openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
July 2017
- 1 participants
- 57 discussions
[security-announce] SUSE-SU-2017:1893-1: important: Security update for evince
by opensuse-security@opensuse.org 18 Jul '17
by opensuse-security@opensuse.org 18 Jul '17
18 Jul '17
SUSE Security Update: Security update for evince
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1893-1
Rating: important
References: #1046856
Cross-References: CVE-2017-1000083
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP2
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for evince fixes the following issues:
- CVE-2017-1000083: Remote attackers could have used the comicbook mode of
evince to inject shell code. (bsc#1046856, bgo#784630)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP2:
zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1171=1
- SUSE Linux Enterprise Software Development Kit 12-SP2:
zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1171=1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1171=1
- SUSE Linux Enterprise Server 12-SP2:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1171=1
- SUSE Linux Enterprise Desktop 12-SP2:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1171=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):
evince-debuginfo-3.20.1-6.14.1
evince-debugsource-3.20.1-6.14.1
typelib-1_0-EvinceDocument-3_0-3.20.1-6.14.1
typelib-1_0-EvinceView-3_0-3.20.1-6.14.1
- SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):
evince-debuginfo-3.20.1-6.14.1
evince-debugsource-3.20.1-6.14.1
evince-devel-3.20.1-6.14.1
typelib-1_0-EvinceDocument-3_0-3.20.1-6.14.1
typelib-1_0-EvinceView-3_0-3.20.1-6.14.1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
evince-3.20.1-6.14.1
evince-browser-plugin-3.20.1-6.14.1
evince-browser-plugin-debuginfo-3.20.1-6.14.1
evince-debuginfo-3.20.1-6.14.1
evince-debugsource-3.20.1-6.14.1
evince-plugin-djvudocument-3.20.1-6.14.1
evince-plugin-djvudocument-debuginfo-3.20.1-6.14.1
evince-plugin-dvidocument-3.20.1-6.14.1
evince-plugin-dvidocument-debuginfo-3.20.1-6.14.1
evince-plugin-pdfdocument-3.20.1-6.14.1
evince-plugin-pdfdocument-debuginfo-3.20.1-6.14.1
evince-plugin-psdocument-3.20.1-6.14.1
evince-plugin-psdocument-debuginfo-3.20.1-6.14.1
evince-plugin-tiffdocument-3.20.1-6.14.1
evince-plugin-tiffdocument-debuginfo-3.20.1-6.14.1
evince-plugin-xpsdocument-3.20.1-6.14.1
evince-plugin-xpsdocument-debuginfo-3.20.1-6.14.1
libevdocument3-4-3.20.1-6.14.1
libevdocument3-4-debuginfo-3.20.1-6.14.1
libevview3-3-3.20.1-6.14.1
libevview3-3-debuginfo-3.20.1-6.14.1
nautilus-evince-3.20.1-6.14.1
nautilus-evince-debuginfo-3.20.1-6.14.1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):
evince-lang-3.20.1-6.14.1
- SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le):
evince-3.20.1-6.14.1
evince-browser-plugin-3.20.1-6.14.1
evince-browser-plugin-debuginfo-3.20.1-6.14.1
evince-debuginfo-3.20.1-6.14.1
evince-debugsource-3.20.1-6.14.1
evince-plugin-djvudocument-3.20.1-6.14.1
evince-plugin-djvudocument-debuginfo-3.20.1-6.14.1
evince-plugin-dvidocument-3.20.1-6.14.1
evince-plugin-dvidocument-debuginfo-3.20.1-6.14.1
evince-plugin-pdfdocument-3.20.1-6.14.1
evince-plugin-pdfdocument-debuginfo-3.20.1-6.14.1
evince-plugin-psdocument-3.20.1-6.14.1
evince-plugin-psdocument-debuginfo-3.20.1-6.14.1
evince-plugin-tiffdocument-3.20.1-6.14.1
evince-plugin-tiffdocument-debuginfo-3.20.1-6.14.1
evince-plugin-xpsdocument-3.20.1-6.14.1
evince-plugin-xpsdocument-debuginfo-3.20.1-6.14.1
libevdocument3-4-3.20.1-6.14.1
libevdocument3-4-debuginfo-3.20.1-6.14.1
libevview3-3-3.20.1-6.14.1
libevview3-3-debuginfo-3.20.1-6.14.1
nautilus-evince-3.20.1-6.14.1
nautilus-evince-debuginfo-3.20.1-6.14.1
- SUSE Linux Enterprise Server 12-SP2 (noarch):
evince-lang-3.20.1-6.14.1
- SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
evince-3.20.1-6.14.1
evince-browser-plugin-3.20.1-6.14.1
evince-browser-plugin-debuginfo-3.20.1-6.14.1
evince-debuginfo-3.20.1-6.14.1
evince-debugsource-3.20.1-6.14.1
evince-plugin-djvudocument-3.20.1-6.14.1
evince-plugin-djvudocument-debuginfo-3.20.1-6.14.1
evince-plugin-dvidocument-3.20.1-6.14.1
evince-plugin-dvidocument-debuginfo-3.20.1-6.14.1
evince-plugin-pdfdocument-3.20.1-6.14.1
evince-plugin-pdfdocument-debuginfo-3.20.1-6.14.1
evince-plugin-psdocument-3.20.1-6.14.1
evince-plugin-psdocument-debuginfo-3.20.1-6.14.1
evince-plugin-tiffdocument-3.20.1-6.14.1
evince-plugin-tiffdocument-debuginfo-3.20.1-6.14.1
evince-plugin-xpsdocument-3.20.1-6.14.1
evince-plugin-xpsdocument-debuginfo-3.20.1-6.14.1
libevdocument3-4-3.20.1-6.14.1
libevdocument3-4-debuginfo-3.20.1-6.14.1
libevview3-3-3.20.1-6.14.1
libevview3-3-debuginfo-3.20.1-6.14.1
nautilus-evince-3.20.1-6.14.1
nautilus-evince-debuginfo-3.20.1-6.14.1
typelib-1_0-EvinceDocument-3_0-3.20.1-6.14.1
typelib-1_0-EvinceView-3_0-3.20.1-6.14.1
- SUSE Linux Enterprise Desktop 12-SP2 (noarch):
evince-lang-3.20.1-6.14.1
References:
https://www.suse.com/security/cve/CVE-2017-1000083.html
https://bugzilla.suse.com/1046856
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2017:1885-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 15 Jul '17
by opensuse-security@opensuse.org 15 Jul '17
15 Jul '17
openSUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:1885-1
Rating: important
References: #1025084 #1035283
Cross-References: CVE-2017-10971 CVE-2017-10972
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a
stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent
are in the allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid
information leakage.
- Improve retrieval of entropy for generating random authentication
cookies (boo#1025084)
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-825=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (i586 x86_64):
xorg-x11-server-7.6_1.18.3-12.20.1
xorg-x11-server-debuginfo-7.6_1.18.3-12.20.1
xorg-x11-server-debugsource-7.6_1.18.3-12.20.1
xorg-x11-server-extra-7.6_1.18.3-12.20.1
xorg-x11-server-extra-debuginfo-7.6_1.18.3-12.20.1
xorg-x11-server-sdk-7.6_1.18.3-12.20.1
xorg-x11-server-source-7.6_1.18.3-12.20.1
References:
https://www.suse.com/security/cve/CVE-2017-10971.html
https://www.suse.com/security/cve/CVE-2017-10972.html
https://bugzilla.suse.com/1025084
https://bugzilla.suse.com/1035283
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2017:1882-1: important: Recommended update for ncurses
by opensuse-security@opensuse.org 14 Jul '17
by opensuse-security@opensuse.org 14 Jul '17
14 Jul '17
openSUSE Security Update: Recommended update for ncurses
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:1882-1
Rating: important
References: #1000662 #1046853 #1046858
Cross-References: CVE-2017-10684 CVE-2017-10685
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the
fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the
fmt_entry function. (bsc#1046853)
Bugfixes:
- Drop patch ncurses-5.9-environment.dif as YaST2 ncurses GUI does not
need it anymore and as well as it causes bug bsc#1000662
This update was imported from the SUSE:SLE-12:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-823=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (i586 x86_64):
libncurses5-5.9-55.3.1
libncurses5-debuginfo-5.9-55.3.1
libncurses6-5.9-55.3.1
libncurses6-debuginfo-5.9-55.3.1
ncurses-debugsource-5.9-55.3.1
ncurses-devel-5.9-55.3.1
ncurses-devel-debuginfo-5.9-55.3.1
ncurses-utils-5.9-55.3.1
ncurses-utils-debuginfo-5.9-55.3.1
tack-5.9-55.3.1
tack-debuginfo-5.9-55.3.1
terminfo-5.9-55.3.1
terminfo-base-5.9-55.3.1
- openSUSE Leap 42.2 (x86_64):
libncurses5-32bit-5.9-55.3.1
libncurses5-debuginfo-32bit-5.9-55.3.1
libncurses6-32bit-5.9-55.3.1
libncurses6-debuginfo-32bit-5.9-55.3.1
ncurses-devel-32bit-5.9-55.3.1
ncurses-devel-debuginfo-32bit-5.9-55.3.1
References:
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://bugzilla.suse.com/1000662
https://bugzilla.suse.com/1046853
https://bugzilla.suse.com/1046858
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] openSUSE-SU-2017:1872-1: important: Security update for qemu
by opensuse-security@opensuse.org 14 Jul '17
by opensuse-security@opensuse.org 14 Jul '17
14 Jul '17
openSUSE Security Update: Security update for qemu
______________________________________________________________________________
Announcement ID: openSUSE-SU-2017:1872-1
Rating: important
References: #1016503 #1016504 #1017081 #1017084 #1020427
#1021741 #1025109 #1025311 #1028184 #1028656
#1030624 #1031142 #1032075 #1034866 #1034908
#1035406 #1035950 #1036211 #1037242 #1037334
#1037336 #1039495 #1042159 #1042800 #1042801
#1043073 #1043296
Cross-References: CVE-2016-10028 CVE-2016-10029 CVE-2016-9602
CVE-2016-9603 CVE-2017-5579 CVE-2017-5973
CVE-2017-5987 CVE-2017-6505 CVE-2017-7377
CVE-2017-7471 CVE-2017-7493 CVE-2017-7718
CVE-2017-7980 CVE-2017-8086 CVE-2017-8112
CVE-2017-8309 CVE-2017-8379 CVE-2017-8380
CVE-2017-9330 CVE-2017-9373 CVE-2017-9374
CVE-2017-9375 CVE-2017-9503
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________
An update that solves 23 vulnerabilities and has four fixes
is now available.
Description:
This update for qemu fixes several issues.
These security issues were fixed:
- CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users
to cause a denial of service (infinite loop) by leveraging an incorrect
return value (bsc#1042159).
- CVE-2017-8379: Memory leak in the keyboard input event handlers support
allowed local guest OS privileged users to cause a denial of service
(host memory consumption) by rapidly generating large keyboard events
(bsc#1037334).
- CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers
to cause a denial of service (memory consumption) by repeatedly starting
and stopping audio capture (bsc#1037242).
- CVE-2017-7493: The VirtFS, host directory sharing via Plan 9 File
System(9pfs) support, was vulnerable to an improper access control
issue. It could occur while accessing virtfs metadata files in
mapped-file security mode. A guest user could have used this flaw to
escalate their privileges inside guest (bsc#1039495).
- CVE-2017-7377: The v9fs_create and v9fs_lcreate functions in
hw/9pfs/9p.c allowed local guest OS privileged users to cause a denial
of service (file descriptor or memory consumption) via vectors related
to an already in-use fid (bsc#1032075).
- CVE-2017-8086: A memory leak in the v9fs_list_xattr function in
hw/9pfs/9p-xattr.c allowed local guest OS privileged users to cause a
denial of service (memory consumption) via vectors involving the
orig_value variable (bsc#1035950).
- CVE-2017-5973: A infinite loop while doing control transfer in
xhci_kick_epctx allowed privileged user inside the guest to crash the
host process resulting in DoS (bsc#1025109)
- CVE-2017-5987: The sdhci_sdma_transfer_multi_blocks function in
hw/sd/sdhci.c allowed local OS guest privileged users to cause a denial
of service (infinite loop and QEMU process crash) via vectors involving
the transfer mode register during multi block transfer (bsc#1025311).
- CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c
allowed local guest OS users to cause a denial of service (infinite
loop) via vectors involving the number of link endpoint list descriptors
(bsc#1028184)
- CVE-2016-9603: A privileged user within the guest VM could have caused a
heap overflow in the device model process, potentially escalating their
privileges to that of the device model process (bsc#1028656)
- CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS
privileged users to cause a denial of service (out-of-bounds read and
QEMU process crash) via vectors related to copying VGA data via the
cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions
(bsc#1034908)
- CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD
54xx VGA Emulator support allowed privileged user inside guest to use
this flaw to crash the Qemu process resulting in DoS or potentially
execute arbitrary code on a host with privileges of Qemu process on the
host (bsc#1035406)
- CVE-2017-8112: hw/scsi/vmw_pvscsi.c allowed local guest OS privileged
users to cause a denial of service (infinite loop and CPU consumption)
via the message ring page count (bsc#1036211).
- CVE-2017-9375: The USB xHCI controller emulator support was vulnerable
to an infinite recursive call loop issue, which allowed a privileged
user inside guest to crash the Qemu process resulting in DoS
(bsc#1042800).
- CVE-2017-9374: Missing free of 's->ipacket', causes a host memory leak,
allowing for DoS (bsc#1043073).
- CVE-2017-9373: The IDE AHCI Emulation support was vulnerable to a host
memory leakage issue, which allowed a privileged user inside guest to
leak host memory resulting in DoS (bsc#1042801).
- CVE-2017-8380: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation
support was vulnerable to an out-of-bounds read access issue which
allowed a privileged user inside guest to read host memory resulting in
DoS (bsc#1037336).
- CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File
System(9pfs) support was vulnerable to an improper link following issue
which allowed a privileged user inside guest to access host file system
beyond the shared folder and potentially escalating their privileges on
a host (bsc#1020427).
- CVE-2017-7471: The VirtFS host directory sharing via Plan 9 File
System(9pfs) support was vulnerable to an improper access control issue
which allowed a privileged user inside guest to access host file system
beyond the shared folder and potentially escalating their privileges on
a host (bsc#1034866).
