https://bugzilla.suse.com/show_bug.cgi?id=1189841 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c2 --- Comment #2 from Jeff Mahoney <jeffm@suse.com> --- The appended scriptlet does come from the kernel. It's not apparent to me why it's done the way it is instead of calling an external script with the list of certificates to enroll. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c4 --- Comment #4 from Michal Suchanek <msuchanek@suse.com> --- In SLE11 scriptlet failure aborted zypper run while now it is just reported in zypper return value - see bug 809617 for the SLE11 behavior -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c6 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.wilck@suse.com Flags| |needinfo?(martin.wilck@suse | |.com) --- Comment #6 from Michal Suchanek <msuchanek@suse.com> --- Martin, are you willing to take the certificate handling or the whole scriptlets into s-m-t? Then we can drop the usrmerge handling patching in scriptlets from the kernel because it will be baked into s-m-t. If we add the scripts to s-m-t a backport will be needed for 4.12 kernel based LTSS as well. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c8 --- Comment #8 from Michal Suchanek <msuchanek@suse.com> --- The versioned dependency is problematic because the version will be different in each servicepack. Specifically, installing Kernel:stable on anything but Tumbleweed will not work because the version will be much lower elsewhere, and installing kernel from newer servicepack on older one also. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c10 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |msuchanek@suse.com Flags| |needinfo?(msuchanek@suse.co | |m) --- Comment #10 from Martin Wilck <martin.wilck@suse.com> --- Ok. Michal, will you prepare a PR for suse-module-tools? -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c12 --- Comment #12 from Michal Suchanek <msuchanek@suse.com> --- Created attachment 852202 --> https://bugzilla.suse.com/attachment.cgi?id=852202&action=edit WIP patch for s-m-t -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c14 --- Comment #14 from Martin Wilck <martin.wilck@suse.com> --- There is no /usr/lib/suse-module-tools, only module-init-tools. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c16 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #852088|0 |1 is obsolete| | Attachment #852202|0 |1 is obsolete| | Attachment #852204|0 |1 is obsolete| | --- Comment #16 from Michal Suchanek <msuchanek@suse.com> --- Created attachment 852264 --> https://bugzilla.suse.com/attachment.cgi?id=852264&action=edit WIP patch for s-m-t -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c18 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #852264|0 |1 is obsolete| | Attachment #852265|0 |1 is obsolete| | --- Comment #18 from Michal Suchanek <msuchanek@suse.com> --- Created attachment 852314 --> https://bugzilla.suse.com/attachment.cgi?id=852314&action=edit patch for s-m-t -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c20 --- Comment #20 from Michal Suchanek <msuchanek@suse.com> --- Created attachment 852316 --> https://bugzilla.suse.com/attachment.cgi?id=852316&action=edit packaging: remove image suffix -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #852317|define certs as macro |packaging: define certs as description| |macro -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c23 --- Comment #23 from Michal Suchanek <msuchanek@suse.com> --- Created attachment 852319 --> https://bugzilla.suse.com/attachment.cgi?id=852319&action=edit packaging: Outsource binary and KMP scriptlets to s-m-t -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c25 --- Comment #25 from Martin Wilck <martin.wilck@suse.com> --- (In reply to Michal Suchanek from comment #16)

Created attachment 852264 [details] WIP patch for s-m-t

I'd prefer to discuss the details on https://github.com/openSUSE/suse-module-tools/pull/33 (Hint: automated OBS builds in https://build.opensuse.org/package/show/home:mwilck:home:mwilck:suse-module-...) -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c27 --- Comment #27 from Michal Suchanek <msuchanek@suse.com> --- (In reply to Martin Wilck from comment #26)

(In reply to Michal Suchanek from comment #23)

...

Created attachment 852319 [details] packaging: Outsource binary and KMP scriptlets to s-m-t

Add the tests for zfcpdump to the scripts in s-m-t, too?

