicktime0-1.2.4-14.3.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND hyper-v-7-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP5 is installed AND Package Information augeas-1.10.1-2 is installed OR augeas-lenses-1.10.1-2 is installed OR libaugeas0-1.10.1-2 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12-LTSS is installed AND kgraft-patch-3_12_55-52_45-default-4-2 is installed OR kgraft-patch-3_12_55-52_45-xen-4-2 is installed OR kgraft-patch-SLE12_Update_13-4-2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12-LTSS is installed AND kgraft-patch-3_12_55-52_45-default-4-2 is installed OR kgraft-patch-3_12_55-52_45-xen-4-2 is installed OR kgraft-patch-SLE12_Update_13-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information libgnutls-devel-2.4.1-24.39.47.1 is installed OR libgnutls-extra-devel-2.4.1-24.39.47.1 is installed OR libgnutls-extra26-2.4.1-24.39.47.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND PolicyKit-devel-0.9-14.43.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND cups-devel-1.7.5-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND libXxf86vm-devel-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND apache2-devel-2.4.23-14 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR ImageMagick-devel-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagick++-devel-6.8.8.1-70 is installed OR perl-PerlMagick-6.8.8.1-70 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR ImageMagick-devel-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagick++-devel-6.8.8.1-71.85 is installed OR perl-PerlMagick-6.8.8.1-71.85 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND icu-52.1-7.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gtk2-2.24.24-3.1 is installed OR typelib-1_0-Gtk-2_0-2.24.24-3.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information freerdp-2.0.0~git.1463131968.4e66df7-12.3.2 is installed OR libfreerdp2-2.0.0~git.1463131968.4e66df7-12.3.2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information freerdp-2.0.0~git.1463131968.4e66df7-12.3.2 is installed OR libfreerdp2-2.0.0~git.1463131968.4e66df7-12.3.2 is installed
BACK