- Fix privilege escalation in TCG mode of QEMU. This is not considered a
security issue by the upstream project, but is included as additional
hardening (bsc#1030624)
- Fix potential DoS in virtfs
- CVE-2016-10028: The Virtio GPU Device emulator support was vulnerable to
an out of bounds memory access issue allowing a guest user to crash the
Qemu process instance on a host, resulting in DoS (bsc#1017084,
bsc#1016503)
- CVE-2016-10029: The Virtio GPU Device emulator support was vulnerable to
an OOB read issue allowing a guest user to crash the Qemu process
instance resulting in Dos (bsc#1017081, bsc#1016504)
- CVE-2017-5579: The 16550A UART serial device emulation support was
vulnerable to a memory leakage issue allowing a privileged user to cause
a DoS and/or potentially crash the Qemu process on the host (bsc#1021741)
- CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation
support was vulnerable to a null pointer dereference issue which allowed
a privileged user inside guest to crash the Qemu process on the host
resulting in DoS (bsc#1043296).
This non-security issue was fixed:
- Enable MONITOR/MWAIT support for guests (bsc#1031142)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.2:
zypper in -t patch openSUSE-2017-822=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE Leap 42.2 (i586 x86_64):
qemu-2.6.2-31.3.3
qemu-arm-2.6.2-31.3.3
qemu-arm-debuginfo-2.6.2-31.3.3
qemu-block-curl-2.6.2-31.3.3
qemu-block-curl-debuginfo-2.6.2-31.3.3
qemu-block-dmg-2.6.2-31.3.3
qemu-block-dmg-debuginfo-2.6.2-31.3.3
qemu-block-iscsi-2.6.2-31.3.3
qemu-block-iscsi-debuginfo-2.6.2-31.3.3
qemu-block-ssh-2.6.2-31.3.3
qemu-block-ssh-debuginfo-2.6.2-31.3.3
qemu-debugsource-2.6.2-31.3.3
qemu-extra-2.6.2-31.3.3
qemu-extra-debuginfo-2.6.2-31.3.3
qemu-guest-agent-2.6.2-31.3.3
qemu-guest-agent-debuginfo-2.6.2-31.3.3
qemu-kvm-2.6.2-31.3.3
qemu-lang-2.6.2-31.3.3
qemu-linux-user-2.6.2-31.3.1
qemu-linux-user-debuginfo-2.6.2-31.3.1
qemu-linux-user-debugsource-2.6.2-31.3.1
qemu-ppc-2.6.2-31.3.3
qemu-ppc-debuginfo-2.6.2-31.3.3
qemu-s390-2.6.2-31.3.3
qemu-s390-debuginfo-2.6.2-31.3.3
qemu-testsuite-2.6.2-31.3.6
qemu-tools-2.6.2-31.3.3
qemu-tools-debuginfo-2.6.2-31.3.3
qemu-x86-2.6.2-31.3.3
qemu-x86-debuginfo-2.6.2-31.3.3
- openSUSE Leap 42.2 (x86_64):
qemu-block-rbd-2.6.2-31.3.3
qemu-block-rbd-debuginfo-2.6.2-31.3.3
- openSUSE Leap 42.2 (noarch):
qemu-ipxe-1.0.0-31.3.3
qemu-seabios-1.9.1-31.3.3
qemu-sgabios-8-31.3.3
qemu-vgabios-1.9.1-31.3.3
References:
https://www.suse.com/security/cve/CVE-2016-10028.html
https://www.suse.com/security/cve/CVE-2016-10029.html
https://www.suse.com/security/cve/CVE-2016-9602.html
https://www.suse.com/security/cve/CVE-2016-9603.html
https://www.suse.com/security/cve/CVE-2017-5579.html
https://www.suse.com/security/cve/CVE-2017-5973.html
https://www.suse.com/security/cve/CVE-2017-5987.html
https://www.suse.com/security/cve/CVE-2017-6505.html
https://www.suse.com/security/cve/CVE-2017-7377.html
https://www.suse.com/security/cve/CVE-2017-7471.html
https://www.suse.com/security/cve/CVE-2017-7493.html
https://www.suse.com/security/cve/CVE-2017-7718.html
https://www.suse.com/security/cve/CVE-2017-7980.html
https://www.suse.com/security/cve/CVE-2017-8086.html
https://www.suse.com/security/cve/CVE-2017-8112.html
https://www.suse.com/security/cve/CVE-2017-8309.html
https://www.suse.com/security/cve/CVE-2017-8379.html
https://www.suse.com/security/cve/CVE-2017-8380.html
https://www.suse.com/security/cve/CVE-2017-9330.html
https://www.suse.com/security/cve/CVE-2017-9373.html
https://www.suse.com/security/cve/CVE-2017-9374.html
https://www.suse.com/security/cve/CVE-2017-9375.html
https://www.suse.com/security/cve/CVE-2017-9503.html
https://bugzilla.suse.com/1016503
https://bugzilla.suse.com/1016504
https://bugzilla.suse.com/1017081
https://bugzilla.suse.com/1017084
https://bugzilla.suse.com/1020427
https://bugzilla.suse.com/1021741
https://bugzilla.suse.com/1025109
https://bugzilla.suse.com/1025311
https://bugzilla.suse.com/1028184
https://bugzilla.suse.com/1028656
https://bugzilla.suse.com/1030624
https://bugzilla.suse.com/1031142
https://bugzilla.suse.com/1032075
https://bugzilla.suse.com/1034866
https://bugzilla.suse.com/1034908
https://bugzilla.suse.com/1035406
https://bugzilla.suse.com/1035950
https://bugzilla.suse.com/1036211
https://bugzilla.suse.com/1037242
https://bugzilla.suse.com/1037334
https://bugzilla.suse.com/1037336
https://bugzilla.suse.com/1039495
https://bugzilla.suse.com/1042159
https://bugzilla.suse.com/1042800
https://bugzilla.suse.com/1042801
https://bugzilla.suse.com/1043073
https://bugzilla.suse.com/1043296
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2017:1865-1: important: Security update for cryptctl
by opensuse-security@opensuse.org 14 Jul '17
by opensuse-security@opensuse.org 14 Jul '17
14 Jul '17
SUSE Security Update: Security update for cryptctl
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1865-1
Rating: important
References: #1041963
Cross-References: CVE-2017-9270
Affected Products:
SUSE Linux Enterprise Server for SAP 12-SP2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for cryptctl fixes an issue that could have allowed a
malicious administrator to craft RPC requests to overwrite files outside
of key database. (bsc#1041963 / CVE-2017-9270)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server for SAP 12-SP2:
zypper in -t patch SUSE-SLE-SAP-12-SP2-2017-1158=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):
cryptctl-1.2.6-5.3.11
cryptctl-debuginfo-1.2.6-5.3.11
cryptctl-debugsource-1.2.6-5.3.11
References:
https://www.suse.com/security/cve/CVE-2017-9270.html
https://bugzilla.suse.com/1041963
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2017:1861-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 14 Jul '17
by opensuse-security@opensuse.org 14 Jul '17
14 Jul '17
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1861-1
Rating: important
References: #1035283
Cross-References: CVE-2017-10971 CVE-2017-10972
Affected Products:
SUSE Linux Enterprise Server for SAP 12
SUSE Linux Enterprise Server 12-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a
stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent
are in the allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid
information leakage.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server for SAP 12:
zypper in -t patch SUSE-SLE-SAP-12-2017-1150=1
- SUSE Linux Enterprise Server 12-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-2017-1150=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server for SAP 12 (x86_64):
xorg-x11-server-7.6_1.15.2-30.22.1
xorg-x11-server-debuginfo-7.6_1.15.2-30.22.1
xorg-x11-server-debugsource-7.6_1.15.2-30.22.1
xorg-x11-server-extra-7.6_1.15.2-30.22.1
xorg-x11-server-extra-debuginfo-7.6_1.15.2-30.22.1
- SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64):
xorg-x11-server-7.6_1.15.2-30.22.1
xorg-x11-server-debuginfo-7.6_1.15.2-30.22.1
xorg-x11-server-debugsource-7.6_1.15.2-30.22.1
xorg-x11-server-extra-7.6_1.15.2-30.22.1
xorg-x11-server-extra-debuginfo-7.6_1.15.2-30.22.1
References:
https://www.suse.com/security/cve/CVE-2017-10971.html
https://www.suse.com/security/cve/CVE-2017-10972.html
https://bugzilla.suse.com/1035283
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2017:1860-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 14 Jul '17
by opensuse-security@opensuse.org 14 Jul '17
14 Jul '17
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1860-1
Rating: important
References: #1035283
Cross-References: CVE-2017-10971 CVE-2017-10972
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server provides the following fixes:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a
stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent
are in the allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid
information leakage.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12-SP2:
zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1148=1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1148=1
- SUSE Linux Enterprise Server 12-SP2:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1148=1
- SUSE Linux Enterprise Desktop 12-SP2:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1148=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-debuginfo-7.6_1.18.3-74.2
xorg-x11-server-debugsource-7.6_1.18.3-74.2
xorg-x11-server-sdk-7.6_1.18.3-74.2
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
xorg-x11-server-7.6_1.18.3-74.2
xorg-x11-server-debuginfo-7.6_1.18.3-74.2
xorg-x11-server-debugsource-7.6_1.18.3-74.2
xorg-x11-server-extra-7.6_1.18.3-74.2
xorg-x11-server-extra-debuginfo-7.6_1.18.3-74.2
- SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):
xorg-x11-server-7.6_1.18.3-74.2
xorg-x11-server-debuginfo-7.6_1.18.3-74.2
xorg-x11-server-debugsource-7.6_1.18.3-74.2
xorg-x11-server-extra-7.6_1.18.3-74.2
xorg-x11-server-extra-debuginfo-7.6_1.18.3-74.2
- SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
xorg-x11-server-7.6_1.18.3-74.2
xorg-x11-server-debuginfo-7.6_1.18.3-74.2
xorg-x11-server-debugsource-7.6_1.18.3-74.2
xorg-x11-server-extra-7.6_1.18.3-74.2
xorg-x11-server-extra-debuginfo-7.6_1.18.3-74.2
References:
https://www.suse.com/security/cve/CVE-2017-10971.html
https://www.suse.com/security/cve/CVE-2017-10972.html
https://bugzilla.suse.com/1035283
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2017:1859-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 14 Jul '17
by opensuse-security@opensuse.org 14 Jul '17
14 Jul '17
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1859-1
Rating: important
References: #1035283
Cross-References: CVE-2017-10971 CVE-2017-10972
Affected Products:
SUSE OpenStack Cloud 6
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server provides the following fixes:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a
stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent
are in the allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid
information leakage.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 6:
zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1149=1
- SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1149=1
- SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1149=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE OpenStack Cloud 6 (x86_64):
xorg-x11-server-7.6_1.15.2-53.3.1
xorg-x11-server-debuginfo-7.6_1.15.2-53.3.1
xorg-x11-server-debugsource-7.6_1.15.2-53.3.1
xorg-x11-server-extra-7.6_1.15.2-53.3.1
xorg-x11-server-extra-debuginfo-7.6_1.15.2-53.3.1
- SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):
xorg-x11-server-7.6_1.15.2-53.3.1
xorg-x11-server-debuginfo-7.6_1.15.2-53.3.1
xorg-x11-server-debugsource-7.6_1.15.2-53.3.1
xorg-x11-server-extra-7.6_1.15.2-53.3.1
xorg-x11-server-extra-debuginfo-7.6_1.15.2-53.3.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):
xorg-x11-server-7.6_1.15.2-53.3.1
xorg-x11-server-debuginfo-7.6_1.15.2-53.3.1
xorg-x11-server-debugsource-7.6_1.15.2-53.3.1
xorg-x11-server-extra-7.6_1.15.2-53.3.1
xorg-x11-server-extra-debuginfo-7.6_1.15.2-53.3.1
References:
https://www.suse.com/security/cve/CVE-2017-10971.html
https://www.suse.com/security/cve/CVE-2017-10972.html
https://bugzilla.suse.com/1035283
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2017:1853-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Jul '17
by opensuse-security@opensuse.org 13 Jul '17
13 Jul '17
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1853-1
Rating: important
References: #1003581 #1004003 #1011044 #1012060 #1012382
#1012422 #1012452 #1012829 #1012910 #1012985
#1013561 #1013887 #1015342 #1015452 #1017461
#1018885 #1020412 #1021424 #1022266 #1022595
#1023287 #1025461 #1026570 #1027101 #1027512
#1027974 #1028217 #1028310 #1028340 #1028883
#1029607 #1030057 #1030070 #1031040 #1031142
#1031147 #1031470 #1031500 #1031512 #1031555
#1031717 #1031796 #1032141 #1032339 #1032345
#1032400 #1032581 #1032803 #1033117 #1033281
#1033336 #1033340 #1033885 #1034048 #1034419
#1034635 #1034670 #1034671 #1034762 #1034902
#1034995 #1035024 #1035866 #1035887 #1035920
#1035922 #1036214 #1036638 #1036752 #1036763
#1037177 #1037186 #1037384 #1037483 #1037669
#1037840 #1037871 #1037969 #1038033 #1038043
#1038085 #1038142 #1038143 #1038297 #1038458
#1038544 #1038842 #1038843 #1038846 #1038847
#1038848 #1038879 #1038981 #1038982 #1039214
#1039348 #1039354 #1039700 #1039864 #1039882
#1039883 #1039885 #1039900 #1040069 #1040125
#1040182 #1040279 #1040351 #1040364 #1040395
#1040425 #1040463 #1040567 #1040609 #1040855
#1040929 #1040941 #1041087 #1041160 #1041168
#1041242 #1041431 #1041810 #1042286 #1042356
#1042421 #1042517 #1042535 #1042536 #1042863
#1042886 #1043014 #1043231 #1043236 #1043347
#1043371 #1043467 #1043488 #1043598 #1043912
#1043935 #1043990 #1044015 #1044082 #1044120
#1044125 #1044532 #1044767 #1044772 #1044854
#1044880 #1044912 #1045154 #1045235 #1045286
#1045307 #1045467 #1045568 #1046105 #1046434
#1046589 #799133 #863764 #922871 #939801
#966170 #966172 #966191 #966321 #966339 #971975
#988065 #989311 #990058 #990682 #993832 #995542
Cross-References: CVE-2017-1000365 CVE-2017-1000380 CVE-2017-7346
CVE-2017-7487 CVE-2017-7616 CVE-2017-7618
CVE-2017-8890 CVE-2017-8924 CVE-2017-8925
CVE-2017-9074 CVE-2017-9075 CVE-2017-9076
CVE-2017-9077 CVE-2017-9150 CVE-2017-9242
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP2
SUSE Linux Enterprise Software Development Kit 12-SP2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2
SUSE Linux Enterprise Server 12-SP2
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise High Availability 12-SP2
SUSE Linux Enterprise Desktop 12-SP2
OpenStack Cloud Magnum Orchestration 7
______________________________________________________________________________
An update that solves 15 vulnerabilities and has 162 fixes
is now available.