Why? The s-m-t scripts are not called for zfcpdump kernel (it should probably not require them either but whatever). The decision to not call the scripts for zfcpdump kernels is then done in the kernel, and can be adjusted there to different flavors. The configuration that makes the zfcpdump kernel special is in the kernel-source tree so that's the place where the information to decide this is present. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c29 --- Comment #29 from Michal Suchanek <msuchanek@suse.com> --- Pushing the preparatory patches to packaging. The final patch that moves the scriptlets from kernel-source to s-m-t needs a bit more review. We definitely need to pass in %usrmerged because it is possible to install non-usrmerged kernels on usrmerged system (so long as the compatibility symlinks are present - may need to fail the install if not) where s-m-t will be usrmerged so the value may not match between the kernel and s-m-t. There is the question to what scriptlets which parameters should be passed. Curently %usrmerged is used only in main kernel scriptlets but wm2 may need to know about %usrmerged for KMPs in the future. It may be able to infer it from the filelist, too. Currently %variant is passed to kernel scriptlets but is not used in the scripts that made it into s-m-t. Variant ties the binary kernel to the corresponding source package (default - '', debug - '', azure - azure, rt - rt, etc). %image (as well as other kernel-specific parameters) is not used by KMPs and can not generally be available because the kernel may change the %image value without the KMP being aware. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c30 --- Comment #30 from Michal Suchanek <msuchanek@suse.com> --- Kernel scriptlets have these parameters: name, version, release, kernelrelease, flavor, variant, usrmerged, image, certs Eliminated parameters: suffix (removed, only used for vanilla kernel) systemmap (inferred from usrmerged) modules_dir (inferred from usrmerged) The parameters inferred from usrmerged are baked into a number of scripts throughout the distribution so these can be baked in here as well. variant is currently not used in the binary scripts but cannot be inferred - this can be used to tie the binary package to a source package usrmerged is necessary because non-usrmerged kernels should be installable on usrmerged distributions (with usrmerged s-m-t) that have compatibility symlinks (currently all) kernelrelease is non-trivial to infer and the way it is inferred has been updated a number of times recently flavor could be inferred for the base package but not for subpackages like kernel-default-base that share the same script image is hard to infer and needs updating for new architectures certs depends on project configuration name. version, and release was baked into the script by the templating mechanisms and the script was tehn reused by kernel-default-base - this should continue working unchanged For certificate scripts there are two parameters: certs, kmp The code for kmp parameter is # Only apply CA check on the kernel package certs (bsc#1173115) if [ -z "$kmp" ] && mokutil -h | grep -q "ca-check"; then MOK_ARG="--ca-check" Maybe there is a more descriptiev name that could be used? The parameters for KMP scripts are: name, version, release, kernelrelease, flavor, usrmerged These are the only parameters available at KMP build time. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@suse.com -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c37 --- Comment #37 from Michal Suchanek <msuchanek@suse.com> --- s390vsl205:~/:[0]# KERNEL_PACKAGE_SCRIPT_DEBUG=1 zypper in kernel-default-extra-5.3.18-110.1.g47f2a78 dlm-kmp-default-5.3.18-110.1.g47f2a78 hello-kmp-default suse-module-tools Loading repository data... Reading installed packages... Resolving package dependencies... The following 5 NEW packages are going to be installed: dlm-kmp-default-5.3.18-110.1.g47f2a78 hello-kmp-default hello-ueficert kernel-default-5.3.18-110.1.g47f2a78 kernel-default-extra-5.3.18-110.1.g47f2a78 The following package is going to be upgraded: suse-module-tools The following 6 packages have no support information from their vendor: dlm-kmp-default-5.3.18-110.1.g47f2a78 hello-kmp-default hello-ueficert kernel-default-5.3.18-110.1.g47f2a78 kernel-default-extra-5.3.18-110.1.g47f2a78 suse-module-tools The following package requires a system reboot: kernel-default-5.3.18-110.1.g47f2a78 1 package to upgrade, 5 new. Overall download size: 44.3 MiB. Already cached: 57.0 KiB. After the operation, additional 52.8 MiB will be used. Note: System reboot required. Continue? [y/n/v/...? shows all options] (y): In cache suse-module-tools-16.0.9+3-162.1.s390x.rpm (1/6), 57.0 KiB ( 99.0 KiB unpacked) Retrieving package kernel-default-5.3.18-110.1.g47f2a78.s390x (2/6), 31.3 MiB ( 51.5 MiB unpacked) Retrieving: kernel-default-5.3.18-110.1.g47f2a78.s390x.rpm .............................................................[done (54.6 MiB/s)] Retrieving package kernel-default-extra-5.3.18-110.1.g47f2a78.s390x (3/6), 7.1 MiB ( 1.2 MiB unpacked) Retrieving: kernel-default-extra-5.3.18-110.1.g47f2a78.s390x.rpm ....................................................................[done] Retrieving package hello-ueficert-1.0-14.5.s390x (4/6), 8.4 KiB ( 880 B unpacked) Retrieving: hello-ueficert-1.0-14.5.s390x.rpm .......................................................................................[done] Retrieving package dlm-kmp-default-5.3.18-110.1.g47f2a78.s390x (5/6), 5.9 MiB ( 69.1 KiB unpacked) Retrieving: dlm-kmp-default-5.3.18-110.1.g47f2a78.s390x.rpm .........................................................................[done] Retrieving package hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5.s390x (6/6), 10.7 KiB ( 5.6 KiB unpacked) Retrieving: hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5.s390x.rpm ...................................................[done (1.4 KiB/s)] Checking for file conflicts: ........................................................................................................[done] (1/6) Installing: suse-module-tools-16.0.9+3-162.1.s390x ............................................................................[done] (2/6) Installing: kernel-default-5.3.18-110.1.g47f2a78.s390x ........................................................................[done] Additional rpm output: pre name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 cert pre ca-check: 1 certs: 3559CCE2 -- 2 post name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 Triggering purge-kernels wm2 --add-kernel 5.3.18-110.g47f2a78-default dracut: Executing: /usr/bin/dracut -f /boot/initrd-5.3.18-110.g47f2a78-default 5.3.18-110.g47f2a78-default dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: dracut module 'biosdevname' will not be installed, because command 'biosdevname' could not be found! dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: *** Including module: bash *** dracut: *** Including module: systemd *** dracut: *** Including module: systemd-initrd *** dracut: *** Including module: i18n *** dracut: *** Including module: drm *** dracut: *** Including module: plymouth *** dracut: *** Including module: cio_ignore *** dracut: *** Including module: btrfs *** dracut: *** Including module: kernel-modules *** dracut: *** Including module: kernel-modules-extra *** dracut: *** Including module: zipl *** dracut: *** Including module: dasd_mod *** dracut: *** Including module: dasd_rules *** dracut: Skipping udev rule: /etc/udev/rules.d/51-dasd-*.rules dracut: *** Including module: dcssblk *** dracut: *** Including module: resume *** dracut: *** Including module: rootfs-block *** dracut: *** Including module: suse-btrfs *** dracut: *** Including module: suse-xfs *** dracut: *** Including module: terminfo *** dracut: *** Including module: udev-rules *** dracut: Skipping udev rule: 40-redhat.rules dracut: Skipping udev rule: 50-firmware.rules dracut: Skipping udev rule: 50-udev.rules dracut: Skipping udev rule: 91-permissions.rules dracut: Skipping udev rule: 80-drivers-modprobe.rules dracut: *** Including module: zdev *** dracut: *** Including module: dracut-systemd *** dracut: *** Including module: haveged *** dracut: *** Including module: usrmount *** dracut: *** Including module: base *** dracut: *** Including module: fs-lib *** dracut: *** Including module: grub2 *** dracut: *** Including module: shutdown *** dracut: *** Including module: suse *** dracut: *** Including modules done *** dracut: *** Installing kernel module dependencies *** dracut: *** Installing kernel module dependencies done *** dracut: *** Resolving executable dependencies *** dracut: *** Resolving executable dependencies done *** dracut: *** Hardlinking files *** dracut: *** Hardlinking files done *** dracut: *** Stripping files *** dracut: *** Stripping files done *** dracut: *** Generating early-microcode cpio image *** dracut: *** Store current command line parameters *** dracut: Stored kernel commandline: dracut: rd.cio_accept=0.0.0800,0.0.0801,0.0.0802,0.0.0150 dracut: rd.zipl=/dev/disk/by-path/ccw-0.0.0150-part1 dracut: rd.dasd=0.0.0150 dracut: resume=/dev/disk/by-path/ccw-0.0.0150-part2 dracut: root=/dev/disk/by-path/ccw-0.0.0150-part3 rootfstype=btrfs rootflags=rw,relatime,ssd,space_cache,subvolid=266,subvol=/@/.snapshots/1/snapshot,subvol=@/.snapshots/1/snapshot dracut: *** Creating image file '/boot/initrd-5.3.18-110.g47f2a78-default' *** dracut: *** Creating initramfs image file '/boot/initrd-5.3.18-110.g47f2a78-default' done *** cert post ca-check: 1 certs: 3559CCE2 -- 2 (3/6) Installing: kernel-default-extra-5.3.18-110.1.g47f2a78.s390x ..................................................................