Mailinglist Archive: opensuse-updates (99 mails)

< Previous Next >
openSUSE-SU-2013:0261-1: moderate: kernel: update to 3.4.28
openSUSE Security Update: kernel: update to 3.4.28
______________________________________________________________________________

Announcement ID: openSUSE-SU-2013:0261-1
Rating: moderate
References: #569991 #770763 #771392 #773831 #774859 #776925
#778630 #780624 #781327 #783615 #783965 #784192
#792500 #793671 #799209
Cross-References: CVE-2012-3520
Affected Products:
openSUSE 12.2
______________________________________________________________________________

An update that solves one vulnerability and has 14 fixes is
now available.

Description:


The Linux kernel was updated to 3.4.28 fixing various bugs
and security issues.

Following bugs were fixed:
- sysctl: Fixed vm.dirty_ratio sysctl name for desktop
flavors

- bridge: Pull ip header into skb->data before looking into
ip header (bnc#799209).
- x86: Hyper-V: register clocksource only if its advertised
(bnc#792500).

-
patches.fixes/thp-memcg-split-hugepage-for-memcg-oom-on-cow.
patch: thp, memcg: split hugepage for memcg oom on cow
(bnc#793671).

- x86-64: fix hypercall page unwind info.
- frontends: handle backend CLOSED without CLOSING.
- xenbus: fix overflow check in xenbus_dev_write().
- x86: don't corrupt %eip when returning from a signal
handler.
- Update Xen patches to 3.4.19.

- rpm/kernel-binary.spec.in: Do not remove fillup from the
buildsystem (bnc#781327)

- rpm/config.sh: Set ARM project for IBS

- Refresh patches.xen/xen-x86-EFI (fix build after update
to 3.4.17).

- ARM: Update config files: omap2plus: Set omapdrm as =y to
allow for console=tty

- rpm/config.sh: Add openSUSE:12.2:ARM:Update OBS project

- ARM: Update config files: Disable HVC_DCC, refresh config
files

- fix mmc on vexpress (kernel-default on armv7hl) for 3.4.

- rpm/kernel-binary.spec.in: Require coreutils in
kernel-*-devel (bnc#783615)

- ARM: Update config files: Fix default config

- ARM: Update config files: Fix default config to work with
vexpress

- Btrfs: fix enospc problems when deleting a subvol

- btrfs: enospc debugging messages

- ALSA: hda - Fix silent headphone output from Toshiba P200
(bnc#569991).
- ALSA: hda - Add inv-dmic model to possible Realtek codecs
(bnc#569991).
- ALSA: hda - Add inverted mic quirks for Asus U41SV, Acer
1810TZ and AOD260 (bnc#569991).
- ALSA: hda - Add the inverted digital mic workaround to
Realtek codecs (bnc#569991).
- rpm/kernel-binary.spec.in: Use a macro instead of
/etc/IGNORE-KABI-BADNESS
- rpm/kernel-binary.spec.in: Also check for
/etc/IGNORE-KABI-BADNESS file This allows to control the
kabi checker from outside of the package.

- memcg: oom: fix totalpages calculation for swappiness==0
(bnc#783965).

- ext4: completed_io locking cleanup.
- ext4: endless truncate due to nonlocked dio readers.
- ext4: ext4_inode_info diet.
- ext4: fix ext4_flush_completed_IO wait semantics.
- ext4: fix ext_remove_space for punch_hole case.
- ext4: fix unwritten counter leakage.
- ext4: give i_aiodio_unwritten a more appropriate name.
- ext4: punch_hole should wait for DIO writers.
- ext4: race-condition protection for
ext4_convert_unwritten_extents_endio.
- ext4: serialize dio nonlocked reads with defrag workers.
- ext4: serialize fallocate with
ext4_convert_unwritten_extents.
- ext4: serialize unlocked dio reads with truncate.

- x86/kbuild: archscripts depends on scripts_basic.

- kbuild: Fix gcc -x syntax (bnc#773831).

- Disable hyper-v patch to avoid kABI changes: Drivers: hv:
Explicitly size elements of protocol structures

- Hyper-V KVP IP injection (fate#31441)
- drivers: net: Remove casts to same type.
- drivers: hv: remove IRQF_SAMPLE_RANDOM which is now a
no-op.
- hyperv: Move wait completion msg code into
rndis_filter_halt_device().
- hyperv: Add comments for the extended buffer after RNDIS
message.
- Drivers: hv: Cleanup the guest ID computation.
- Drivers: hv: vmbus: Use the standard format string to
format GUIDs.
- Drivers: hv: Add KVP definitions for IP address injection.
- Drivers: hv: kvp: Cleanup error handling in KVP.
- Drivers: hv: Explicitly size elements of protocol
structures.
- Drivers: hv: kvp: Support the new IP injection messages.
- Tools: hv: Prepare to expand kvp_get_ip_address()
functionality.
- Tools: hv: Further refactor kvp_get_ip_address().
- Tools: hv: Gather address family information.
- Tools: hv: Gather subnet information.
- Tools: hv: Represent the ipv6 mask using CIDR notation.
- Tools: hv: Gather ipv[4,6] gateway information.
- hv: fail the probing immediately when we are not in
hyperv platform.
- hv: vmbus_drv: detect hyperv through x86_hyper.
- Tools: hv: Get rid of some unused variables.
- Tools: hv: Correctly type string variables.
- Tools: hv: Add an example script to retrieve DNS entries.
- Tools: hv: Gather DNS information.
- Drivers: hv: kvp: Copy the address family information.
- Tools: hv: Add an example script to retrieve dhcp state.
- Tools: hv: Gather DHCP information.
- Tools: hv: Add an example script to configure an
interface.
- Tools: hv: Implement the KVP verb - KVP_OP_SET_IP_INFO.
- Tools: hv: Rename the function kvp_get_ip_address().
- Tools: hv: Implement the KVP verb - KVP_OP_GET_IP_INFO.
- tools/hv: Fix file handle leak.
- tools/hv: Fix exit() error code.
- tools/hv: Check for read/write errors.
- tools/hv: Parse /etc/os-release.
- hyperv: Fix the max_xfer_size in RNDIS initialization.
- hyperv: Fix the missing return value in
rndis_filter_set_packet_filter().
- hyperv: Fix page buffer handling in
rndis_filter_send_request().
- hyperv: Remove extra allocated space for recv_pkt_list
elements.
- hyperv: Report actual status in receive completion packet.
- hyperv: Add buffer for extended info after the RNDIS
response message.