Description:
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the
arguments and environmental strings passed through
RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the
argument and environment pointers into account, which allowed attackers
to bypass this limitation. (bnc#1039354).
- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable
to a data race in the ALSA /dev/snd/timer driver resulting in local
users being able to read information belonging to other users, i.e.,
uninitialized memory contents may be disclosed when a read and an ioctl
happen at the same time (bnc#1044125).
- CVE-2017-7346: The vmw_gb_surface_define_ioctl function in
drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not
validate certain levels data, which allowed local users to cause a
denial of service (system hang) via a crafted ioctl call for a
/dev/dri/renderD* device (bnc#1031796).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c
in the Linux kernel is too late in checking whether an overwrite of an
skb data structure may occur, which allowed local users to cause a
denial of service (system crash) via crafted system calls (bnc#1041431).
- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c
in the Linux kernel mishandled inheritance, which allowed local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c
in the Linux kernel mishandled inheritance, which allowed local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).
- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c
in the Linux kernel mishandled inheritance, which allowed local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).
- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel
did not consider that the nexthdr field may be associated with an
invalid option, which allowed local users to cause a denial of service
(out-of-bounds read and BUG) or possibly have unspecified other impact
via crafted socket and send system calls (bnc#1039882).
- CVE-2017-8924: The edge_bulk_in_callback function in
drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to
obtain sensitive information (in the dmesg ringbuffer and syslog) from
uninitialized kernel memory by using a crafted USB device (posing as an
io_ti USB serial device) to trigger an integer underflow. (bsc#1038982)
- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c
in the Linux kernel allowed local users to cause a denial of service
(tty exhaustion) by leveraging reference count mishandling. (bsc#1038981)
- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the
Linux kernel mishandled reference counts, which allowed local users to
cause a denial of service (use-after-free) or possibly have unspecified
other impact via a failed SIOCGIFADDR ioctl call for an IPX interface
(bnc#1038879).
- CVE-2017-8890: The inet_csk_clone_lock function in
net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to
cause a denial of service (double free) or possibly have unspecified
other impact by leveraging use of the accept system call (bnc#1038544).
- CVE-2017-9150: The do_check function in kernel/bpf/verifier.c in the
Linux kernel did not make the allow_ptr_leaks value available for
restricting the output of the print_bpf_insn function, which allowed
local users to obtain sensitive address information via crafted bpf
system calls (bnc#1040279).
- CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to
cause a denial of service (API operation calling its own callback, and
infinite recursion) by triggering EBUSY on a full queue (bnc#1033340).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind
compat syscalls in mm/mempolicy.c in the Linux kernel allowed local
users to obtain sensitive information from uninitialized stack data by
triggering failure of a certain bitmap operation (bnc#1033336).
The following non-security bugs were fixed:
- 9p: fix a potential acl leak (4.4.68 stable queue).
- acpi / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
(bsc#1031717).
- acpi / scan: Drop support for force_remove (bnc#1029607).
- ahci: disable correct irq for dummy ports (bsc#1040125).
- alsa: hda - Fix deadlock of controller device lock at unbinding (4.4.68
stable queue).
- arm: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2
mode (4.4.68 stable queue).
- arm: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build (4.4.68 stable
queue).
- ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
(bsc#1043231).
- ASoC: rt5640: use msleep() for long delays (bsc#1031717).
- ASoC: sti: Fix error handling if of_clk_get() fails (bsc#1031717).
- bcache: fix calling ida_simple_remove() with incorrect minor
(bsc#1038085).
- block: copy NOMERGE flag from bio to request (bsc#1030070).
- block: get rid of blk_integrity_revalidate() (4.4.68 stable queue).
- bna: add missing per queue ethtool stat (bsc#966321).
- bna: avoid writing uninitialized data into hw registers (bsc#966321).
- bna: integer overflow bug in debugfs (bsc#966321).
- bnxt_en: allocate enough space for ->ntp_fltr_bmap (bsc#1020412
FATE#321671).
- bonding: avoid defaulting hard_header_len to ETH_HLEN on slave removal
(bsc#1042286).
- bonding: do not use stale speed and duplex information (bsc#1042286).
- bonding: prevent out of bound accesses (bsc#1042286).
- bpf, arm64: fix jit branch offset related to ldimm64 (4.4.68 stable
queue).
- brcmfmac: add fallback for devices that do not report per-chain values
(bsc#1043231).
- brcmfmac: avoid writing channel out of allocated array (bsc#1043231).
- brcmfmac: Ensure pointer correctly set if skb data location changes
(4.4.68 stable queue).
- brcmfmac: Make skb header writable before use (4.4.68 stable queue).
- brcmfmac: restore stopping netdev queue when bus clogs up (bsc#1031717).
- btrfs: add a flags field to btrfs_fs_info (bsc#1012452).
- btrfs: add ASSERT for block group's memory leak (bsc#1012452).
- btrfs: add btrfs_trans_handle->fs_info pointer (bsc#1012452).
- btrfs: add bytes_readonly to the spaceinfo at once (bsc#1012452).
- btrfs: add check to sysfs handler of label (bsc#1012452).
- btrfs: add dynamic debug support (bsc#1012452).
- btrfs: add error handling for extent buffer in print tree (bsc#1012452).
- btrfs: add missing bytes_readonly attribute file in sysfs (bsc#1012452).
- btrfs: add missing check for writeback errors on fsync (bsc#1012452).
- btrfs: add more validation checks for superblock (bsc#1012452).
- btrfs: Add ratelimit to btrfs printing (bsc#1012452).
- btrfs: add read-only check to sysfs handler of features (bsc#1012452).
- btrfs: add semaphore to synchronize direct IO writes with fsync
(bsc#1012452).
- btrfs: add tracepoint for adding block groups (bsc#1012452).
- btrfs: add tracepoints for flush events (bsc#1012452).
- btrfs: add transaction space reservation tracepoints (bsc#1012452).
- btrfs: add validadtion checks for chunk loading (bsc#1012452).
- btrfs: add write protection to SET_FEATURES ioctl (bsc#1012452).
- btrfs: allow balancing to dup with multi-device (bsc#1012452).
- btrfs: always reserve metadata for delalloc extents (bsc#1012452).
- btrfs: always use trans->block_rsv for orphans (bsc#1012452).
- btrfs: avoid blocking open_ctree from cleaner_kthread (bsc#1012452).
- btrfs: avoid deadlocks during reservations in btrfs_truncate_block
(bsc#1012452).
- btrfs: avoid overflowing f_bfree (bsc#1012452).
- btrfs: avoid uninitialized variable warning (bsc#1012452).
- btrfs: btrfs_abort_transaction, drop root parameter (bsc#1012452).
- btrfs: __btrfs_buffered_write: Pass valid file offset when releasing
delalloc space (bsc#1012452).
- btrfs: __btrfs_buffered_write: Reserve/release extents aligned to block
size (bsc#1012452).
- btrfs: btrfs_check_super_valid: Allow 4096 as stripesize (bsc#1012452).
- btrfs: btrfs_debug should consume fs_info when DEBUG is not defined
(bsc#1012452).
- btrfs: btrfs_ioctl_clone: Truncate complete page after performing clone
operation (bsc#1012452).
- btrfs: btrfs_page_mkwrite: Reserve space in sectorsized units
(bsc#1012452).
- btrfs: btrfs_relocate_chunk pass extent_root to btrfs_end_transaction
(bsc#1012452).
- btrfs: btrfs_submit_direct_hook: Handle map_length < bio vector length
(bsc#1012452).
- btrfs: build fixup for qgroup_account_snapshot (bsc#1012452).
- btrfs: change BUG_ON()'s to ASSERT()'s in backref_cache_cleanup()
(bsc#1012452).
- btrfs: change delayed reservation fallback behavior (bsc#1012452).
- btrfs: change how we calculate the global block rsv (bsc#1012452).
- btrfs: change how we update the global block rsv (bsc#1012452).
- btrfs: check btree node's nritems (bsc#1012452).
- btrfs: check if extent buffer is aligned to sectorsize (bsc#1012452).
- btrfs: check inconsistence between chunk and block group (bsc#1012452).
- btrfs: check reserved when deciding to background flush (bsc#1012452).
- btrfs: clarify do_chunk_alloc()'s return value (bsc#1012452).
- btrfs: Clean pte corresponding to page straddling i_size (bsc#1012452).
- btrfs: clean the old superblocks before freeing the device (bsc#1012452).
- btrfs: clean up and optimize __check_raid_min_device() (bsc#1012452).
- btrfs: cleanup assigning next active device with a check (bsc#1012452).
- btrfs: cleanup BUG_ON in merge_bio (bsc#1012452).
- btrfs: Cleanup compress_file_range() (bsc#1012452).
- btrfs: cleanup error handling in extent_write_cached_pages (bsc#1012452).
- btrfs: clear uptodate flags of pages in sys_array eb (bsc#1012452).
- btrfs: clone: use vmalloc only as fallback for nodesize bufer
(bsc#1012452).
- btrfs: Compute and look up csums based on sectorsized blocks
(bsc#1012452).
- btrfs: convert nodesize macros to static inlines (bsc#1012452).
- btrfs: convert printk(KERN_* to use pr_* calls (bsc#1012452).
- btrfs: convert pr_* to btrfs_* where possible (bsc#1012452).
- btrfs: convert send's verbose_printk to btrfs_debug (bsc#1012452).
- btrfs: copy_to_sk drop unused root parameter (bsc#1012452).
- btrfs: create a helper function to read the disk super (bsc#1012452).
- btrfs: create example debugfs file only in debugging build (bsc#1012452).
- btrfs: create helper btrfs_find_device_by_user_input() (bsc#1012452).
- btrfs: create helper function __check_raid_min_devices() (bsc#1012452).
- btrfs: csum_tree_block: return proper errno value (bsc#1012452).
- btrfs: detect corruption when non-root leaf has zero item (bsc#1012452).
- btrfs: device add and remove: use GFP_KERNEL (bsc#1012452).
- btrfs: Direct I/O read: Work on sectorsized blocks (bsc#1012452).
- btrfs: disable possible cause of premature ENOSPC (bsc#1040182)
- btrfs: divide btrfs_update_reserved_bytes() into two functions
(bsc#1012452).
- btrfs: do not background blkdev_put() (bsc#1012452).
- btrfs: do not bother kicking async if there's nothing to reclaim
(bsc#1012452).
- btrfs: do not BUG_ON() in btrfs_orphan_add (bsc#1012452).
- btrfs: do not create empty block group if we have allocated data
(bsc#1012452).
- btrfs: do not decrease bytes_may_use when replaying extents
(bsc#1012452).
- btrfs: do not do nocow check unless we have to (bsc#1012452).
- btrfs: do not do unnecessary delalloc flushes when relocating
(bsc#1012452).
- btrfs: do not force mounts to wait for cleaner_kthread to delete one or
more subvolumes (bsc#1012452).
- btrfs: do not wait for unrelated IO to finish before relocation
(bsc#1012452).
- btrfs: do not WARN() in btrfs_transaction_abort() for IO errors
(bsc#1035866).
- btrfs: do not write corrupted metadata blocks to disk (bsc#1012452).
- btrfs: end transaction if we abort when creating uuid root (bsc#1012452).
- btrfs: enhance btrfs_find_device_by_user_input() to check device path
(bsc#1012452).
- btrfs: error out if generic_bin_search get invalid arguments
(bsc#1012452).
- btrfs: expand cow_file_range() to support in-band dedup and
subpage-blocksize (bsc#1012452).
- btrfs: extend btrfs_set_extent_delalloc and its friends to support
in-band dedupe and subpage size patchset (bsc#1012452).
- btrfs: extent same: use GFP_KERNEL for page array allocations
(bsc#1012452).
- btrfs: fallback to vmalloc in btrfs_compare_tree (bsc#1012452).
- btrfs: fallocate: use GFP_KERNEL (bsc#1012452).
- btrfs: fallocate: Work with sectorsized blocks (bsc#1012452).
- btrfs: fill relocation block rsv after allocation (bsc#1012452).
- btrfs: fix an integer overflow check (bsc#1012452).
- btrfs: fix a possible umount deadlock (bsc#1012452).
- btrfs: Fix block size returned to user space (bsc#1012452).
- btrfs: fix btrfs_no_printk stub helper (bsc#1012452).
- btrfs: Fix BUG_ON condition in scrub_setup_recheck_block() (bsc#1012452).
- btrfs: fix BUG_ON in btrfs_mark_buffer_dirty (bsc#1012452).
- btrfs: fix BUG_ON in btrfs_submit_compressed_write (bsc#1012452).
- btrfs: fix build warning (bsc#1012452).
- btrfs: fix callers of btrfs_block_rsv_migrate (bsc#1012452).
- btrfs: fix check_direct_IO() for non-iovec iterators (bsc#1012452).
- btrfs: fix check_shared for fiemap ioctl (bsc#1037177).
- btrfs: fix crash when tracepoint arguments are freed by wq callbacks
(bsc#1012452).
- btrfs: fix data loss after truncate when using the no-holes feature
(bsc#1036214).
- btrfs: fix deadlock in delayed_ref_async_start (bsc#1012452).
- btrfs: fix delalloc accounting after copy_from_user faults (bsc#1012452).
- btrfs: fix delalloc reservation amount tracepoint (bsc#1012452).
- btrfs: fix disk_i_size update bug when fallocate() fails (bsc#1012452).
- btrfs: fix divide error upon chunk's stripe_len (bsc#1012452).
- btrfs: fix double free of fs root (bsc#1012452).
- btrfs: fix eb memory leak due to readpage failure (bsc#1012452).
- btrfs: fix em leak in find_first_block_group (bsc#1012452).
- btrfs: fix emptiness check for dirtied extent buffers at check_leaf()
(bsc#1012452).
- btrfs: fix error handling in map_private_extent_buffer (bsc#1012452).
- btrfs: fix error return code in btrfs_init_test_fs() (bsc#1012452).
- btrfs: fix extent_same allowing destination offset beyond i_size
(bsc#1012452).
- btrfs: fix free space calculation in dump_space_info() (bsc#1012452).
- btrfs: fix fsfreeze hang caused by delayed iputs deal (bsc#1012452).
- btrfs: fix fspath error deallocation (bsc#1012452).
- btrfs: fix handling of faults from btrfs_copy_from_user (bsc#1012452).
- btrfs: fix int32 overflow in shrink_delalloc() (bsc#1012452).
- btrfs: Fix integer overflow when calculating bytes_per_bitmap
(bsc#1012452).
- btrfs: fix invalid dereference in btrfs_retry_endio (bsc#1040395).
- btrfs: fix invalid reference in replace_path (bsc#1012452).
- btrfs: fix listxattrs not listing all xattrs packed in the same item
(bsc#1012452).