[done] Additional rpm output: KMP pre name: kernel-default-extra version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 KMP post name: kernel-default-extra version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 wm2 --add-kernel-modules 5.3.18-110.g47f2a78-default (4/6) Installing: hello-ueficert-1.0-14.5.s390x .....................................................................................[done] Additional rpm output: cert pre ca-check: certs: 3559CCE2 -- 1 cert post ca-check: certs: 3559CCE2 -- 1 (5/6) Installing: dlm-kmp-default-5.3.18-110.1.g47f2a78.s390x .......................................................................[done] Additional rpm output: KMP pre name: dlm-kmp-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 KMP post name: dlm-kmp-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 wm2 --add-kernel-modules 5.3.18-110.g47f2a78-default (6/6) Installing: hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5.s390x .............................................................[done] Additional rpm output: KMP pre name: hello-kmp-default version: 1.0_k5.3.18_110.g47f2a78 release: 14.5 kernelrelease: 5.3.18-110.g47f2a78 flavor: default usrmerged: 0 -- 1 KMP post name: hello-kmp-default version: 1.0_k5.3.18_110.g47f2a78 release: 14.5 kernelrelease: 5.3.18-110.g47f2a78 flavor: default usrmerged: 0 -- 1 wm2 --add-kmp hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5 Executing %posttrans script 'kernel-default-5.3.18-110.1.g47f2a78.s390x.rpm' ....<16%>==================================================[/] Output of kernel-default-5.3.18-110.1.g47f2a78.s390x.rpm %posttrans script: posttrans name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 Executing %posttrans script 'kernel-default-extra-5.3.18-110.1.g47f2a78.s390x.rpm' ............<33%>====================================[-] Output of kernel-default-extra-5.3.18-110.1.g47f2a78.s390x.rpm %posttrans script: KMP posttrans name: kernel-default-extra version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 dracut: Executing: /usr/bin/dracut --kver=5.3.18-108.gdd7ca9f-default -f dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: dracut module 'biosdevname' will not be installed, because command 'biosdevname' could not be found! dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: *** Including module: bash *** dracut: *** Including module: systemd *** dracut: *** Including module: systemd-initrd *** dracut: *** Including module: i18n *** dracut: *** Including module: drm *** dracut: *** Including module: plymouth *** dracut: *** Including module: cio_ignore *** dracut: *** Including module: btrfs *** dracut: *** Including module: kernel-modules *** dracut: *** Including module: kernel-modules-extra *** dracut: *** Including module: zipl *** dracut: *** Including module: dasd_mod *** dracut: *** Including module: dasd_rules *** dracut: Skipping udev rule: /etc/udev/rules.d/51-dasd-*.rules dracut: *** Including module: dcssblk *** dracut: *** Including module: resume *** dracut: *** Including module: rootfs-block *** dracut: *** Including module: suse-btrfs *** dracut: *** Including module: suse-xfs *** dracut: *** Including module: terminfo *** dracut: *** Including module: udev-rules *** dracut: Skipping udev rule: 40-redhat.rules dracut: Skipping udev rule: 50-firmware.rules dracut: Skipping udev rule: 50-udev.rules dracut: Skipping udev rule: 91-permissions.rules dracut: Skipping udev rule: 80-drivers-modprobe.rules dracut: *** Including module: zdev *** dracut: *** Including module: dracut-systemd *** dracut: *** Including module: haveged *** dracut: *** Including module: usrmount *** dracut: *** Including module: base *** dracut: *** Including module: fs-lib *** dracut: *** Including module: grub2 *** dracut: *** Including module: shutdown *** dracut: *** Including module: suse *** dracut: *** Including modules done *** dracut: *** Installing kernel module dependencies *** dracut: *** Installing kernel module dependencies done *** dracut: *** Resolving executable dependencies *** dracut: *** Resolving executable dependencies done *** dracut: *** Hardlinking files *** dracut: *** Hardlinking files done *** dracut: *** Stripping files *** dracut: *** Stripping files done *** dracut: *** Generating early-microcode cpio image *** dracut: *** Store current command line parameters *** dracut: Stored kernel commandline: dracut: rd.cio_accept=0.0.0800,0.0.0801,0.0.0802,0.0.0150 dracut: rd.zipl=/dev/disk/by-path/ccw-0.0.0150-part1 dracut: rd.dasd=0.0.0150 dracut: resume=/dev/disk/by-path/ccw-0.0.0150-part2 dracut: root=/dev/disk/by-path/ccw-0.0.0150-part3 rootfstype=btrfs rootflags=rw,relatime,ssd,space_cache,subvolid=266,subvol=/@/.snapshots/1/snapshot,subvol=@/.snapshots/1/snapshot dracut: *** Creating image file '/boot/initrd-5.3.18-108.gdd7ca9f-default' *** dracut: *** Creating initramfs image file '/boot/initrd-5.3.18-108.gdd7ca9f-default' done *** dracut: Executing: /usr/bin/dracut --kver=5.3.18-110.g47f2a78-default -f dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: dracut module 'biosdevname' will not be installed, because command 'biosdevname' could not be found! dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: *** Including module: bash *** dracut: *** Including module: systemd *** dracut: *** Including module: systemd-initrd *** dracut: *** Including module: i18n *** dracut: *** Including module: drm *** dracut: *** Including module: plymouth *** dracut: *** Including module: cio_ignore *** dracut: *** Including module: btrfs *** dracut: *** Including module: kernel-modules *** dracut: *** Including module: kernel-modules-extra *** dracut: *** Including module: zipl *** dracut: *** Including module: dasd_mod *** dracut: *** Including module: dasd_rules *** dracut: Skipping udev rule: /etc/udev/rules.d/51-dasd-*.rules dracut: *** Including module: dcssblk *** dracut: *** Including module: resume *** dracut: *** Including module: rootfs-block *** dracut: *** Including module: suse-btrfs *** dracut: *** Including module: suse-xfs *** dracut: *** Including module: terminfo *** dracut: *** Including module: udev-rules *** dracut: Skipping udev rule: 40-redhat.rules dracut: Skipping udev rule: 50-firmware.rules dracut: Skipping udev rule: 50-udev.rules dracut: Skipping udev rule: 91-permissions.rules dracut: Skipping udev rule: 80-drivers-modprobe.rules dracut: *** Including module: zdev *** dracut: *** Including module: dracut-systemd *** dracut: *** Including module: haveged *** dracut: *** Including module: usrmount *** dracut: *** Including module: base *** dracut: *** Including module: fs-lib *** dracut: *** Including module: grub2 *** dracut: *** Including module: shutdown *** dracut: *** Including module: suse *** dracut: *** Including modules done *** dracut: *** Installing kernel module dependencies *** dracut: *** Installing kernel module dependencies done *** dracut: *** Resolving executable dependencies *** dracut: *** Resolving executable dependencies done *** dracut: *** Hardlinking files *** dracut: *** Hardlinking files done *** dracut: *** Stripping files *** dracut: *** Stripping files done *** dracut: *** Generating early-microcode cpio image *** dracut: *** Store current command line parameters *** dracut: Stored kernel commandline: dracut: rd.cio_accept=0.0.0800,0.0.0801,0.0.0802,0.0.0150 dracut: rd.zipl=/dev/disk/by-path/ccw-0.0.0150-part1 dracut: rd.dasd=0.0.0150 dracut: resume=/dev/disk/by-path/ccw-0.0.0150-part2 dracut: root=/dev/disk/by-path/ccw-0.0.0150-part3 rootfstype=btrfs rootflags=rw,relatime,ssd,space_cache,subvolid=266,subvol=/@/.snapshots/1/snapshot,subvol=@/.snapshots/1/snapshot dracut: *** Creating image file '/boot/initrd-5.3.18-110.g47f2a78-default' *** dracut: *** Creating initramfs image file '/boot/initrd-5.3.18-110.g47f2a78-default' done *** dracut: Executing: /usr/bin/dracut --kver=5.3.18-22-default -f dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: dracut module 'biosdevname' will not be installed, because command 'biosdevname' could not be found! dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: *** Including module: bash *** dracut: *** Including module: systemd *** dracut: *** Including module: systemd-initrd *** dracut: *** Including module: i18n *** dracut: *** Including module: drm *** dracut: *** Including module: plymouth *** dracut: *** Including module: cio_ignore *** dracut: *** Including module: btrfs *** dracut: *** Including module: kernel-modules *** dracut: *** Including module: kernel-modules-extra *** dracut: *** Including module: zipl *** dracut: *** Including module: dasd_mod *** dracut: *** Including module: dasd_rules *** dracut: Skipping udev rule: /etc/udev/rules.d/51-dasd-*.rules dracut: *** Including module: dcssblk *** dracut: *** Including module: resume *** dracut: *** Including module: rootfs-block *** dracut: *** Including module: suse-btrfs *** dracut: *** Including module: suse-xfs *** dracut: *** Including module: terminfo *** dracut: *** Including module: udev-rules *** dracut: Skipping udev rule: 40-redhat.rules dracut: Skipping udev rule: 50-firmware.rules dracut: Skipping udev rule: 50-udev.rules dracut: Skipping udev rule: 91-permissions.rules dracut: Skipping udev rule: 80-drivers-modprobe.rules dracut: *** Including module: zdev *** dracut: *** Including module: dracut-systemd *** dracut: *** Including module: haveged *** dracut: *** Including module: usrmount *** dracut: *** Including module: base *** dracut: *** Including module: fs-lib *** dracut: *** Including module: grub2 *** dracut: *** Including module: shutdown *** dracut: *** Including module: suse *** dracut: *** Including modules done *** dracut: *** Installing kernel module dependencies *** dracut: *** Installing kernel module dependencies done *** dracut: *** Resolving executable dependencies *** dracut: *** Resolving executable dependencies done *** dracut: *** Hardlinking files *** dracut: *** Hardlinking files done *** dracut: *** Stripping files *** dracut: *** Stripping files done *** dracut: *** Generating early-microcode cpio image *** dracut: *** Store current command line parameters *** dracut: Stored kernel commandline: dracut: rd.cio_accept=0.0.0800,0.0.0801,0.0.0802,0.0.0150 dracut: rd.zipl=/dev/disk/by-path/ccw-0.0.0150-part1 dracut: rd.dasd=0.0.0150 dracut: resume=/dev/disk/by-path/ccw-0.0.0150-part2 dracut: root=/dev/disk/by-path/ccw-0.0.0150-part3 rootfstype=btrfs rootflags=rw,relatime,ssd,space_cache,subvolid=266,subvol=/@/.snapshots/1/snapshot,subvol=@/.snapshots/1/snapshot dracut: *** Creating image file '/boot/initrd-5.3.18-22-default' *** dracut: *** Creating initramfs image file '/boot/initrd-5.3.18-22-default' done *** Executing %posttrans script 'hello-ueficert-1.0-14.5.s390x.rpm' ...............................<50%>====================================[\] Output of hello-ueficert-1.0-14.5.s390x.rpm %posttrans script: cert posttrans ca-check: certs: 3559CCE2 -- 1 Executing %posttrans script 'dlm-kmp-default-5.3.18-110.1.g47f2a78.s390x.rpm' .................................<66%>====================[|] Output of dlm-kmp-default-5.3.18-110.1.g47f2a78.s390x.rpm %posttrans script: KMP posttrans name: dlm-kmp-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 Executing %posttrans script 'hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5.s390x.rpm' ..................................<83%>=========[/] Output of hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5.s390x.rpm %posttrans script: KMP posttrans name: hello-kmp-default version: 1.0_k5.3.18_110.g47f2a78 release: 14.5 kernelrelease: 5.3.18-110.g47f2a78 flavor: default usrmerged: 0 -- 1 Executing %posttrans scripts ........................................................................................................[done] Core libraries or services have been updated. Reboot is required to ensure that your system benefits from these updates. s390vsl205:~/:[0]# KERNEL_PACKAGE_SCRIPT_DEBUG=1 zypper rm -u kernel-default-5.3.18-110.1.g47f2a78 hello-kmp-default Reading installed packages... Resolving package dependencies... The following 5 packages are going to be REMOVED: dlm-kmp-default-5.3.18-110.1.g47f2a78 hello-kmp-default hello-ueficert kernel-default-5.3.18-110.1.g47f2a78 kernel-default-extra-5.3.18-110.1.g47f2a78 5 packages to remove. After the operation, 52.8 MiB will be freed. Continue? [y/n/v/...? shows all options] (y): (1/5) Removing dlm-kmp-default-5.3.18-110.1.g47f2a78.s390x ..........................................................................[done] Additional rpm output: KMP preun name: dlm-kmp-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 KMP postun name: dlm-kmp-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 (2/5) Removing hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5.s390x ................................................................[done] Additional rpm output: KMP preun name: hello-kmp-default version: 1.0_k5.3.18_110.g47f2a78 release: 14.5 kernelrelease: 5.3.18-110.g47f2a78 flavor: default usrmerged: 0 -- 0 KMP postun name: hello-kmp-default version: 1.0_k5.3.18_110.g47f2a78 release: 14.5 kernelrelease: 5.3.18-110.g47f2a78 flavor: default usrmerged: 0 -- 0 wm2 --remove-kmp hello-kmp-default-1.0_k5.3.18_110.g47f2a78-14.5 (3/5) Removing kernel-default-extra-5.3.18-110.1.g47f2a78.s390x .....................................................................[done] Additional rpm output: KMP preun name: kernel-default-extra version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 KMP postun name: kernel-default-extra version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 (4/5) Removing hello-ueficert-1.0-14.5.s390x ........................................................................................[done] Additional rpm output: cert preun ca-check: certs: 3559CCE2 -- 0 cert postun ca-check: certs: 3559CCE2 -- 0 (5/5) Removing kernel-default-5.3.18-110.1.g47f2a78.s390x ...........................................................................[done] Additional rpm output: preun name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 cert preun ca-check: 1 certs: 3559CCE2 -- 1 postun name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 Disarming purge-kernels wm2 --remove-kernel 5.3.18-110.g47f2a78-default cert postun ca-check: 1 certs: 3559CCE2 -- 1 Core libraries or services have been updated. Reboot is required to ensure that your system benefits from these updates. s390vsl205:~/:[0]# KERNEL_PACKAGE_SCRIPT_DEBUG=1 zypper in kernel-default-base Loading repository data... Reading installed packages... 'kernel-default-base' is already installed. There is an update candidate for 'kernel-default-base' from vendor 'obs://build.suse.de/home:michals:kernel-test-15', while the current vendor is 'SUSE LLC <https://www.suse.com/>'. Use 'zypper install kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x' to install this candidate. Resolving package dependencies... Nothing to do. s390vsl205:~/:[0]# KERNEL_PACKAGE_SCRIPT_DEBUG=1 zypper in kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x Loading repository data... Reading installed packages... Resolving package dependencies... The following NEW package is going to be installed: kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2 The following package has no support information from its vendor: kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2 The following package requires a system reboot: kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2 1 new package to install. Overall download size: 19.0 MiB. Already cached: 0 B. After the operation, additional 45.3 MiB will be used. Note: System reboot required. Continue? [y/n/v/...? shows all options] (y): Retrieving package kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x (1/1), 19.0 MiB ( 45.3 MiB unpacked) Retrieving: kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x.rpm .............................................................[done] Checking for file conflicts: ........................................................................................................[done] (1/1) Installing: kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x ...........................................................[done] Additional rpm output: pre name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 cert pre ca-check: 1 certs: 3559CCE2 -- 2 post name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 Triggering purge-kernels wm2 --add-kernel 5.3.18-110.g47f2a78-default dracut: Executing: /usr/bin/dracut -f /boot/initrd-5.3.18-110.g47f2a78-default 5.3.18-110.g47f2a78-default dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: dracut module 'biosdevname' will not be installed, because command 'biosdevname' could not be found! dracut: dracut module 'dmraid' will not be installed, because command 'dmraid' could not be found! dracut: dracut module 'dmsquash-live-ntfs' will not be installed, because command 'ntfs-3g' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsi-iname' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsiadm' could not be found! dracut: dracut module 'iscsi' will not be installed, because command 'iscsid' could not be found! dracut: *** Including module: bash *** dracut: *** Including module: systemd *** dracut: *** Including module: systemd-initrd *** dracut: *** Including module: i18n *** dracut: *** Including module: drm *** dracut: *** Including module: plymouth *** dracut: *** Including module: cio_ignore *** dracut: *** Including module: btrfs *** dracut: *** Including module: kernel-modules *** dracut: *** Including module: kernel-modules-extra *** dracut: *** Including module: zipl *** dracut: *** Including module: dasd_mod *** dracut: *** Including module: dasd_rules *** dracut: Skipping udev rule: /etc/udev/rules.d/51-dasd-*.rules dracut: *** Including module: dcssblk *** dracut: *** Including module: resume *** dracut: *** Including module: rootfs-block *** dracut: *** Including module: suse-btrfs *** dracut: *** Including module: suse-xfs *** dracut: *** Including module: terminfo *** dracut: *** Including module: udev-rules *** dracut: Skipping udev rule: 40-redhat.rules dracut: Skipping udev rule: 50-firmware.rules dracut: Skipping udev rule: 