- rpm/kernel-binary.spec.in: enable Conflicts for apparmor,
udev and lvm2 also for vanilla kernel

- rpm/kernel-binary.spec.in: add Conflicht: hyper-v < 4 to
make sure the daemon is in sync with the kernel
(bnc#770763 , fate#314441)


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2013-94

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.2 (i586 x86_64):

kernel-default-3.4.28-2.20.1
kernel-default-base-3.4.28-2.20.1
kernel-default-base-debuginfo-3.4.28-2.20.1
kernel-default-debuginfo-3.4.28-2.20.1
kernel-default-debugsource-3.4.28-2.20.1
kernel-default-devel-3.4.28-2.20.1
kernel-default-devel-debuginfo-3.4.28-2.20.1
kernel-syms-3.4.28-2.20.1

- openSUSE 12.2 (i686 x86_64):

kernel-debug-3.4.28-2.20.1
kernel-debug-base-3.4.28-2.20.1
kernel-debug-base-debuginfo-3.4.28-2.20.1
kernel-debug-debuginfo-3.4.28-2.20.1
kernel-debug-debugsource-3.4.28-2.20.1
kernel-debug-devel-3.4.28-2.20.1
kernel-debug-devel-debuginfo-3.4.28-2.20.1
kernel-desktop-3.4.28-2.20.1
kernel-desktop-base-3.4.28-2.20.1
kernel-desktop-base-debuginfo-3.4.28-2.20.1
kernel-desktop-debuginfo-3.4.28-2.20.1
kernel-desktop-debugsource-3.4.28-2.20.1
kernel-desktop-devel-3.4.28-2.20.1
kernel-desktop-devel-debuginfo-3.4.28-2.20.1
kernel-ec2-3.4.28-2.20.1
kernel-ec2-base-3.4.28-2.20.1
kernel-ec2-base-debuginfo-3.4.28-2.20.1
kernel-ec2-debuginfo-3.4.28-2.20.1
kernel-ec2-debugsource-3.4.28-2.20.1
kernel-ec2-devel-3.4.28-2.20.1
kernel-ec2-devel-debuginfo-3.4.28-2.20.1
kernel-ec2-extra-3.4.28-2.20.1
kernel-ec2-extra-debuginfo-3.4.28-2.20.1
kernel-trace-3.4.28-2.20.1
kernel-trace-base-3.4.28-2.20.1
kernel-trace-base-debuginfo-3.4.28-2.20.1
kernel-trace-debuginfo-3.4.28-2.20.1
kernel-trace-debugsource-3.4.28-2.20.1
kernel-trace-devel-3.4.28-2.20.1
kernel-trace-devel-debuginfo-3.4.28-2.20.1
kernel-vanilla-3.4.28-2.20.1
kernel-vanilla-debuginfo-3.4.28-2.20.1
kernel-vanilla-debugsource-3.4.28-2.20.1
kernel-vanilla-devel-3.4.28-2.20.1
kernel-vanilla-devel-debuginfo-3.4.28-2.20.1
kernel-xen-3.4.28-2.20.1
kernel-xen-base-3.4.28-2.20.1
kernel-xen-base-debuginfo-3.4.28-2.20.1
kernel-xen-debuginfo-3.4.28-2.20.1
kernel-xen-debugsource-3.4.28-2.20.1
kernel-xen-devel-3.4.28-2.20.1
kernel-xen-devel-debuginfo-3.4.28-2.20.1

- openSUSE 12.2 (noarch):

kernel-devel-3.4.28-2.20.1
kernel-docs-3.4.28-2.20.2
kernel-source-3.4.28-2.20.1
kernel-source-vanilla-3.4.28-2.20.1

- openSUSE 12.2 (i686):

kernel-pae-3.4.28-2.20.1
kernel-pae-base-3.4.28-2.20.1
kernel-pae-base-debuginfo-3.4.28-2.20.1
kernel-pae-debuginfo-3.4.28-2.20.1
kernel-pae-debugsource-3.4.28-2.20.1
kernel-pae-devel-3.4.28-2.20.1
kernel-pae-devel-debuginfo-3.4.28-2.20.1


References:

http://support.novell.com/security/cve/CVE-2012-3520.html
https://bugzilla.novell.com/569991
https://bugzilla.novell.com/770763
https://bugzilla.novell.com/771392
https://bugzilla.novell.com/773831
https://bugzilla.novell.com/774859
https://bugzilla.novell.com/776925
https://bugzilla.novell.com/778630
https://bugzilla.novell.com/780624
https://bugzilla.novell.com/781327
https://bugzilla.novell.com/783615
https://bugzilla.novell.com/783965
https://bugzilla.novell.com/784192
https://bugzilla.novell.com/792500
https://bugzilla.novell.com/793671
https://bugzilla.novell.com/799209


< Previous Next >
This Thread
  • No further messages