- btrfs: fix lockdep deadlock warning due to dev_replace (bsc#1012452).
- btrfs: fix lock dep warning, move scratch dev out of device_list_mutex
and uuid_mutex (bsc#1012452).
- btrfs: fix lock dep warning move scratch super outside of chunk_mutex
(bsc#1012452).
- btrfs: fix __MAX_CSUM_ITEMS (bsc#1012452).
- btrfs: fix memory leak during RAID 5/6 device replacement (bsc#1012452).
- btrfs: fix memory leak of block group cache (bsc#1012452).
- btrfs: fix memory leak of reloc_root (bsc#1012452).
- btrfs: fix mixed block count of available space (bsc#1012452).
- btrfs: fix one bug that process may endlessly wait for ticket in
wait_reserve_ticket() (bsc#1012452).
- btrfs: fix panic in balance due to EIO (bsc#1012452).
- btrfs: fix race between block group relocation and nocow writes
(bsc#1012452).
- btrfs: fix race between device replace and block group removal
(bsc#1012452).
- btrfs: fix race between device replace and chunk allocation
(bsc#1012452).
- btrfs: fix race between device replace and discard (bsc#1012452).
- btrfs: fix race between device replace and read repair (bsc#1012452).
- btrfs: fix race between fsync and direct IO writes for prealloc extents
(bsc#1012452).
- btrfs: fix race between readahead and device replace/removal
(bsc#1012452).
- btrfs: fix race setting block group back to RW mode during device
replace (bsc#1012452).
- btrfs: fix race setting block group readonly during device replace
(bsc#1012452).
- btrfs: fix read_node_slot to return errors (bsc#1012452).
- btrfs: fix release reserved extents trace points (bsc#1012452).
- btrfs: fix segmentation fault when doing dio read (bsc#1040425).
- btrfs: Fix slab accounting flags (bsc#1012452).
- btrfs: fix truncate_space_check (bsc#1012452).
- btrfs: fix unexpected return value of fiemap (bsc#1012452).
- btrfs: fix unprotected assignment of the left cursor for device replace
(bsc#1012452).
- btrfs: fix WARNING in btrfs_select_ref_head() (bsc#1012452).
- btrfs: flush_space: treat return value of do_chunk_alloc properly
(bsc#1012452).
- btrfs: Force stripesize to the value of sectorsize (bsc#1012452).
- btrfs: free sys_array eb as soon as possible (bsc#1012452).
- btrfs: GFP_NOFS does not GFP_HIGHMEM (bsc#1012452).
- btrfs: Handle uninitialised inode eviction (bsc#1012452).
- btrfs: hide test-only member under ifdef (bsc#1012452).
- btrfs: improve check_node to avoid reading corrupted nodes (bsc#1012452).
- btrfs: Improve FL_KEEP_SIZE handling in fallocate (bsc#1012452).
- btrfs: introduce BTRFS_MAX_ITEM_SIZE (bsc#1012452).
- btrfs: introduce device delete by devid (bsc#1012452).
- btrfs: introduce raid-type to error-code table, for minimum device
constraint (bsc#1012452).
- btrfs: introduce ticketed enospc infrastructure (bsc#1012452).
- btrfs: introduce tickets_id to determine whether asynchronous metadata
reclaim work makes progress (bsc#1012452).
- btrfs: ioctl: reorder exclusive op check in RM_DEV (bsc#1012452).
- btrfs: kill BUG_ON in do_relocation (bsc#1012452).
- btrfs: kill BUG_ON in run_delayed_tree_ref (bsc#1012452).
- btrfs: kill BUG_ON()'s in btrfs_mark_extent_written (bsc#1012452).
- btrfs: kill invalid ASSERT() in process_all_refs() (bsc#1012452).
- btrfs: kill the start argument to read_extent_buffer_pages (bsc#1012452).
- btrfs: kill unused writepage_io_hook callback (bsc#1012452).
- btrfs: let callers of btrfs_alloc_root pass gfp flags (bsc#1012452).
- btrfs: Limit inline extents to root->sectorsize (bsc#1012452).
- btrfs: make find_workspace always succeed (bsc#1012452).
- btrfs: make find_workspace warn if there are no workspaces (bsc#1012452).
- btrfs: make mapping->writeback_index point to the last written page
(bsc#1012452).
- btrfs: make state preallocation more speculative in __set_extent_bit
(bsc#1012452).
- btrfs: make sure device is synced before return (bsc#1012452).
- btrfs: make sure we stay inside the bvec during __btrfs_lookup_bio_sums
(bsc#1012452).
- btrfs: make use of btrfs_find_device_by_user_input() (bsc#1012452).
- btrfs: make use of btrfs_scratch_superblocks() in btrfs_rm_device()
(bsc#1012452).
- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
- btrfs: memset to avoid stale content in btree leaf (bsc#1012452).
- btrfs: memset to avoid stale content in btree node block (bsc#1012452).
- btrfs: move error handling code together in ctree.h (bsc#1012452).
- btrfs: optimize check for stale device (bsc#1012452).
- btrfs: Output more info for enospc_debug mount option (bsc#1012452).
- btrfs: parent_start initialization cleanup (bsc#1012452).
- btrfs: pass correct args to btrfs_async_run_delayed_refs() (bsc#1012452).
- btrfs: pass number of devices to btrfs_check_raid_min_devices
(bsc#1012452).
- btrfs: pass the right error code to the btrfs_std_error (bsc#1012452).
- btrfs: preallocate compression workspaces (bsc#1012452).
- btrfs: Print Warning only if ENOSPC_DEBUG is enabled (bsc#1012452).
- btrfs: Ratelimit "no csum found" info message (bsc#1012452).
- btrfs: reada: add all reachable mirrors into reada device list
(bsc#1012452).
- btrfs: reada: Add missed segment checking in reada_find_zone
(bsc#1012452).
- btrfs: reada: Avoid many times of empty loop (bsc#1012452).
- btrfs: reada: avoid undone reada extents in btrfs_reada_wait
(bsc#1012452).
- btrfs: reada: bypass adding extent when all zone failed (bsc#1012452).
- btrfs: reada: Fix a debug code typo (bsc#1012452).
- btrfs: reada: Fix in-segment calculation for reada (bsc#1012452).
- btrfs: reada: ignore creating reada_extent for a non-existent device
(bsc#1012452).
- btrfs: reada: Jump into cleanup in direct way for __readahead_hook()
(bsc#1012452).
- btrfs: reada: limit max works count (bsc#1012452).
- btrfs: reada: Move is_need_to_readahead contition earlier (bsc#1012452).
- btrfs: reada: move reada_extent_put to place after __readahead_hook()
(bsc#1012452).
- btrfs: reada: Pass reada_extent into __readahead_hook directly
(bsc#1012452).
- btrfs: reada: reduce additional fs_info->reada_lock in reada_find_zone
(bsc#1012452).
- btrfs: reada: Remove level argument in severial functions (bsc#1012452).
- btrfs: reada: simplify dev->reada_in_flight processing (bsc#1012452).
- btrfs: reada: Use fs_info instead of root in __readahead_hook's argument
(bsc#1012452).
- btrfs: reada: use GFP_KERNEL everywhere (bsc#1012452).
- btrfs: readdir: use GFP_KERNEL (bsc#1012452).
- btrfs: refactor btrfs_dev_replace_start for reuse (bsc#1012452).
- btrfs: Refactor btrfs_lock_cluster() to kill compiler warning
(bsc#1012452).
- btrfs: remove BUG() in raid56 (bsc#1012452).
- btrfs: remove BUG_ON in start_transaction (bsc#1012452).
- btrfs: remove BUG_ON()'s in btrfs_map_block (bsc#1012452).
- btrfs: remove build fixup for qgroup_account_snapshot (bsc#1012452).
- btrfs: remove redundant error check (bsc#1012452).
- btrfs: remove save_error_info() (bsc#1012452).
- btrfs: remove unnecessary btrfs_mark_buffer_dirty in split_leaf
(bsc#1012452).
- btrfs: remove unused function btrfs_assert() (bsc#1012452).
- btrfs: rename and document compression workspace members (bsc#1012452).
- btrfs: rename btrfs_find_device_by_user_input (bsc#1012452).
- btrfs: rename btrfs_std_error to btrfs_handle_fs_error (bsc#1012452).
- btrfs: rename __check_raid_min_devices (bsc#1012452).
- btrfs: rename flags for vol args v2 (bsc#1012452).
- btrfs: reorg btrfs_close_one_device() (bsc#1012452).
- btrfs: Replace -ENOENT by -ERANGE in btrfs_get_acl() (bsc#1012452).
- btrfs: Reset IO error counters before start of device replacing
(bsc#1012452).
- btrfs: reuse existing variable in scrub_stripe, reduce stack usage
(bsc#1012452).
- btrfs: Round down values which are written for total_bytes_size
(bsc#1043912).
- btrfs: s_bdev is not null after missing replace (bsc#1012452).
- btrfs: scrub: Set bbio to NULL before calling btrfs_map_block
(bsc#1012452).
- btrfs: scrub: use GFP_KERNEL on the submission path (bsc#1012452).
- btrfs: Search for all ordered extents that could span across a page
(bsc#1012452).
- btrfs: send: silence an integer overflow warning (bsc#1012452).
- btrfs: send: use GFP_KERNEL everywhere (bsc#1012452).
- btrfs: send: use temporary variable to store allocation size
(bsc#1012452).
- btrfs: send: use vmalloc only as fallback for clone_roots (bsc#1012452).
- btrfs: send: use vmalloc only as fallback for clone_sources_tmp
(bsc#1012452).
- btrfs: send: use vmalloc only as fallback for read_buf (bsc#1012452).
- btrfs: send: use vmalloc only as fallback for send_buf (bsc#1012452).
- btrfs: Simplify conditions about compress while mapping btrfs flags to
inode flags (bsc#1012452).
- btrfs: sink gfp parameter to clear_extent_bits (bsc#1012452).
- btrfs: sink gfp parameter to clear_extent_dirty (bsc#1012452).
- btrfs: sink gfp parameter to clear_record_extent_bits (bsc#1012452).
- btrfs: sink gfp parameter to convert_extent_bit (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_bits (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_defrag (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_delalloc (bsc#1012452).
- btrfs: sink gfp parameter to set_extent_new (bsc#1012452).
- btrfs: sink gfp parameter to set_record_extent_bits (bsc#1012452).
- btrfs: skip commit transaction if we do not have enough pinned bytes
(bsc#1037186).
- btrfs: subpage-blocksize: Rate limit scrub error message (bsc#1012452).
- btrfs: switch to common message helpers in open_ctree, adjust messages
(bsc#1012452).
- btrfs: switch to kcalloc in btrfs_cmp_data_prepare (bsc#1012452).
- btrfs: sysfs: protect reading label by lock (bsc#1012452).
- btrfs: trace pinned extents (bsc#1012452).
- btrfs: track transid for delayed ref flushing (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, document subvol flags (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move balance flags (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move BTRFS_LABEL_SIZE (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move feature flags (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, move struct
btrfs_ioctl_defrag_range_args (bsc#1012452).
- btrfs: uapi/linux/btrfs.h migration, qgroup limit flags (bsc#1012452).
- btrfs: uapi/linux/btrfs_tree.h migration, item types and defines
(bsc#1012452).
- btrfs: uapi/linux/btrfs_tree.h, use __u8 and __u64 (bsc#1012452).
- btrfs: unsplit printed strings (bsc#1012452).
- btrfs: untangle gotos a bit in __clear_extent_bit (bsc#1012452).
- btrfs: untangle gotos a bit in convert_extent_bit (bsc#1012452).
- btrfs: untangle gotos a bit in __set_extent_bit (bsc#1012452).
- btrfs: update btrfs_space_info's bytes_may_use timely (bsc#1012452).
- btrfs: Use correct format specifier (bsc#1012452).
- btrfs: use correct offset for reloc_inode in
prealloc_file_extent_cluster() (bsc#1012452).
- btrfs: use dynamic allocation for root item in create_subvol
(bsc#1012452).
- btrfs: Use (eb->start, seq) as search key for tree modification log
(bsc#1012452).
- btrfs: use existing device constraints table btrfs_raid_array
(bsc#1012452).
- btrfs: use FLUSH_LIMIT for relocation in reserve_metadata_bytes
(bsc#1012452).
- btrfs: use fs_info directly (bsc#1012452).
- btrfs: use new error message helper in qgroup_account_snapshot
(bsc#1012452).
- btrfs: use proper type for failrec in extent_state (bsc#1012452).
- btrfs: use root when checking need_async_flush (bsc#1012452).
- btrfs: use the correct struct for BTRFS_IOC_LOGICAL_INO (bsc#1012452).
- btrfs: Use __u64 in exported linux/btrfs.h (bsc#1012452).
- btrfs: warn_on for unaccounted spaces (bsc#1012452).
- ceph: check i_nlink while converting a file handle to dentry
(bsc#1039864).
- ceph: Check that the new inode size is within limits in ceph_fallocate()
(bsc#1037969).
- ceph: Correctly return NXIO errors from ceph_llseek (git-fixes).
- ceph: fix file open flags on ppc64 (bsc#1022266).
- ceph: fix memory leak in __ceph_setxattr() (bsc#1036763).
- ceph: fix potential use-after-free (bsc#1043371).
- ceph: fix recursively call between ceph_set_acl and __ceph_setattr
(bsc#1034902).
- ceph: memory leak in ceph_direct_read_write callback (bsc#1041810).
- cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode
(bsc#1012829).
- cgroup: remove redundant cleanup in css_create (bsc#1012829).
- cifs: backport prepath matching fix (bsc#799133).
- cifs: small underflow in cnvrtDosUnixTm() (bnc#1043935).
- clk: Make x86/ conditional on CONFIG_COMMON_CLK (4.4.68 stable queue).
- cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
(4.4.68 stable queue).
- crypto: algif_aead - Require setkey before accept(2) (bsc#1031717).
- crypto: sha-mb - Fix load failure (bsc#1037384).
- cxgb4: Add control net_device for configuring PCIe VF (bsc#1021424).
- cxgb4: Add llseek operation for flash debugfs entry (bsc#1021424).
- cxgb4: add new routine to get adapter info (bsc#1021424).
- cxgb4: Add PCI device ID for new adapter (bsc#1021424).
- cxgb4: Add port description for new cards (bsc#1021424).
- cxgb4: Add support to enable logging of firmware mailbox commands
(bsc#1021424).
- cxgb4: Check for firmware errors in the mailbox command loop
(bsc#1021424).
- cxgb4: correct device ID of T6 adapter (bsc#1021424).
- cxgb4/cxgb4vf: Add set VF mac address support (bsc#1021424).
- cxgb4/cxgb4vf: Allocate more queues for 25G and 100G adapter
(bsc#1021424).