50-udev.rules dracut: Skipping udev rule: 91-permissions.rules dracut: Skipping udev rule: 80-drivers-modprobe.rules dracut: *** Including module: zdev *** dracut: *** Including module: dracut-systemd *** dracut: *** Including module: haveged *** dracut: *** Including module: usrmount *** dracut: *** Including module: base *** dracut: *** Including module: fs-lib *** dracut: *** Including module: grub2 *** dracut: *** Including module: shutdown *** dracut: *** Including module: suse *** dracut: *** Including modules done *** dracut: *** Installing kernel module dependencies *** dracut: *** Installing kernel module dependencies done *** dracut: *** Resolving executable dependencies *** dracut: *** Resolving executable dependencies done *** dracut: *** Hardlinking files *** dracut: *** Hardlinking files done *** dracut: *** Stripping files *** dracut: *** Stripping files done *** dracut: *** Generating early-microcode cpio image *** dracut: *** Store current command line parameters *** dracut: Stored kernel commandline: dracut: rd.cio_accept=0.0.0800,0.0.0801,0.0.0802,0.0.0150 dracut: rd.zipl=/dev/disk/by-path/ccw-0.0.0150-part1 dracut: rd.dasd=0.0.0150 dracut: resume=/dev/disk/by-path/ccw-0.0.0150-part2 dracut: root=/dev/disk/by-path/ccw-0.0.0150-part3 rootfstype=btrfs rootflags=rw,relatime,ssd,space_cache,subvolid=266,subvol=/@/.snapshots/1/snapshot,subvol=@/.snapshots/1/snapshot dracut: *** Creating image file '/boot/initrd-5.3.18-110.g47f2a78-default' *** dracut: *** Creating initramfs image file '/boot/initrd-5.3.18-110.g47f2a78-default' done *** cert post ca-check: 1 certs: 3559CCE2 -- 2 Executing %posttrans script 'kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x.rpm' ----------------------------------------------[/] Output of kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x.rpm %posttrans script: posttrans name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 2 Executing %posttrans scripts ........................................................................................................[done] s390vsl205:~/:[0]# KERNEL_PACKAGE_SCRIPT_DEBUG=1 zypper rm -u kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x Reading installed packages... Resolving package dependencies... The following package is going to be REMOVED: kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2 1 package to remove. After the operation, 45.3 MiB will be freed. Continue? [y/n/v/...? shows all options] (y): (1/1) Removing kernel-default-base-5.3.18-110.1.g47f2a78.18.12.2.s390x ..............................................................[done] Additional rpm output: preun name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 cert preun ca-check: 1 certs: 3559CCE2 -- 1 postun name: kernel-default version: 5.3.18 release: 110.1.g47f2a78 kernelrelease: 5.3.18-110.g47f2a78 flavor: default variant: usrmerged: 0 image: image certs: 3559CCE2 -- 1 Disarming purge-kernels wm2 --remove-kernel 5.3.18-110.g47f2a78-default cert postun ca-check: 1 certs: 3559CCE2 -- 1 Core libraries or services have been updated. Reboot is required to ensure that your system benefits from these updates. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c46 --- Comment #46 from Swamp Workflow Management <swamp@suse.de> --- # maintenance_jira_update_notice SUSE-SU-2021:3177-1: An update that solves 16 vulnerabilities and has 98 fixes is now available. Category: security (important) Bug References: 1040364,1127650,1135481,1152489,1160010,1167032,1168202,1174969,1175052,1175543,1177399,1180141,1180347,1181148,1181972,1184114,1184180,1185675,1185902,1186264,1186731,1187211,1187455,1187468,1187619,1188067,1188172,1188418,1188439,1188616,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189229,1189262,1189291,1189292,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189399,1189400,1189427,1189449,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189832,1189841,1189870,1189883,1190025,1190115,1190117,1190131,1190181 CVE References: CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38207 JIRA References: Sources used: SUSE MicroOS 5.0 (src): kernel-rt-5.3.18-51.2 SUSE Linux Enterprise Module for Realtime 15-SP2 (src): kernel-rt-5.3.18-51.2, kernel-rt_debug-5.3.18-51.2, kernel-source-rt-5.3.18-51.1, kernel-syms-rt-5.3.18-51.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c48 --- Comment #48 from Swamp Workflow Management <swamp@suse.de> --- # maintenance_jira_update_notice openSUSE-SU-2021:3179-1: An update that solves 20 vulnerabilities and has 107 fixes is now available. Category: security (important) Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189696,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,119041 2,1190413,1190428 CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209 JIRA References: Sources used: openSUSE Leap 15.3 (src): kernel-azure-5.3.18-38.22.2, kernel-source-azure-5.3.18-38.22.1, kernel-syms-azure-5.3.18-38.22.1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c52 --- Comment #52 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3205-1: An update that solves 20 vulnerabilities and has 106 fixes is now available. Category: security (important) Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,119041 3,1190428 CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP3 (src): kernel-default-5.3.18-59.24.1, kernel-preempt-5.3.18-59.24.1 SUSE Linux Enterprise Module for Live Patching 15-SP3 (src): kernel-default-5.3.18-59.24.1, kernel-livepatch-SLE15-SP3_Update_6-1-7.5.1 SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src): kernel-default-5.3.18-59.24.1 SUSE Linux Enterprise Module for Development Tools 15-SP3 (src): kernel-docs-5.3.18-59.24.1, kernel-obs-build-5.3.18-59.24.1, kernel-preempt-5.3.18-59.24.1, kernel-source-5.3.18-59.24.1, kernel-syms-5.3.18-59.24.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): kernel-64kb-5.3.18-59.24.1, kernel-default-5.3.18-59.24.1, kernel-default-base-5.3.18-59.24.1.18.12.1, kernel-preempt-5.3.18-59.24.1, kernel-source-5.3.18-59.24.1, kernel-zfcpdump-5.3.18-59.24.1 SUSE Linux Enterprise High Availability 15-SP3 (src): kernel-default-5.3.18-59.24.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c54 --- Comment #54 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3207-1: An update that solves 16 vulnerabilities and has 98 fixes is now available. Category: security (important) Bug References: 1040364,1127650,1135481,1152489,1160010,1167032,1168202,1174969,1175052,1175543,1177399,1180141,1180347,1181148,1181972,1184114,1184180,1185675,1185902,1186264,1186731,1187211,1187455,1187468,1187619,1188067,1188172,1188418,1188439,1188616,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189229,1189262,1189291,1189292,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189399,1189400,1189427,1189449,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189832,1189841,1189870,1189883,1190025,1190115,1190117,1190131,1190181 CVE References: CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38207 JIRA References: Sources used: SUSE MicroOS 5.0 (src): kernel-default-5.3.18-24.83.2, kernel-default-base-5.3.18-24.83.2.9.38.3 SUSE Linux Enterprise Workstation Extension 15-SP2 (src): kernel-default-5.3.18-24.83.2, kernel-preempt-5.3.18-24.83.2 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-24.83.2, kernel-livepatch-SLE15-SP2_Update_19-1-5.3.4 SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src): kernel-default-5.3.18-24.83.2 SUSE Linux Enterprise Module for Development Tools 15-SP2 (src): kernel-docs-5.3.18-24.83.2, kernel-obs-build-5.3.18-24.83.2, kernel-preempt-5.3.18-24.83.2, kernel-source-5.3.18-24.83.1, kernel-syms-5.3.18-24.83.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): kernel-default-5.3.18-24.83.2, kernel-default-base-5.3.18-24.83.2.9.38.3, kernel-preempt-5.3.18-24.83.2, kernel-source-5.3.18-24.83.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-24.83.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c57 --- Comment #57 from Martin Wilck <martin.wilck@suse.com> --- I've pushed the related changes to suse-module-tools now: SLE-15-SP3: MR 255494 SLE-15-SP2: MR 255495 SLE-15-SP4: SR 255496 Once these are released, the reverts of Michal's patch can be re-reverted: * SLE15-SP2/3: 7d435688cfe6 ("Revert "rpm: Abolish scritplet templating (bsc#1189841)." (bsc#1190598)") * SLE15-SP4: eebdae782118 ("Revert "rpm: Abolish scritplet templating (bsc#1189841)."") NOTE TO MAINTENANCE / QA: These changes fundamentally change the way how kernel installation and update works. This will be enabled by re-reverting the above mentioned revert commits. Once these re-reverts have happened, special attention in QA for the kernel update will be required, in particular for SLED and Leap with the -extra and -optional packages (I suppose if something goes wrong in SLE it will be detected anyway). It'd be good to explicitly test installation / update of some of the "KMPs" shipped with kernel-source as well. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c60 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(msuchanek@suse.co | |m) --- Comment #60 from Martin Wilck <martin.wilck@suse.com> --- Michal, your new scripts cause mokutil to be called not only for the -ueficert package, but also for oridnary kernel packages (rpm-script calls cert-script). This causes errors on non-UEFI systems:

post name: kernel-default version: 5.3.18 release: 21.1.gafe7c6c kernelrelease: 5.3.18-21.gafe7c6c flavor: default variant: usrmerged: 0 image: vmlinuz certs: 1245A689 -- 2 Triggering purge-kernels wm2 --add-kernel 5.3.18-21.gafe7c6c-default cert post ca-check: 1 certs: 1245A689 -- 2 EFI variables are not supported on this system mokutil --import /etc/uefi/certs/1245A689.crt --root-pw EFI variables are not supported on this system Failed to import /etc/uefi/certs/1245A689.crt warning: %post(kernel-default-5.3.18-21.1.gafe7c6c.x86_64) scriptlet failed, exit status 1

I suggest adding something like this to cert-script:

if ! mokutil --sb-state 2>/dev/null; then exit 0 fi

mokutil --sb-state succeeds on uefi systems (with and without SB) whereas it fails on BIOS systems. Ok? -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c62 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(msuchanek@suse.co | |m) | --- Comment #62 from Michal Suchanek <msuchanek@suse.com> --- (In reply to Martin Wilck from comment #60)

Michal, your new scripts cause mokutil to be called not only for the -ueficert package, but also for oridnary kernel packages (rpm-script calls cert-script).

Yes, that's expected. The ueficert script was appended to the rpm script (when there were any signing certificates) but due to the error handling the rpm script would exit before the ueficert script so it would not get executed which is this bug.

I suggest adding something like this to cert-script:

...

if ! mokutil --sb-state 2>/dev/null; then exit 0 fi

mokutil --sb-state succeeds on uefi systems (with and without SB) whereas it fails on BIOS systems.

Ok?