- cxgb4/cxgb4vf: Assign netdev->dev_port with port ID (bsc#1021424).
- cxgb4/cxgb4vf: Display 25G and 100G link speed (bsc#1021424).
- cxgb4/cxgb4vf: Remove deprecated module parameters (bsc#1021424).
- cxgb4: DCB message handler needs to use correct portid to netdev mapping
(bsc#1021424).
- cxgb4: Decode link down reason code obtained from firmware (bsc#1021424).
- cxgb4: Do not assume FW_PORT_CMD reply is always port info msg
(bsc#1021424).
- cxgb4: do not call napi_hash_del() (bsc#1021424).
- cxgb4: Do not sleep when mbox cmd is issued from interrupt context
(bsc#1021424).
- cxgb4: Enable SR-IOV configuration via PCI sysfs interface (bsc#1021424).
- cxgb4: Fix issue while re-registering VF mgmt netdev (bsc#1021424).
- cxgb4: MU requested by Chelsio (bsc#1021424).
- cxgb4: Properly decode port module type (bsc#1021424).
- cxgb4: Refactor t4_port_init function (bsc#1021424).
- cxgb4: Reset dcb state machine and tx queue prio only if dcb is enabled
(bsc#1021424).
- cxgb4: Support compressed error vector for T6 (bsc#1021424).
- cxgb4: Synchronize access to mailbox (bsc#1021424).
- cxgb4: update latest firmware version supported (bsc#1021424).
- dell-laptop: Adds support for keyboard backlight timeout AC settings
(bsc#1013561).
- Disable CONFIG_POWER_SUPPLY_DEBUG in debug kernel (bsc#1031500).
- dmaengine: dw: fix typo in Kconfig (bsc#1031717).
- dm: fix dm_target_io leak if clone_bio() returns an error (bsc#1040125).
- dm-mpath: fix race window in do_end_io() (bsc#1011044).
- dm: remove dummy dm_table definition (bsc#1045307)
- dm round robin: do not use this_cpu_ptr() without having preemption
disabled (bsc#1040125).
- dm verity fec: fix block calculation (bsc#1040125).
- dm verity fec: fix bufio leaks (bsc#1040125).
- dm verity fec: limit error correction recursion (bsc#1040125).
- drivers: base: dma-mapping: Fix typo in dmam_alloc_non_coherent comments
(bsc#1031717).
- Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()
(fate#320485, bsc#1023287, bsc#1028217).
- drivers/tty: 8250: only call fintek_8250_probe when doing port I/O
(bsc#1031717).
- drm/i915: Disable tv output on i9x5gm (bsc#1039700).
- drm/i915: Do not touch NULL sg on i915_gem_object_get_pages_gtt() error
(bsc#1031717).
- drm/i915: Fix mismatched INIT power domain disabling during suspend
(bsc#1031717).
- drm/i915: Introduce Kabypoint PCH for Kabylake H/DT (bsc#1032581).
- drm/i915: Nuke debug messages from the pipe update critical section
(bsc#1031717).
- drm/i915: Program iboost settings for HDMI/DVI on SKL (bsc#1031717).
- drm/i915: relax uncritical udelay_range() (bsc#1031717).
- drm/i915: relax uncritical udelay_range() settings (bsc#1031717).
- drm/i915: Use pagecache write to prepopulate shmemfs from pwrite-ioctl
(bsc#1040463).
- drm/mgag200: Fix to always set HiPri for G200e4 (bsc#1015452,
bsc#995542).
- drm/nouveau/tmr: fully separate alarm execution/pending lists
(bsc#1043467).
- drm/ttm: fix use-after-free races in vm fault handling (4.4.68 stable
queue).
- e1000e: Do not return uninitialized stats (bug#1034635).
- efi: Do not issue error message when booted under Xen (bnc#1036638).
- enic: set skb->hash type properly (bsc#922871 fate#318754).
- ext4: fix data corruption for mmap writes (bsc#1012829).
- ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO (bsc#1012829).
- ext4: fix use-after-iput when fscrypt contexts are inconsistent
(bsc#1012829).
- f2fs: fix bad prefetchw of NULL page (bsc#1012829).
- f2fs: sanity check segment count (4.4.68 stable queue).
- Fix kabi after adding new field to struct mddev (bsc#1040351).
- Fix soft lockup in svc_rdma_send (bsc#1044854).
- fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920).
- fs/block_dev: always invalidate cleancache in invalidate_bdev()
(git-fixes).
- fs: fix data invalidation in the cleancache during direct IO (git-fixes).
- fs/xattr.c: zero out memory copied to userspace in getxattr (git-fixes).
- ftrace: Make ftrace_location_range() global (FATE#322421).
- fuse: fix clearing suid, sgid for chown() (bsc#1012829).
- hpsa: limit transfer length to 1MB (bsc#1025461).
- hwpoison, memcg: forcibly uncharge LRU pages (bnc#1046105).
- ib/addr: Fix setting source address in addr6_resolve() (bsc#1044082).
- ib/core: Fix kernel crash during fail to initialize device (bsc#1022595).
- ib/core: For multicast functions, verify that LIDs are multicast LIDs
(bsc#1022595).
- ib/core: If the MGID/MLID pair is not on the list return an error
(bsc#1022595).
- ib/ipoib: Fix deadlock between ipoib_stop and mcast join flow
(bsc#1022595).
- ib/ipoib: Fix memory leak in create child syscall (bsc#1022595).
- ib/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172
bsc#966191).
- ib/mlx5: Check supported flow table size (bsc#966170 bsc#966172
bsc#966191).
- ib/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191).
- ib/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172
bsc#966191).
- ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767).
- ibmvnic: Add set_link_state routine for setting adapter link state
(fate#322021, bsc#1031512).
- ibmvnic: Allocate number of rx/tx buffers agreed on by firmware
(fate#322021, bsc#1031512).
- ibmvnic: Allocate zero-filled memory for sub crqs (fate#322021,
bsc#1031512).
- ibmvnic: Call napi_disable instead of napi_enable in failure path
(fate#322021, bsc#1031512).
- ibmvnic: Check adapter state during ibmvnic_poll (fate#322021,
bsc#1040855).
- ibmvnic: Check for driver reset first in ibmvnic_xmit (fate#322021,
bsc#1038297).
- ibmvnic: Cleanup failure path in ibmvnic_open (fate#322021, bsc#1031512).
- ibmvnic: Clean up tx pools when closing (fate#322021, bsc#1038297).
- ibmvnic: Client-initiated failover (bsc#1043990).
- ibmvnic: Continue skb processing after skb completion error
(fate#322021, bsc#1038297).
- ibmvnic: Correct crq and resource releasing (fate#322021, bsc#1031512).
- ibmvnic: Correct ibmvnic handling of device open/close (fate#322021,
bsc#1031512).
- ibmvnic: Correct return code checking for ibmvnic_init during probe
(bsc#1045286).
- ibmvnic: Create init and release routines for the bounce buffer
(fate#322021, bsc#1031512).
- ibmvnic: Create init and release routines for the rx pool (fate#322021,
bsc#1031512).
- ibmvnic: Create init and release routines for the tx pool (fate#322021,
bsc#1031512).
- ibmvnic: Create init/release routines for stats token (fate#322021,
bsc#1031512).
- ibmvnic: Deactivate RX pool buffer replenishment on H_CLOSED
(fate#322021, bsc#1040855).
- ibmvnic: Delete napi's when releasing driver resources (fate#322021,
bsc#1038297).
- ibmvnic: Disable irq prior to close (fate#322021, bsc#1031512).
- ibmvnic: Do not disable IRQ after scheduling tasklet (fate#322021,
bsc#1031512).
- ibmvnic: driver initialization for kdump/kexec (bsc#1044772).
- ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close
(bsc#1044767).
- ibmvnic: Exit polling routine correctly during adapter reset
(bsc#1044767).
- ibmvnic: Fix assignment of RX/TX IRQ's (bsc#1046589).
- ibmvnic: Fix cleanup of SKB's on driver close (fate#322021, bsc#1040855).
- ibmvnic: Fix endian errors in error reporting output (fate#322021,
bsc#1031512).
- ibmvnic: Fix endian error when requesting device capabilities
(fate#322021, bsc#1031512).
- ibmvnic: Fix error handling when registering long-term-mapped buffers
(bsc#1045568).
- ibmvnic: Fix ibmvnic_change_mac_addr struct format (fate#322021,
bsc#1031512).
- ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure
(bsc#1045568).
- ibmvnic: Fix initial MTU settings (bsc#1031512).
- ibmvnic: fix missing unlock on error in __ibmvnic_reset() (fate#322021,
bsc#1038297, Fixes: ed651a10875f).
- ibmvnic: Fix overflowing firmware/hardware TX queue (fate#322021,
bsc#1031512).
- ibmvnic: Fixup atomic API usage (fate#322021, bsc#1031512).
- ibmvnic: Free skb's in cases of failure in transmit (fate#322021,
bsc#1031512).
- ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs
(fate#322021, bsc#1031512).
- ibmvnic: Halt TX and report carrier off on H_CLOSED return code
(fate#322021, bsc#1040855).
- ibmvnic: Handle failover after failed init crq (fate#322021,
bsc#1040855).
- ibmvnic: Handle processing of CRQ messages in a tasklet (fate#322021,
bsc#1031512).
- ibmvnic: Initialize completion variables before starting work
(fate#322021, bsc#1031512).
- ibmvnic: Insert header on VLAN tagged received frame (fate#322021,
bsc#1031512).
- ibmvnic: Make CRQ interrupt tasklet wait for all capabilities crqs
(fate#322021, bsc#1031512).
- ibmvnic: Merge the two release_sub_crq_queue routines (fate#322021,
bsc#1031512).
- ibmvnic: Move ibmvnic adapter intialization to its own routine
(fate#322021, bsc#1031512).
- ibmvnic: Move initialization of sub crqs to ibmvnic_init (fate#322021,
bsc#1031512).
- ibmvnic: Move initialization of the stats token to ibmvnic_open
(fate#322021, bsc#1031512).
- ibmvnic: Move login and queue negotiation into ibmvnic_open
(fate#322021, bsc#1031512).
- ibmvnic: Move login to its own routine (fate#322021, bsc#1031512).
- ibmvnic: Move queue restarting in ibmvnic_tx_complete (fate#322021,
bsc#1038297).
- ibmvnic: Move resource initialization to its own routine (fate#322021,
bsc#1038297).
- ibmvnic: Non-fatal error handling (fate#322021, bsc#1040855).
- ibmvnic: Only retrieve error info if present (fate#322021, bsc#1031512).
- ibmvnic: Record SKB RX queue during poll (fate#322021, bsc#1038297).
- ibmvnic: Remove debugfs support (fate#322021, bsc#1031512).
- ibmvnic: Remove inflight list (fate#322021, bsc#1031512).
- ibmvnic: Remove module author mailing address (bsc#1045467).
- ibmvnic: Remove netdev notify for failover resets (bsc#1044120).
- ibmvnic: Remove unused bouce buffer (fate#322021, bsc#1031512).
- ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767).
- ibmvnic: Replace is_closed with state field (fate#322021, bsc#1038297).
- ibmvnic: Report errors when failing to release sub-crqs (fate#322021,
bsc#1031512).
- ibmvnic: Reset sub-crqs during driver reset (fate#322021, bsc#1040855).
- ibmvnic: Reset the CRQ queue during driver reset (fate#322021,
bsc#1040855).
- ibmvnic: Reset tx/rx pools on driver reset (fate#322021, bsc#1040855).
- ibmvnic: Return failure on attempted mtu change (bsc#1043236).
- ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN state
(bsc#1045235).
- ibmvnic: Sanitize entire SCRQ buffer on reset (bsc#1044767).
- ibmvnic: Send gratuitous arp on reset (fate#322021, bsc#1040855).
- ibmvnic: Set real number of rx queues (fate#322021, bsc#1031512).
- ibmvnic: Split initialization of scrqs to its own routine (fate#322021,
bsc#1031512).
- ibmvnic: Track state of adapter napis (fate#322021, bsc#1040855).
- ibmvnic: Unmap longer term buffer before free (fate#322021, bsc#1031512).
- ibmvnic: Updated reset handling (fate#322021, bsc#1038297).
- ibmvnic: Update main crq initialization and release (fate#322021,
bsc#1031512).
- ibmvnic: Use common counter for capabilities checks (fate#322021,
bsc#1031512).
- ibmvnic: use max_mtu instead of req_mtu for MTU range check
(bsc#1031512).
- ibmvnic: Validate napi exist before disabling them (fate#322021,
bsc#1031512).
- ibmvnic: Wait for any pending scrqs entries at driver close
(fate#322021, bsc#1038297).
- ibmvnic: Whitespace correction in release_rx_pools (fate#322021,
bsc#1038297).
- iio: hid-sensor: Store restore poll and hysteresis on S3 (bsc#1031717).
- infiniband: avoid dereferencing uninitialized dst on error path
(git-fixes).
- iommu/arm-smmu: Disable stalling faults for all endpoints (bsc#1038843).
- iommu/dma: Respect IOMMU aperture when allocating (bsc#1038842).
- iommu/exynos: Block SYSMMU while invalidating FLPD cache (bsc#1038848).
- iommu: Handle default domain attach failure (bsc#1038846).
- iommu/vt-d: Do not over-free page table directories (bsc#1038847).
- ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
(4.4.68 stable queue).
- ipv6: Do not use ufo handling on later transformed packets (bsc#1042286).
- ipv6: fix endianness error in icmpv6_err (bsc#1042286).
- ipv6: initialize route null entry in addrconf_init() (4.4.68 stable
queue).
- ipv6: release dst on error in ip6_dst_lookup_tail (git-fixes).
- ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf (4.4.68 stable
queue).
- isa: Call isa_bus_init before dependent ISA bus drivers register
(bsc#1031717).
- iscsi-target: Return error if unable to add network portal (bsc#1032803).
- iw_cxgb4: Fix error return code in c4iw_rdev_open() (bsc#1026570).
- iw_cxgb4: Guard against null cm_id in dump_ep/qp (bsc#1026570).
- iwlwifi: 8000: fix MODULE_FIRMWARE input.
- iwlwifi: 9000: increase the number of queues.
- iwlwifi: add device ID for 8265.
- iwlwifi: add device IDs for the 8265 device.
- iwlwifi: add disable_11ac module param.
- iwlwifi: add new 3168 series devices support.
- iwlwifi: add new 8260 PCI IDs.
- iwlwifi: add new 8265.
- iwlwifi: add new 8265 series PCI ID.
- iwlwifi: Add new PCI IDs for 9260 and 5165 series.
- iwlwifi: Add PCI IDs for the new 3168 series.
- iwlwifi: Add PCI IDs for the new series 8165.
- iwlwifi: add support for 12K Receive Buffers.
- iwlwifi: add support for getting HW address from CSR.
- iwlwifi: avoid d0i3 commands when no/init ucode is loaded.
- iwlwifi: bail out in case of bad trans state.
- iwlwifi: block the queues when we send ADD_STA for uAPSD.
- iwlwifi: change the Intel Wireless email address.
- iwlwifi: change the Intel Wireless email address.
- iwlwifi: check for valid ethernet address provided by OEM.
- iwlwifi: clean up transport debugfs handling.
- iwlwifi: clear ieee80211_tx_info->driver_data in the op_mode.
- iwlwifi: Document missing module options.
- iwlwifi: dump prph registers in a common place for all transports.
- iwlwifi: dvm: advertise NETIF_F_SG.
- iwlwifi: dvm: fix compare_const_fl.cocci warnings.
- iwlwifi: dvm: handle zero brightness for wifi LED.
- iwlwifi: dvm: remove a wrong dependency on m.
- iwlwifi: dvm: remove Kconfig default.
- iwlwifi: dvm: remove stray debug code.
- iwlwifi: export the _no_grab version of PRPH IO functions.
- iwlwifi: expose fw usniffer mode to more utilities.
- iwlwifi: fix double hyphen in MODULE_FIRMWARE for 8000.
- iwlwifi: Fix firmware name maximum length definition.
- iwlwifi: fix name of ucode loaded for 8265 series.
- iwlwifi: fix printf specifier.
- iwlwifi: generalize d0i3_entry_timeout module parameter.
- iwlwifi: mvm: adapt the firmware assert log to new firmware.
- iwlwifi: mvm: add 9000-series RX API.
- iwlwifi: mvm: add 9000 series RX processing.
- iwlwifi: mvm: add a non-trigger window to fw dbg triggers.
- iwlwifi: mvm: add an option to start rs from HT/VHT rates.
- iwlwifi: mvm: Add a station in monitor mode.
- iwlwifi: mvm: add bt rrc and ttc to debugfs.
- iwlwifi: mvm: add bt settings to debugfs.
- iwlwifi: mvm: add ctdp operations to debugfs.
- iwlwifi: mvm: add CT-KILL notification.
- iwlwifi: mvm: add debug print if scan config is ignored.
- iwlwifi: mvm: add extended dwell time.
- iwlwifi: mvm: add new ADD_STA command version.
- iwlwifi: mvm: Add P2P client snoozing.
- iwlwifi: mvm: add registration to cooling device.
- iwlwifi: mvm: add registration to thermal zone.
- iwlwifi: mvm: add support for negative temperatures.
- iwlwifi: mvm: add tlv for multi queue rx support.
- iwlwifi: mvm: add trigger for firmware dump upon TDLS events.
- iwlwifi: mvm: add trigger for firmware dump upon TX response status.
- iwlwifi: mvm: advertise NETIF_F_SG.
- iwlwifi: mvm: Align bt-coex priority with requirements.
- iwlwifi: mvm: allow to disable beacon filtering for AP/GO interface.
- iwlwifi: mvm: avoid harmless -Wmaybe-uninialized warning.
- iwlwifi: mvm: avoid panics with thermal device usage.
- iwlwifi: mvm: avoid to WARN about gscan capabilities.
- iwlwifi: mvm: bail out if CTDP start operation fails.
- iwlwifi: mvm: bump firmware API to 21.
- iwlwifi: mvm: bump max API to 20.
- iwlwifi: mvm: change access to ieee80211_hdr.
- iwlwifi: mvm: change iwl_mvm_get_key_sta_id() to return the station.
- iwlwifi: mvm: change mcc update API.
- iwlwifi: mvm: change name of iwl_mvm_d3_update_gtk.
- iwlwifi: mvm: Change number of associated stations when station becomes
associated.
- iwlwifi: mvm: change protocol offload flows.
- iwlwifi: mvm: change the check for ADD_STA status.
- iwlwifi: mvm: check FW's response for nvm access write cmd.
- iwlwifi: mvm: check iwl_mvm_wowlan_config_key_params() return value.
- iwlwifi: mvm: check minimum temperature notification length.
- iwlwifi: mvm: cleanup roc te on restart cleanup.
- iwlwifi: mvm: Configure fragmented scan for scheduled scan.
- iwlwifi: mvm: configure scheduled scan according to traffic conditions.
- iwlwifi: mvm: constify the parameters of a few functions in fw-dbg.c.
- iwlwifi: mvm: Disable beacon storing in D3 when WOWLAN configured.
- iwlwifi: mvm: disable DQA support.
- iwlwifi: mvm: do not ask beacons when P2P GO vif and no assoc sta.
- iwlwifi: mvm: do not keep an mvm ref when the interface is down.
- iwlwifi: mvm: do not let NDPs mess the packet tracking.
- iwlwifi: mvm: do not restart HW if suspend fails with unified image.
- iwlwifi: mvm: Do not switch to D3 image on suspend.
- iwlwifi: mvm: do not try to offload AES-CMAC in AP/IBSS modes.
- iwlwifi: mvm: drop low_latency_agg_frame_cnt_limit.
- iwlwifi: mvm: dump more registers upon error.
- iwlwifi: mvm: dump the radio registers when the firmware crashes.
- iwlwifi: mvm: enable L3 filtering.
- iwlwifi: mvm: Enable MPLUT only on supported hw.
- iwlwifi: mvm: enable VHT MU-MIMO for supported hardware.
- iwlwifi: mvm: extend time event duration.
- iwlwifi: mvm: fix accessing Null pointer during fw dump collection.
- iwlwifi: mvm: fix d3_test with unified D0/D3 images.
- iwlwifi: mvm: fix debugfs signedness warning.
- iwlwifi: mvm: fix extended dwell time.
- iwlwifi: mvm: fix incorrect fallthrough in iwl_mvm_check_running_scans().
- iwlwifi: mvm: fix memory leaks in error paths upon fw error dump.
- iwlwifi: mvm: fix netdetect starting/stopping for unified images.
- iwlwifi: mvm: fix RSS key sizing.
- iwlwifi: mvm: fix unregistration of thermal in some error flows.
- iwlwifi: mvm: flush all used TX queues before suspending.
- iwlwifi: mvm: forbid U-APSD for P2P Client if the firmware does not
support it.
- iwlwifi: mvm: handle pass all scan reporting.
- iwlwifi: mvm: ignore LMAC scan notifications when running UMAC scans.
- iwlwifi: mvm: infrastructure for frame-release message.
- iwlwifi: mvm: kill iwl_mvm_enable_agg_txq.
- iwlwifi: mvm: let the firmware choose the antenna for beacons.
- iwlwifi: mvm: make collecting fw debug data optional.
- iwlwifi: mvm: move fw-dbg code to separate file.
- iwlwifi: mvm: only release the trans ref if d0i3 is supported in fw.
- iwlwifi: mvm: prepare the code towards TSO implementation.
- iwlwifi: mvm: refactor d3 key update functions.
- iwlwifi: mvm: refactor the way fw_key_table is handled.
- iwlwifi: mvm: remove an extra tab.
- iwlwifi: mvm: Remove bf_vif from iwl_power_vifs.
- iwlwifi: mvm: Remove iwl_mvm_update_beacon_abort.
- iwlwifi: mvm: remove redundant d0i3 flag from the config struct.
- iwlwifi: mvm: remove shadowing variable.
- iwlwifi: mvm: remove stray nd_config element.
- iwlwifi: mvm: remove the vif parameter of
iwl_mvm_configure_bcast_filter().
- iwlwifi: mvm: remove unnecessary check in iwl_mvm_is_d0i3_supported().
- iwlwifi: mvm: remove useless WARN_ON and rely on cfg80211's combination.
- iwlwifi: mvm: report wakeup for wowlan.
- iwlwifi: mvm: reset mvm->scan_type when firmware is started.
- iwlwifi: mvm: return the cooling state index instead of the budget.
- iwlwifi: mvm: ROC: cleanup time event info on FW failure.
- iwlwifi: mvm: ROC: Extend the ROC max delay duration & limit ROC
duration.
- iwlwifi: mvm: rs: fix a potential out of bounds access.
- iwlwifi: mvm: rs: fix a theoretical access to uninitialized array
elements.
- iwlwifi: mvm: rs: fix a warning message.
- iwlwifi: mvm: rs: fix TPC action decision algorithm.
- iwlwifi: mvm: rs: fix TPC statistics handling.
- iwlwifi: mvm: Send power command on BSS_CHANGED_BEACON_INFO if needed.
- iwlwifi: mvm: set default new STA as non-aggregated.
- iwlwifi: mvm: set the correct amsdu enum values.
- iwlwifi: mvm: set the correct descriptor size for tracing.
- iwlwifi: mvm: small update in the firmware API.
- iwlwifi: mvm: support A-MSDU in A-MPDU.
- iwlwifi: mvm: support beacon storing.
- iwlwifi: mvm: support description for user triggered fw dbg collection.
- iwlwifi: mvm: support rss queues configuration command.
- iwlwifi: mvm: Support setting continuous recording debug mode.
- iwlwifi: mvm: support setting minimum quota from debugfs.
- iwlwifi: mvm: support sw queue start/stop from mvm.
- iwlwifi: mvm: take care of padded packets.
- iwlwifi: mvm: take the transport ref back when leaving.
- iwlwifi: mvm: track low-latency sources separately.
- iwlwifi: mvm: update GSCAN capabilities.
- iwlwifi: mvm: update ucode status before stopping device.
- iwlwifi: mvm: use build-time assertion for fw trigger ID.
- iwlwifi: mvm: use firmware station lookup, combine code.
- iwlwifi: mvm: various trivial cleanups.
- iwlwifi: mvm: writing zero bytes to debugfs causes a crash.
- iwlwifi: nvm: fix loading default NVM file.
- iwlwifi: nvm: fix up phy section when reading it.
- iwlwifi: pcie: add 9000 series multi queue rx DMA support.
- iwlwifi: pcie: add infrastructure for multi-queue rx.
- iwlwifi: pcie: add initial RTPM support for PCI.
- iwlwifi: pcie: Add new configuration to enable MSIX.
- iwlwifi: pcie: add pm_prepare and pm_complete ops.
- iwlwifi: pcie: add RTPM support when wifi is enabled.
- iwlwifi: pcie: aggregate Flow Handler configuration writes.
- iwlwifi: pcie: allow the op_mode to block the tx queues.
- iwlwifi: pcie: allow to pretend to have Tx CSUM for debug.
- iwlwifi: pcie: avoid restocks inside rx loop if not emergency.
- iwlwifi: pcie: buffer packets to avoid overflowing Tx queues.
- iwlwifi: pcie: build an A-MSDU using TSO core.
- iwlwifi: pcie: configure more RFH settings.
- iwlwifi: pcie: detect and workaround invalid write ptr behavior.
- iwlwifi: pcie: do not increment / decrement a bool.
- iwlwifi: pcie: enable interrupts before releasing the NIC's CPU.
- iwlwifi: pcie: enable multi-queue rx path.
- iwlwifi: pcie: extend device reset delay.
- iwlwifi: pcie: fine tune number of rxbs.
- iwlwifi: pcie: fix a race in firmware loading flow.
- iwlwifi: pcie: fix erroneous return value.
- iwlwifi: pcie: fix global table size.
- iwlwifi: pcie: fix identation in trans.c.
- iwlwifi: pcie: fix RF-Kill vs. firmware load race.
- iwlwifi: pcie: forbid RTPM on device removal.
- iwlwifi: pcie: mark command queue lock with separate lockdep class.
- iwlwifi: pcie: prevent skbs shadowing in iwl_trans_pcie_reclaim.
- iwlwifi: pcie: refactor RXBs reclaiming code.
- iwlwifi: pcie: remove ICT allocation message.
- iwlwifi: pcie: remove pointer from debug message.
- iwlwifi: pcie: re-organize code towards TSO.
- iwlwifi: pcie: set RB chunk size back to 64.
- iwlwifi: pcie: update iwl_mpdu_desc fields.
- iwlwifi: print index in api/capa flags parsing message.
- iwlwifi: refactor the code that reads the MAC address from the NVM.
- iwlwifi: remove IWL_DL_LED.
- iwlwifi: remove unused parameter from grab_nic_access.
- iwlwifi: replace d0i3_mode and wowlan_d0i3 with more generic variables.
- iwlwifi: set max firmware version of 7265 to 17.
- iwlwifi: support ucode with d0 unified image - regular and usniffer.
- iwlwifi: trans: make various conversion macros inlines.
- iwlwifi: trans: support a callback for ASYNC commands.
- iwlwifi: treat iwl_parse_nvm_data() MAC addr as little endian.
- iwlwifi: tt: move ucode_loaded check under mutex.
- iwlwifi: uninline iwl_trans_send_cmd.
- iwlwifi: update host command messages to new format.
- iwlwifi: Update PCI IDs for 8000 and 9000 series.
- iwlwifi: update support for 3168 series firmware and NVM.
- iwlwifi: various comments and code cleanups.
- jump label: fix passing kbuild_cflags when checking for asm goto support
(git-fixes).
- kabi: Hide new include in arch/powerpc/kernel/process.c (fate#322421).
- kabi: ignore fs_info parameter for tracepoints that didn't have it
(bsc#1044912).
- kABI: move and hide new cxgbi device owner field (bsc#1018885).
- kABI: protect cgroup include in kernel/kthread (kabi).
- kABI: protect struct fib_info (kabi).
- kABI: protect struct mnt_namespace (kabi).
- kABI: protect struct pglist_data (kabi).
- kABI: protect struct snd_fw_async_midi_port (kabi).
- kABI: protect struct xlog (bsc#1043598).
- kABI: restore ttm_ref_object_add parameters (kabi).
- kabi/severities: ignore kABi changes in iwlwifi stuff itself
- kabi workaround for net: ipv6: Fix processing of RAs in presence of VRF
(bsc#1042286).
- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)
- kprobes/x86: Fix kernel panic when certain exception-handling addresses
are probed (4.4.68 stable queue).
- kvm: better MWAIT emulation for guests (bsc#1031142).
- kvm: nVMX: do not leak PML full vmexit to L1 (4.4.68 stable queue).
- kvm: nVMX: initialize PML fields in vmcs02 (4.4.68 stable queue).
- kvm: svm: add support for RDTSCP (bsc#1033117).
- l2tp: fix race in l2tp_recv_common() (bsc#1042286).
- lan78xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).
- leds: ktd2692: avoid harmless maybe-uninitialized warning (4.4.68 stable
queue).
- libata-scsi: Fixup ata_gen_passthru_sense() (bsc#1040125).
- libceph: NULL deref on crush_decode() error path (bsc#1044015).