This sounds OK. Maybe also separate bug should be filed to track this. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c64 --- Comment #64 from Martin Wilck <martin.wilck@suse.com> --- Typo. bug 1191260 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c73 --- Comment #73 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3338-1: An update that solves 6 vulnerabilities and has 54 fixes is now available. Category: security (important) Bug References: 1065729,1148868,1152489,1154353,1159886,1167773,1170774,1171688,1173746,1174003,1176447,1176940,1177028,1178134,1184439,1184804,1185302,1185550,1185677,1185726,1185762,1187211,1188067,1188418,1188651,1188986,1189257,1189297,1189841,1189884,1190023,1190062,1190115,1190138,1190159,1190358,1190406,1190432,1190467,1190523,1190534,1190543,1190544,1190561,1190576,1190595,1190596,1190598,1190620,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191292 CVE References: CVE-2020-3702,CVE-2021-3669,CVE-2021-3744,CVE-2021-3752,CVE-2021-3764,CVE-2021-40490 JIRA References: Sources used: SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src): kernel-azure-5.3.18-38.25.2, kernel-source-azure-5.3.18-38.25.2, kernel-syms-azure-5.3.18-38.25.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c75 --- Comment #75 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3339-1: An update that solves 6 vulnerabilities and has 44 fixes is now available. Category: security (important) Bug References: 1065729,1148868,1152489,1154353,1159886,1167773,1170774,1173746,1176940,1184439,1184804,1185302,1185677,1185726,1185762,1187167,1188067,1188651,1188986,1189297,1189841,1189884,1190023,1190062,1190115,1190159,1190358,1190406,1190432,1190467,1190523,1190534,1190543,1190576,1190595,1190596,1190598,1190620,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191240,1191292 CVE References: CVE-2020-3702,CVE-2021-3669,CVE-2021-3744,CVE-2021-3752,CVE-2021-3764,CVE-2021-40490 JIRA References: Sources used: SUSE MicroOS 5.0 (src): kernel-rt-5.3.18-54.1 SUSE Linux Enterprise Module for Realtime 15-SP2 (src): kernel-rt-5.3.18-54.1, kernel-rt_debug-5.3.18-54.1, kernel-source-rt-5.3.18-54.1, kernel-syms-rt-5.3.18-54.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1191480 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c77 --- Comment #77 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2021:3387-1: An update that solves 7 vulnerabilities and has 53 fixes is now available. Category: security (important) Bug References: 1065729,1148868,1152489,1154353,1159886,1167773,1170774,1171688,1173746,1174003,1176447,1176940,1177028,1178134,1184439,1184804,1185302,1185550,1185677,1185726,1185762,1187211,1188067,1188418,1188651,1188986,1189257,1189297,1189841,1189884,1190023,1190062,1190115,1190138,1190159,1190358,1190406,1190432,1190467,1190523,1190534,1190543,1190544,1190561,1190576,1190595,1190596,1190598,1190620,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191292 CVE References: CVE-2020-3702,CVE-2021-3669,CVE-2021-3744,CVE-2021-3752,CVE-2021-3759,CVE-2021-3764,CVE-2021-40490 JIRA References: Sources used: openSUSE Leap 15.3 (src): dtb-aarch64-5.3.18-59.27.1, kernel-64kb-5.3.18-59.27.1, kernel-debug-5.3.18-59.27.1, kernel-default-5.3.18-59.27.1, kernel-default-base-5.3.18-59.27.1.18.15.1, kernel-docs-5.3.18-59.27.1, kernel-kvmsmall-5.3.18-59.27.1, kernel-obs-build-5.3.18-59.27.1, kernel-obs-qa-5.3.18-59.27.1, kernel-preempt-5.3.18-59.27.1, kernel-source-5.3.18-59.27.1, kernel-syms-5.3.18-59.27.1, kernel-zfcpdump-5.3.18-59.27.1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c79 --- Comment #79 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3205-2: An update that solves 20 vulnerabilities and has 106 fixes is now available. Category: security (important) Bug References: 1040364,1127650,1135481,1152489,1160010,1168202,1171420,1174969,1175052,1175543,1177399,1180100,1180141,1180347,1181006,1181148,1181972,1184180,1185902,1186264,1186731,1187211,1187455,1187468,1187483,1187619,1187959,1188067,1188172,1188231,1188270,1188412,1188418,1188616,1188700,1188780,1188781,1188782,1188783,1188784,1188786,1188787,1188788,1188790,1188878,1188885,1188924,1188982,1188983,1188985,1189021,1189057,1189077,1189153,1189197,1189209,1189210,1189212,1189213,1189214,1189215,1189216,1189217,1189218,1189219,1189220,1189221,1189222,1189225,1189229,1189233,1189262,1189291,1189292,1189296,1189298,1189301,1189305,1189323,1189384,1189385,1189392,1189393,1189399,1189400,1189427,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1190022,1190025,1190115,1190117,1190412,119041 3,1190428 CVE References: CVE-2020-12770,CVE-2021-34556,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3656,CVE-2021-3679,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3753,CVE-2021-3759,CVE-2021-38160,CVE-2021-38166,CVE-2021-38198,CVE-2021-38204,CVE-2021-38205,CVE-2021-38206,CVE-2021-38207,CVE-2021-38209 JIRA References: Sources used: SUSE MicroOS 5.1 (src): kernel-default-5.3.18-59.24.1, kernel-default-base-5.3.18-59.24.1.18.12.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c81 --- Comment #81 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2021:3412-1: An update that has two recommended fixes can now be installed. Category: recommended (important) Bug References: 1189841,1190598 CVE References: JIRA References: Sources used: SUSE MicroOS 5.0 (src): suse-module-tools-15.2.13-4.6.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): suse-module-tools-15.2.13-4.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c83 --- Comment #83 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3415-1: An update that solves 18 vulnerabilities and has 119 fixes is now available. Category: security (important) Bug References: 1065729,1124431,1127650,1135481,1148868,1152489,1154353,1159886,1167032,1167773,1168202,1170774,1171420,1171688,1173746,1174003,1175543,1176447,1176940,1177028,1177399,1178134,1180141,1180347,1181006,1181972,1184114,1184439,1184611,1184804,1185302,1185550,1185675,1185677,1185726,1185762,1185898,1187211,1187455,1187591,1187619,1188067,1188172,1188270,1188412,1188418,1188439,1188616,1188651,1188694,1188700,1188878,1188924,1188983,1188985,1188986,1189153,1189225,1189257,1189262,1189297,1189301,1189399,1189400,1189503,1189504,1189505,1189506,1189507,1189562,1189563,1189564,1189565,1189566,1189567,1189568,1189569,1189573,1189574,1189575,1189576,1189577,1189579,1189581,1189582,1189583,1189585,1189586,1189587,1189696,1189706,1189760,1189762,1189832,1189841,1189870,1189872,1189883,1189884,1190022,1190023,1190025,1190062,1190115,1190117,1190131,1190138,1190159,1190181,1190358,1190406,1190412,1190413,1190428,1190467,1190523,1190534,1190543,1190544,1190561,1190576,1190595,1190596,1190598,119062 0,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191292,859220 CVE References: CVE-2020-12770,CVE-2020-3702,CVE-2021-34556,CVE-2021-35477,CVE-2021-3653,CVE-2021-3656,CVE-2021-3669,CVE-2021-3732,CVE-2021-3739,CVE-2021-3743,CVE-2021-3744,CVE-2021-3752,CVE-2021-3753,CVE-2021-3759,CVE-2021-3764,CVE-2021-38160,CVE-2021-38198,CVE-2021-40490 JIRA References: Sources used: SUSE MicroOS 5.1 (src): kernel-rt-5.3.18-57.1 SUSE Linux Enterprise Module for Realtime 15-SP3 (src): kernel-rt-5.3.18-57.1, kernel-rt_debug-5.3.18-57.1, kernel-source-rt-5.3.18-57.1, kernel-syms-rt-5.3.18-57.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c85 --- Comment #85 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2021:3447-1: An update that solves 6 vulnerabilities and has 44 fixes is now available. Category: security (important) Bug References: 1065729,1148868,1152489,1154353,1159886,1167773,1170774,1173746,1176940,1184439,1184804,1185302,1185677,1185726,1185762,1187167,1188067,1188651,1188986,1189297,1189841,1189884,1190023,1190062,1190115,1190159,1190358,1190406,1190432,1190467,1190523,1190534,1190543,1190576,1190595,1190596,1190598,1190620,1190626,1190679,1190705,1190717,1190746,1190758,1190784,1190785,1191172,1191193,1191240,1191292 CVE References: CVE-2020-3702,CVE-2021-3669,CVE-2021-3744,CVE-2021-3752,CVE-2021-3764,CVE-2021-40490 JIRA References: Sources used: openSUSE Leap 15.3 (src): kmod-25-6.10.1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c87 --- Comment #87 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2021:1368-1: An update that has two recommended fixes can now be installed. Category: recommended (important) Bug References: 1189841,1190598 CVE References: JIRA References: Sources used: openSUSE Leap 15.2 (src): suse-module-tools-15.2.13-lp152.5.6.1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c92 --- Comment #92 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2021:1460-1: An update that solves 15 vulnerabilities and has 40 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1100416,1129735,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176940,1184673,1185762,1186109,1187167,1188563,1188876,1188983,1188985,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190941,1191229,1191238,1191241,1191315,1191317,1191343,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191731,1191800,1191934,1191958,1192036,1192040,1192041,1192107,1192145,1192267 CVE References: CVE-2018-13405,CVE-2021-33033,CVE-2021-34556,CVE-2021-3542,CVE-2021-35477,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 JIRA References: Sources used: openSUSE Leap 15.2 (src): kernel-debug-5.3.18-lp152.98.1, kernel-default-5.3.18-lp152.98.1, kernel-default-base-5.3.18-lp152.98.1.lp152.8.46.1, kernel-docs-5.3.18-lp152.98.1, kernel-kvmsmall-5.3.18-lp152.98.1, kernel-obs-build-5.3.18-lp152.98.1, kernel-obs-qa-5.3.18-lp152.98.1, kernel-preempt-5.3.18-lp152.98.1, kernel-source-5.3.18-lp152.98.1, kernel-syms-5.3.18-lp152.98.1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c94 --- Comment #94 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3641-1: An update that solves 13 vulnerabilities and has 43 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1152472,1152489,1156395,1172073,1173604,1176447,1176774,1176914,1178134,1180100,1181147,1184673,1185762,1186063,1186109,1187167,1188563,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190801,1190941,1191229,1191240,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191645,1191663,1191731,1191800,1191867,1191934,1191958,1192040,1192041,1192074,1192107,1192145 CVE References: CVE-2021-33033,CVE-2021-34866,CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 JIRA References: Sources used: SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src): kernel-azure-5.3.18-38.28.2, kernel-source-azure-5.3.18-38.28.2, kernel-syms-azure-5.3.18-38.28.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c96 --- Comment #96 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3640-1: An update that solves 11 vulnerabilities and has 35 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1133021,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176940,1184673,1185762,1186063,1187167,1188563,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190941,1191229,1191241,1191315,1191317,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191731,1191800,1191934,1191958,1192040,1192041,1192107,1192145 CVE References: CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 JIRA References: Sources used: SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src): kernel-azure-5.3.18-18.72.2, kernel-source-azure-5.3.18-18.72.2, kernel-syms-azure-5.3.18-18.72.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c101 --- Comment #101 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3658-1: An update that solves 11 vulnerabilities and has 35 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176940,1184673,1185762,1186063,1187167,1188563,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190941,1191229,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191731,1191800,1191934,1191958,1192040,1192041,1192107,1192145 CVE References: CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 JIRA References: Sources used: SUSE MicroOS 5.0 (src): kernel-rt-5.3.18-57.1 SUSE Linux Enterprise Module for Realtime 15-SP2 (src): kernel-rt-5.3.18-57.1, kernel-rt_debug-5.3.18-57.1, kernel-source-rt-5.3.18-57.1, kernel-syms-rt-5.3.18-57.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c104 --- Comment #104 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-SU-2021:1477-1: An update that solves 15 vulnerabilities and has 41 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1100416,1129735,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176940,1184673,1185762,1186109,1187167,1188563,1188876,1188983,1188985,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190941,1191229,1191238,1191241,1191315,1191317,1191343,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191731,1191800,1191934,1191958,1192036,1192040,1192041,1192107,1192145,1192267,1192549 CVE References: CVE-2018-13405,CVE-2021-33033,CVE-2021-34556,CVE-2021-3542,CVE-2021-35477,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 JIRA References: Sources used: openSUSE Leap 15.2 (src): kernel-debug-5.3.18-lp152.102.1, kernel-default-5.3.18-lp152.102.1, kernel-default-base-5.3.18-lp152.102.1.lp152.8.49.1, kernel-docs-5.3.18-lp152.102.1, kernel-kvmsmall-5.3.18-lp152.102.1, kernel-obs-build-5.3.18-lp152.102.1, kernel-obs-qa-5.3.18-lp152.102.1, kernel-preempt-5.3.18-lp152.102.1, kernel-source-5.3.18-lp152.102.1, kernel-syms-5.3.18-lp152.102.1 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 Michal Suchanek <msuchanek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks|1191480 | Depends on| |1191480 -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c105 --- Comment #105 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3675-1: An update that solves 15 vulnerabilities and has 56 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1089118,1094840,1133021,1152472,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176447,1176774,1176914,1176940,1178134,1180100,1180749,1181147,1184673,1185762,1186063,1186109,1187167,1188563,1188601,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190801,1190941,1191229,1191240,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191645,1191663,1191731,1191800,1191851,1191867,1191934,1191958,1191980,1192040,1192041,1192074,1192107,1192145,1192229,1192267,1192288,1192549 CVE References: CVE-2021-33033,CVE-2021-34866,CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-37159,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056,CVE-2021-43389 JIRA References: Sources used: SUSE MicroOS 5.1 (src): kernel-default-5.3.18-59.34.1, kernel-default-base-5.3.18-59.34.1.18.21.1 SUSE Linux Enterprise Workstation Extension 15-SP3 (src): kernel-default-5.3.18-59.34.1, kernel-preempt-5.3.18-59.34.1 SUSE Linux Enterprise Module for Live Patching 15-SP3 (src): kernel-default-5.3.18-59.34.1, kernel-livepatch-SLE15-SP3_Update_9-1-7.3.1 SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src): kernel-default-5.3.18-59.34.1 SUSE Linux Enterprise Module for Development Tools 15-SP3 (src): kernel-docs-5.3.18-59.34.1, kernel-obs-build-5.3.18-59.34.1, kernel-preempt-5.3.18-59.34.1, kernel-source-5.3.18-59.34.1, kernel-syms-5.3.18-59.34.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): kernel-64kb-5.3.18-59.34.1, kernel-default-5.3.18-59.34.1, kernel-default-base-5.3.18-59.34.1.18.21.1, kernel-preempt-5.3.18-59.34.1, kernel-source-5.3.18-59.34.1, kernel-zfcpdump-5.3.18-59.34.1 SUSE Linux Enterprise High Availability 15-SP3 (src): kernel-default-5.3.18-59.34.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c107 --- Comment #107 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2021:3754-1: An update that solves 11 vulnerabilities and has 37 fixes is now available. Category: security (important) Bug References: 1065729,1085030,1152489,1154353,1156395,1157177,1167773,1172073,1173604,1176940,1184673,1185762,1186063,1187167,1188563,1189841,1190006,1190067,1190349,1190351,1190479,1190620,1190642,1190795,1190941,1191229,1191241,1191315,1191317,1191349,1191384,1191449,1191450,1191451,1191452,1191455,1191456,1191628,1191731,1191800,1191934,1191958,1192040,1192041,1192107,1192145,1192267,1192549 CVE References: CVE-2021-3542,CVE-2021-3655,CVE-2021-3715,CVE-2021-3760,CVE-2021-3772,CVE-2021-3896,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739,CVE-2021-43056 JIRA References: Sources used: SUSE MicroOS 5.0 (src): kernel-default-5.3.18-24.93.1, kernel-default-base-5.3.18-24.93.1.9.42.5 SUSE Linux Enterprise Workstation Extension 15-SP2 (src): kernel-default-5.3.18-24.93.1, kernel-preempt-5.3.18-24.93.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-24.93.1, kernel-livepatch-SLE15-SP2_Update_21-1-5.3.5 SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src): kernel-default-5.3.18-24.93.1 SUSE Linux Enterprise Module for Development Tools 15-SP2 (src): kernel-docs-5.3.18-24.93.1, kernel-obs-build-5.3.18-24.93.1, kernel-preempt-5.3.18-24.93.1, kernel-source-5.3.18-24.93.1, kernel-syms-5.3.18-24.93.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): kernel-default-5.3.18-24.93.1, kernel-default-base-5.3.18-24.93.1.9.42.5, kernel-preempt-5.3.18-24.93.1, kernel-source-5.3.18-24.93.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-24.93.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c109 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(martin.wilck@suse | |.com) | --- Comment #109 from Martin Wilck <martin.wilck@suse.com> --- Thanks for alerting me. I forgot the "osc mr". Request is sr#259041. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c113 --- Comment #113 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2021:3869-1: An update that has 8 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1189841,1189879,1190598,1191200,1191260,1191480,1191804,1191922 CVE References: JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15-SP1 (src): suse-module-tools-15.1.23-3.19.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): suse-module-tools-15.1.23-3.19.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): suse-module-tools-15.1.23-3.19.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): suse-module-tools-15.1.23-3.19.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): suse-module-tools-15.1.23-3.19.1 SUSE Enterprise Storage 6 (src): suse-module-tools-15.1.23-3.19.1 SUSE CaaS Platform 4.0 (src): suse-module-tools-15.1.23-3.19.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c115 --- Comment #115 from Swamp Workflow Management <swamp@suse.de> --- SUSE-RU-2021:3970-1: An update that has 8 recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1189841,1189879,1190598,1191200,1191260,1191480,1191804,1191922 CVE References: JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): suse-module-tools-12.6.1-27.6.1 SUSE OpenStack Cloud Crowbar 8 (src): suse-module-tools-12.6.1-27.6.1 SUSE OpenStack Cloud 9 (src): suse-module-tools-12.6.1-27.6.1 SUSE OpenStack Cloud 8 (src): suse-module-tools-12.6.1-27.6.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): suse-module-tools-12.6.1-27.6.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): suse-module-tools-12.6.1-27.6.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): suse-module-tools-12.6.1-27.6.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): suse-module-tools-12.6.1-27.6.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): suse-module-tools-12.6.1-27.6.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): suse-module-tools-12.6.1-27.6.1 HPE Helion Openstack 8 (src): suse-module-tools-12.6.1-27.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c120 --- Comment #120 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:0068-1: An update that solves 16 vulnerabilities and has 26 fixes is now available. Category: security (important) Bug References: 1114648,1124431,1167162,1169514,1172073,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189158,1189305,1189841,1190317,1190358,1190428,1191229,1191384,1191731,1191876,1192032,1192145,1192267,1192740,1192845,1192847,1192866,1192877,1192946,1192974,1193231,1193306,1193318,1193440,1193442,1193575,1193731,1194087,1194094 CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 12-SP5 (src): kernel-default-4.12.14-122.106.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): kernel-docs-4.12.14-122.106.1, kernel-obs-build-4.12.14-122.106.1 SUSE Linux Enterprise Server 12-SP5 (src): kernel-default-4.12.14-122.106.1, kernel-source-4.12.14-122.106.1, kernel-syms-4.12.14-122.106.1 SUSE Linux Enterprise Live Patching 12-SP5 (src): kernel-default-4.12.14-122.106.1, kgraft-patch-SLE12-SP5_Update_27-1-8.3.1 SUSE Linux Enterprise High Availability 12-SP5 (src): kernel-default-4.12.14-122.106.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c122 --- Comment #122 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:0090-1: An update that solves 15 vulnerabilities, contains one feature and has 18 fixes is now available. Category: security (important) Bug References: 1114648,1124431,1167162,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189305,1189841,1190358,1191229,1191384,1192032,1192145,1192267,1192740,1192845,1192847,1192877,1192946,1192974,1193231,1193306,1193318,1193440,1193442,1193731,1194087,1194094 CVE References: CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486 JIRA References: SLE-17288 Sources used: SUSE Linux Enterprise Real Time Extension 12-SP5 (src): kernel-rt-4.12.14-10.73.1, kernel-rt_debug-4.12.14-10.73.1, kernel-source-rt-4.12.14-10.73.1, kernel-syms-rt-4.12.14-10.73.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c132 --- Comment #132 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:0367-1: An update that solves 27 vulnerabilities and has 23 fixes is now available. Category: security (critical) Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193506,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254 CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435 JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15 (src): kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1 SUSE Linux Enterprise Server 15-LTSS (src): kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1, kernel-zfcpdump-4.12.14-150.83.1 SUSE Linux Enterprise Module for Live Patching 15 (src): kernel-default-4.12.14-150.83.1, kernel-livepatch-SLE15_Update_27-1-1.5.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1 SUSE Linux Enterprise High Availability 15 (src): kernel-default-4.12.14-150.83.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1189841 https://bugzilla.suse.com/show_bug.cgi?id=1189841#c134 --- Comment #134 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:0371-1: An update that solves 27 vulnerabilities and has 22 fixes is now available. Category: security (important) Bug References: 1071995,1124431,1167162,1169514,1172073,1177101,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193507,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195254 CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1 SUSE OpenStack Cloud 9 (src): kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1 SUSE Linux Enterprise Live Patching 12-SP4 (src): kernel-default-4.12.14-95.88.1, kgraft-patch-SLE12-SP4_Update_24-1-6.5.1 SUSE Linux Enterprise High Availability 12-SP4 (src): kernel-default-4.12.14-95.88.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.