- libcxgb: add library module for Chelsio drivers (bsc#1021424).
- lib/mpi: mpi_read_raw_data(): fix nbits calculation (bsc#1003581).
- lib/mpi: mpi_read_raw_data(): purge redundant clearing of nbits
(bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): do not include leading zero SGEs in
nbytes (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): fix nbits calculation (bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): fix out-of-bounds buffer access
(bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): purge redundant clearing of nbits
(bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): replace len argument by nbytes
(bsc#1003581).
- lib/mpi: mpi_read_raw_from_sgl(): sanitize meaning of indices
(bsc#1003581).
- libnvdimm, pfn: fix 'npfns' vs section alignment (bsc#1040125).
- livepatch: Allow architectures to specify an alternate ftrace location
(FATE#322421).
- locking/ww_mutex: Fix compilation of __WW_MUTEX_INITIALIZER
(bsc#1031717).
- loop: Add PF_LESS_THROTTLE to block/loop device thread (bsc#1027101).
- lpfc: remove incorrect lockdep assertion (bsc#1040125).
- md: allow creation of mdNNN arrays via md_mod/parameters/new_array
(bsc#1032339).
- md.c:didn't unlock the mddev before return EINVAL in array_size_store
(bsc#1038143).
- md-cluster: fix potential lock issue in add_new_disk (bsc#1041087).
- md: fix a null dereference (bsc#1040351).
- md: handle read-only member devices better (bsc#1033281).
- md: MD_CLOSING needs to be cleared after called md_set_readonly or
do_md_stop (bsc#1038142).
- md/raid1: avoid reusing a resync bio after error handling (Fate#311379).
- md: support disabling of create-on-open semantics (bsc#1032339).
- md: use a separate bio_set for synchronous IO (bsc#1040351).
- media: am437x-vpfe: fix an uninitialized variable bug (bsc#1031717).
- media: b2c2: use IS_REACHABLE() instead of open-coding it (bsc#1031717).
- media: c8sectpfe: Rework firmware loading mechanism (bsc#1031717).
- media: cx231xx-audio: fix NULL-deref at probe (bsc#1031717).
- media: cx231xx-cards: fix NULL-deref at probe (bsc#1031717).
- media: cx23885: uninitialized variable in cx23885_av_work_handler()
(bsc#1031717).
- media: DaVinci-VPBE: Check return value of a setup_if_config() call in
vpbe_set_output() (bsc#1031717).
- media: DaVinci-VPFE-Capture: fix error handling (bsc#1031717).
- media: dib0700: fix NULL-deref at probe (bsc#1031717).
- media: dvb-usb: avoid link error with dib3000m{b,c| (bsc#1031717).
- media: exynos4-is: fix a format string bug (bsc#1031717).
- media: gspca: konica: add missing endpoint sanity check (bsc#1031717).
- media: lirc_imon: do not leave imon_probe() with mutex held
(bsc#1031717).
- media: pvrusb2: reduce stack usage pvr2_eeprom_analyze() (bsc#1031717).
- media: rc: allow rc modules to be loaded if rc-main is not a module
(bsc#1031717).
- media: s5p-mfc: Fix unbalanced call to clock management (bsc#1031717).
- media: sh-vou: clarify videobuf2 dependency (bsc#1031717).
- media: staging: media: davinci_vpfe: unlock on error in vpfe_reqbufs()
(bsc#1031717).
- media: usbvision: fix NULL-deref at probe (bsc#1031717).
- media: uvcvideo: Fix empty packet statistic (bsc#1031717).
- media: vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1043231).
- mem-hotplug: fix node spanned pages when we have a movable node
(bnc#1034671).
- mips: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix (4.4.68 stable queue).
- mlx4: Fix memory leak after mlx4_en_update_priv() (bsc#966170 bsc#966172
bsc#966191).
- mmc: debugfs: correct wrong voltage value (bsc#1031717).
- mmc: Downgrade error level (bsc#1042536).
- mm,compaction: serialize waitqueue_active() checks (bsc#971975).
- mmc: sdhci-pxav3: fix higher speed mode capabilities (bsc#1031717).
- mmc: sdhci: restore behavior when setting VDD via external regulator
(bsc#1031717).
- mm: fix <linux/pagemap.h> stray kernel-doc notation (bnc#971975 VM --
git fixes).
- mm: fix new crash in unmapped_area_topdown() (bnc#1039348).
- mm/hugetlb: check for reserved hugepages during memory offline
(bnc#971975 VM -- git fixes).
- mm/hugetlb: fix incorrect hugepages count during mem hotplug (bnc#971975
VM -- git fixes).
- module: fix memory leak on early load_module() failures (bsc#1043014).
- mwifiex: Avoid skipping WEP key deletion for AP (4.4.68 stable queue).
- mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print (4.4.68 stable
queue).
- mwifiex: pcie: fix cmd_buf use-after-free in remove/reset (bsc#1031717).
- mwifiex: Removed unused 'pkt_type' variable (bsc#1031717).
- mwifiex: remove redundant dma padding in AMSDU (4.4.68 stable queue).
- mwifiex: Remove unused 'bcd_usb' variable (bsc#1031717).
- mwifiex: Remove unused 'chan_num' variable (bsc#1031717).
- mwifiex: Remove unused 'pm_flag' variable (bsc#1031717).
- mwifiex: Remove unused 'sta_ptr' variable (bsc#1031717).
- net: bridge: start hello timer only if device is up (bnc#1012382).
- netfilter: nf_conntrack_sip: extend request line validation
(bsc#1042286).
- netfilter: nf_ct_expect: remove the redundant slash when policy name is
empty (bsc#1042286).
- netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
(bsc#1042286).
- netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to
register (bsc#1042286).
- netfilter: nfnetlink_queue: reject verdict request from different portid
(bsc#1042286).
- netfilter: restart search if moved to other chain (bsc#1042286).
- netfilter: use fwmark_reflect in nf_send_reset (bsc#1042286).
- net: fix compile error in skb_orphan_partial() (bnc#1012382).
- net: ibmvnic: Remove unused net_stats member from struct ibmvnic_adapter
(fate#322021, bsc#1031512).
- net: icmp_route_lookup should use rt dev to determine L3 domain
(bsc#1042286).
- net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).
- net: ipv6: set route type for anycast routes (bsc#1042286).
- net: l3mdev: Add master device lookup by index (bsc#1042286).
- net: make netdev_for_each_lower_dev safe for device removal
(bsc#1042286).
- net/mlx5: Do not unlock fte while still using it (bsc#966170 bsc#966172
bsc#966191).
- net/mlx5e: Fix timestamping capabilities reporting (bsc#966170
bsc#1015342).
- net/mlx5e: Modify TIRs hash only when it's needed (bsc#966170 bsc#966172
bsc#966191).
- net/mlx5: Fix create autogroup prev initializer (bsc#966170 bsc#966172
bsc#966191).
- net/mlx5: Prevent setting multicast macs for VFs (bsc#966170 bsc#966172
bsc#966191).
- net/mlx5: Release FTE lock in error flow (bsc#966170 bsc#966172
bsc#966191).
- net: vrf: Create FIB tables on link create (bsc#1042286).
- net: vrf: Fix crash when IPv6 is disabled at boot time (bsc#1042286).
- net: vrf: Fix dev refcnt leak due to IPv6 prefix route (bsc#1042286).
- net: vrf: Fix dst reference counting (bsc#1042286).
- net: vrf: protect changes to private data with rcu (bsc#1042286).
- net: vrf: Switch dst dev to loopback on device delete (bsc#1042286).
- netxen_nic: set rcode to the return status from the call to
netxen_issue_cmd (bsc#966339 FATE#320150).
- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).
- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).
- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).
- nfs: Fix an LOCK/OPEN race when unlinking an open file (git-fixes).
- nfs: Fix "Do not increment lock sequence ID after NFS4ERR_MOVED"
(git-fixes).
- nfs: Fix inode corruption in nfs_prime_dcache() (git-fixes).
- nfs: Fix missing pg_cleanup after nfs_pageio_cond_complete() (git-fixes).
- nfs: Use GFP_NOIO for two allocations in writeback (git-fixes).
- nfsv4.1: Fix Oopsable condition in server callback races (git-fixes).
- nfsv4: do not let hanging mounts block other mounts (bsc#1040364).
- nfsv4: fix a reference leak caused WARNING messages (git-fixes).
- nfsv4: Fix the underestimation of delegation XDR space reservation
(git-fixes).
- nsfs: mark dentry with DCACHE_RCUACCESS (bsc#1012829).
- nvme: Delete created IO queues on reset (bsc#1031717).
- nvme: submit nvme_admin_activate_fw to admin queue (bsc#1044532).
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
(bsc#1004003).
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points
(bsc#1004003).
- overlayfs: compat, fix incorrect dentry use in ovl_rename2 (bsc#1032400).
- overlayfs: compat, use correct dentry to detect compat mode in
ovl_compat_is_whiteout (bsc#1032400).
- pci: pciehp: Prioritize data-link event over presence detect
(bsc#1031040,bsc#1037483).
- pci: Reverse standard ACS vs device-specific ACS enabling (bsc#1030057).
- pci: Work around Intel Sunrise Point PCH incorrect ACS capability
(bsc#1030057).
- percpu: remove unused chunk_alloc parameter from pcpu_get_pages()
(bnc#971975 VM -- git fixes).
- perf/x86/intel/rapl: Make Knights Landings support functional
(bsc#1042517).
- perf/x86/intel/uncore: Remove SBOX support for Broadwell server
(bsc#1035887).
- phy: qcom-usb-hs: Add depends on EXTCON (4.4.68 stable queue).
- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
(bnc#1012985).
- PKCS#7: fix missing break on OID_sha224 case (bsc#1031717).
- platform/x86: fujitsu-laptop: use brightness_set_blocking for
LED-setting callbacks (bsc#1031717).
- pm / QoS: Fix memory leak on resume_latency.notifiers (bsc#1043231).
- pm / wakeirq: Enable dedicated wakeirq for suspend (bsc#1031717).
- pm / wakeirq: Fix spurious wake-up events for dedicated wakeirqs
(bsc#1031717).
- pm / wakeirq: report a wakeup_event on dedicated wekup irq (bsc#1031717).
- power: bq27xxx: fix register numbers of bq27500 (bsc#1031717).
- powerpc/64: Fix flush_(d|i)cache_range() called from modules (bnc#863764
fate#315275, LTC#103998).
- powerpc: Create a helper for getting the kernel toc value (FATE#322421).
- powerpc/fadump: add reschedule point while releasing memory
(bsc#1040609).
- powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669).
- powerpc/fadump: avoid holes in boot memory area when fadump is
registered (bsc#1037669).
- powerpc/fadump: provide a helpful error message (bsc#1037669).
- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM
(bsc#1032141).
- powerpc/fadump: return error when fadump registration fails
(bsc#1040567).
- powerpc/fadump: Update fadump documentation (bsc#1032141).
- powerpc/ftrace: Add Kconfig & Make glue for mprofile-kernel
(FATE#322421).
- powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI
(FATE#322421).
- powerpc/ftrace: Pass the correct stack pointer for
DYNAMIC_FTRACE_WITH_REGS (FATE#322421).
- powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace
(FATE#322421).
- powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421).
- powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421).
- powerpc/livepatch: Add livepatch header (FATE#322421).
- powerpc/livepatch: Add live patching support on ppc64le (FATE#322421).
- powerpc/livepatch: Add livepatch stack to struct thread_info
(FATE#322421).
- powerpc/module: Create a special stub for ftrace_caller() (FATE#322421).
- powerpc/module: Mark module stubs with a magic value (FATE#322421).
- powerpc/module: Only try to generate the ftrace_caller() stub once
(FATE#322421).
- powerpc/modules: Never restore r2 for a mprofile-kernel style mcount()
call (FATE#322421).
- powerpc/powernv: Fix opal_exit tracepoint opcode (4.4.68 stable queue).
- power: supply: bq24190_charger: Call power_supply_changed() for relevant
component (4.4.68 stable queue).
- power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
(4.4.68 stable queue).
- power: supply: bq24190_charger: Do not read fault register outside
irq_handle_thread() (4.4.68 stable queue).
- power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
(4.4.68 stable queue).
- power: supply: bq24190_charger: Handle fault before status on interrupt
(4.4.68 stable queue).
- power: supply: bq24190_charger: Install irq_handler_thread() at end of
probe() (4.4.68 stable queue).
- printk: Correctly handle preemption in console_unlock() (bsc#1046434).
- printk: Switch to the sync mode when an emergency message is printed
(bsc#1034995).
- printk/xen: Force printk sync mode when migrating Xen guest
(bsc#1043347).
- quota: fill in Q_XGETQSTAT inode information for inactive quotas
(bsc#1042356).
- radix-tree: fix radix_tree_iter_retry() for tagged iterators
(bsc#1012829).
- ravb: Fix use-after-free on `ifconfig eth0 down` (git-fixes).
- rdma/iw_cxgb4: Add missing error codes for act open cmd (bsc#1026570).
- rdma/iw_cxgb4: Always wake up waiter in c4iw_peer_abort_intr()
(bsc#1026570).
- rdma/iw_cxgb4: Low resource fixes for Completion queue (bsc#1026570).
- rdma/iw_cxgb4: only read markers_enabled mod param once (bsc#1026570).
- regulator: isl9305: fix array size (bsc#1031717).
- reiserfs: do not preallocate blocks for extended attributes (bsc#990682).
- Revert "acpi, nfit, libnvdimm: fix interleave set cookie calculation
(64-bit comparison)" (kabi).
- Revert "btrfs: qgroup: Move half of the qgroup accounting time out of"
(bsc#1017461 bsc#1033885).
- Revert "KVM: nested VMX: disable perf cpuid reporting" (4.4.68 stable
queue).
- Revert "l2tp: take reference on sessions being dumped" (kabi).
- Revert "mac80211: pass block ack session timeout to to driver" (kabi).
- Revert "mac80211: RX BA support for sta max_rx_aggregation_subframes"
(kabi).
- Revert "wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event" (kabi).
- rpm/kernel-spec-macros: Fix the check if there is no rebuild counter
(bsc#1012060)
- rpm/SLES-UEFI-SIGN-Certificate-2048.crt: Update the certificate
(bsc#1035922)
- rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string (4.4.68 stable
queue).
- rtnl: reset calcit fptr in rtnl_unregister() (bsc#1042286).
- s390/dasd: check if query host access feature is supported (bsc#1037871).
- sbp-target: Fix second argument of percpu_ida_alloc() (bsc#1032803).
- scsi: be2iscsi: Add FUNCTION_RESET during driver unload (bsc#1038458).
- scsi: be2iscsi: Add IOCTL to check UER supported (bsc#1038458).
- scsi: be2iscsi: Add TPE recovery feature (bsc#1038458).
- scsi: be2iscsi: Add V1 of EPFW cleanup IOCTL (bsc#1038458).
- scsi: be2iscsi: allocate enough memory in beiscsi_boot_get_sinfo()
(bsc#1038458).
- scsi: be2iscsi: Check all zeroes IP before issuing IOCTL (bsc#1038458).
- scsi: be2iscsi: Fail the sessions immediately after TPE (bsc#1038458).
- scsi: be2iscsi: Fix async PDU handling path (bsc#1038458).
- scsi: be2iscsi: Fix bad WRB index error (bsc#1038458).
- scsi: be2iscsi: Fix checks for HBA in error state (bsc#1038458).
- scsi: be2iscsi: Fix gateway APIs to support IPv4 & IPv6 (bsc#1038458).
- scsi: be2iscsi: Fix POST check and reset sequence (bsc#1038458).
- scsi: be2iscsi: Fix queue and connection parameters (bsc#1038458).
- scsi: be2iscsi: Fix release of DHCP IP in static mode (bsc#1038458).
- scsi: be2iscsi: Fix to add timer for UE detection (bsc#1038458).
- scsi: be2iscsi: Fix to make boot discovery non-blocking (bsc#1038458).
- scsi: be2iscsi: Fix to use correct configuration values (bsc#1038458).
- scsi: be2iscsi: Handle only NET_PARAM in iface_get_param (bsc#1038458).
- scsi: be2iscsi: Move functions to right files (bsc#1038458).
- scsi: be2iscsi: Move VLAN code to common iface_set_param (bsc#1038458).
- scsi: be2iscsi: Reduce driver load/unload time (bsc#1038458).
- scsi: be2iscsi: Remove alloc_mcc_tag & beiscsi_pci_soft_reset
(bsc#1038458).
- scsi: be2iscsi: Remove isr_lock and dead code (bsc#1038458).
- scsi: be2iscsi: Rename iface get/set/create/destroy APIs (bsc#1038458).
- scsi: be2iscsi: Replace _bh version for mcc_lock spinlock (bsc#1038458).
- scsi: be2iscsi: Set and return right iface v4/v6 states (bsc#1038458).
- scsi: be2iscsi: Update copyright information (bsc#1038458).
- scsi: be2iscsi: Update iface handle before any set param (bsc#1038458).
- scsi: be2iscsi: Update the driver version (bsc#1038458).
- scsi: cxgb4i: libcxgbi: add missing module_put() (bsc#1018885).
- scsi: cxgb4i: libcxgbi: cxgb4: add T6 iSCSI completion feature
(bsc#1021424).
- scsi: cxlflash: Remove the device cleanly in the system shutdown path
(bsc#1028310, fate#321597, bsc#1034762). cherry-pick from SP3
- scsi_dh_alua: do not call BUG_ON when updating port group (bsc#1028340).
- scsi_dh_alua: Do not retry for unmapped device (bsc#1012910).
- scsi_error: count medium access timeout only once per EH run
(bsc#993832, bsc#1032345).
- scsi: fnic: Correcting rport check location in fnic_queuecommand_lck
(bsc#1035920).
- scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (bsc#1034419).
- scsi: ipr: Driver version 2.6.4 (bsc#1031555).
- scsi: ipr: Error path locking fixes (bsc#1031555).
- scsi: ipr: Fix abort path race condition (bsc#1031555).
- scsi: ipr: Fix missed EH wakeup (bsc#1031555).
- scsi: ipr: Fix SATA EH hang (bsc#1031555).
- scsi: ipr: Remove redundant initialization (bsc#1031555).
- scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m (4.4.68 stable queue).
- scsi: scsi_dh_alua: Check scsi_device_get() return value (bsc#1040125).
- scsi: scsi_dh_emc: return success in clariion_std_inquiry() (4.4.68
stable queue).
- scsi_transport_fc: do not call queue_work under lock (bsc#1013887).
- scsi_transport_fc: fixup race condition in fc_rport_final_delete()
(bsc#1013887).
- scsi_transport_fc: return -EBUSY for deleted vport (bsc#1013887).
- sctp: check af before verify address in sctp_addr_id2transport
(git-fixes).
- serial: 8250_omap: Fix probe and remove for PM runtime (4.4.68 stable
queue).
- smartpqi: limit transfer length to 1MB (bsc#1025461).
- staging: emxx_udc: remove incorrect __init annotations (4.4.68 stable
queue).
- staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data()
(bsc#1031717).
- staging: wlan-ng: add missing byte order conversion (4.4.68 stable
queue).
- sunrpc: Allow xprt->ops->timer method to sleep (git-fixes).
- sunrpc: ensure correct error is reported by xs_tcp_setup_socket()
(git-fixes).
- sunrpc: fix UDP memory accounting (git-fixes).
- sunrpc: Silence WARN_ON when NFSv4.1 over RDMA is in use (git-fixes).
- supported.conf: added drivers/net/ethernet/chelsio/libcxgb/libcxgb
- supported.conf: Bugzilla and FATE references for dcdbas and dell_rbu
- sysfs: be careful of error returns from ops->show() (bsc#1028883).
- tcp: account for ts offset only if tsecr not zero (bsc#1042286).
- tcp: do not inherit fastopen_req from parent (4.4.68 stable queue).
- tcp: do not underestimate skb->truesize in tcp_trim_head() (4.4.68
stable queue).
- tcp: fastopen: accept data/FIN present in SYNACK message (bsc#1042286).
- tcp: fastopen: avoid negative sk_forward_alloc (bsc#1042286).
- tcp: fastopen: call tcp_fin() if FIN present in SYNACK (bsc#1042286).
- tcp: fastopen: fix rcv_wup initialization for TFO server on SYN/data
(bsc#1042286).
- tcp: fix wraparound issue in tcp_lp (4.4.68 stable queue).
- Temporarily disable iwlwifi-expose-default-fallback-ucode-api ... for
updating iwlwifi stack
- thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974).
- thp: reduce indentation level in change_huge_pmd() (bnc#1027974).
- tpm: Downgrade error level (bsc#1042535).
- tpm: fix checks for policy digest existence in tpm2_seal_trusted()
(bsc#1034048, Pending fixes 2017-04-10).
- tpm: fix RC value check in tpm2_seal_trusted (bsc#1034048, Pending fixes
2017-04-10).
- tpm: fix: set continueSession attribute for the unseal operation
(bsc#1034048, Pending fixes 2017-04-10).
- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1012985).
- tty: Destroy ldisc instance on hangup (bnc#1043488).
- tty: Fix ldisc crash on reopened tty (bnc#1043488).
- tty: Handle NULL tty->ldisc (bnc#1043488).
- tty: Move tty_ldisc_kill() (bnc#1043488).
- tty: Prepare for destroying line discipline on hangup (bnc#1043488).
- tty: Refactor tty_ldisc_reinit() for reuse (bnc#1043488).
- tty: Reset c_line from driver's init_termios (bnc#1043488).
- tty: Simplify tty_set_ldisc() exit handling (bnc#1043488).
- tty: Use 'disc' for line discipline index name (bnc#1043488).
- udp: avoid ufo handling on IP payload compression packets (bsc#1042286).
- udplite: call proper backlog handlers (bsc#1042286).
- Update config files: add CONFIG_IWLWIFI_PCIE_RTPM=y (FATE#323335)
- Update
patches.fixes/x86-pci-mark-broadwell-ep-home-agent-1-as-having-non-complian
t-bars (bsc#1039214). Fix the wrong bsc number.
- Update patches.fixes/xen-silence-efi-error-messge.patch (bnc#1039900).
- Update ppc64le config files to use KGRAFT.
- usb: chipidea: Handle extcon events properly (4.4.68 stable queue).
- usb: chipidea: Only read/write OTGSC from one place (4.4.68 stable
queue).
- usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy()
error paths (4.4.68 stable queue).
- usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy()
error paths (4.4.68 stable queue).
- usb: musb: ux500: Fix NULL pointer dereference at system PM
(bsc#1038033).
- usb: serial: ark3116: fix open error handling (bnc#1038043).
- usb: serial: ch341: add register and USB request definitions
(bnc#1038043).
- usb: serial: ch341: add support for parity, frame length, stop bits
(bnc#1038043).
- usb: serial: ch341: fix baud rate and line-control handling
(bnc#1038043).
- usb: serial: ch341: fix line settings after reset-resume (bnc#1038043).
- usb: serial: ch341: fix modem-status handling (bnc#1038043).
- usb: serial: ch341: reinitialize chip on reconfiguration (bnc#1038043).
- usb: serial: digi_acceleport: fix incomplete rx sanity check (4.4.68
stable queue).
- usb: serial: fix compare_const_fl.cocci warnings (bnc#1038043).
- usb: serial: ftdi_sio: fix latency-timer error handling (4.4.68 stable
queue).
- usb: serial: io_edgeport: fix descriptor error handling (4.4.68 stable
queue).
- usb: serial: io_edgeport: fix epic-descriptor handling (bnc#1038043).
- usb: serial: keyspan_pda: fix receive sanity checks (4.4.68 stable
queue).
- usb: serial: mct_u232: fix modem-status error handling (4.4.68 stable
queue).
- usb: serial: quatech2: fix control-message error handling (bnc#1038043).
- usb: serial: sierra: fix bogus alternate-setting assumption
(bnc#1038043).
- usb: serial: ssu100: fix control-message error handling (bnc#1038043).
- usb: serial: ti_usb_3410_5052: fix control-message error handling
(4.4.68 stable queue).
- Use make --output-sync feature when available (bsc#1012422). The mesages
in make output can interleave making it impossible to extract warnings
reliably. Since version 4 GNU Make supports --output-sync flag that
prints output of each sub-command atomically preventing this issue.
Detect the flag and use it if available.
- Use up spare in struct module for livepatch (FATE#322421).
- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).
- vrf: remove slave queue and private slave struct (bsc#1042286).
- vsock: Detach QP check should filter out non matching QPs (bsc#1036752).
- x86/CPU/AMD: Fix Zen SMT topology (bsc#1027512).
- x86/ioapic: Restore IO-APIC irq_chip retrigger callback (4.4.68 stable
queue).
- x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
(4.4.68 stable queue).
- x86/PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs
(bsc#9048891).
- x86/platform/intel-mid: Correct MSI IRQ line for watchdog device (4.4.68
stable queue).
- x86/platform/uv/BAU: Add generic function pointers (bsc#1035024).
- x86/platform/uv/BAU: Add payload descriptor qualifier (bsc#1035024).
- x86/platform/uv/BAU: Add status mmr location fields to bau_control
(bsc#1035024).
- x86/platform/uv/BAU: Add UV4-specific functions (bsc#1035024).
- x86/platform/uv/BAU: Add uv_bau_version enumerated constants
(bsc#1035024).
- x86/platform/uv/BAU: Add wait_completion to bau_operations (bsc#1035024).
- x86/platform/uv/BAU: Clean up and update printks (bsc#1035024).
- x86/platform/uv/BAU: Cleanup bau_operations declaration and instances
(bsc#1035024).
- x86/platform/uv/BAU: Clean up pq_init() (bsc#1035024).
- x86/platform/uv/BAU: Clean up vertical alignment (bsc#1035024).
- x86/platform/uv/BAU: Convert uv_physnodeaddr() use to uv_gpa_to_offset()
(bsc#1035024).
- x86/platform/uv/BAU: Disable software timeout on UV4 hardware
(bsc#1035024).
- x86/platform/uv/BAU: Fix HUB errors by remove initial write to sw-ack
register (bsc#1035024).
- x86/platform/uv/BAU: Fix payload queue setup on UV4 hardware
(bsc#1035024).
- x86/platform/uv/BAU: Implement uv4_wait_completion with read_status
(bsc#1035024).
- x86/platform/uv/BAU: Populate ->uvhub_version with UV4 version
information (bsc#1035024).
- x86/platform/uv/BAU: Use generic function pointers (bsc#1035024).
- x86/platform/uv: Fix calculation of Global Physical Address
(bsc#1031147).
- xen: add sysfs node for guest type (bnc#1037840).
- xen: adjust early dom0 p2m handling to xen hypervisor behavior
(bnc#1031470).
- xen-blkback: do not leak stack data via response ring (bsc#1042863
XSA-216).
- xen/mce: do not issue error message for failed /dev/mcelog registration
(bnc#1036638).
- xfrm: Fix memory leak of aead algorithm name (bsc#1042286).
- xfrm: Only add l3mdev oif to dst lookups (bsc#1042286).
- xfs: add missing include dependencies to xfs_dir2.h (bsc#1042421).
- xfs: do not assert fail on non-async buffers on ioacct decrement
(bsc#1041160).
- xfs: do not warn on buffers not being recovered due to LSN (bsc#1043598).
- xfs: fix eofblocks race with file extending async dio writes
(bsc#1040929).
- xfs: Fix missed holes in SEEK_HOLE implementation (bsc#1041168).
- xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
(bsc#1041168).
- xfs: fix xfs_mode_to_ftype() prototype (bsc#1043598).
- xfs: in _attrlist_by_handle, copy the cursor back to userspace
(bsc#1041242).
- xfs: log recovery tracepoints to track current lsn and buffer submission
(bsc#1043598).
- xfs: Make __xfs_xattr_put_listen preperly report errors (bsc#1041242).
- xfs: only return -errno or success from attr ->put_listent (bsc#1041242).
- xfs: pass current lsn to log recovery buffer validation (bsc#1043598).
- xfs: refactor log record unpack and data processing (bsc#1043598).
- xfs: replace xfs_mode_to_ftype table with switch statement (bsc#1042421).
- xfs: rework log recovery to submit buffers on LSN boundaries
(bsc#1043598).
- xfs: rework the inline directory verifiers (bsc#1042421).
- xfs: sanity check directory inode di_size (bsc#1042421).
- xfs: sanity check inode di_mode (bsc#1042421).
- xfs: Split default quota limits by quota type (bsc#1049421).
- xfs: update metadata LSN in buffers during log recovery (bsc#1043598).
- xfs: use ->b_state to fix buffer I/O accounting release race
(bsc#1041160).
- xfs: verify inline directory data forks (bsc#1042421).
- zswap: do not param_set_charp while holding spinlock (VM Functionality,
bsc#1042886).
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP2:
zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1146=1
- SUSE Linux Enterprise Software Development Kit 12-SP2:
zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1146=1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:
zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1146=1
- SUSE Linux Enterprise Server 12-SP2:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1146=1
- SUSE Linux Enterprise Live Patching 12:
zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1146=1
- SUSE Linux Enterprise High Availability 12-SP2:
zypper in -t patch SUSE-SLE-HA-12-SP2-2017-1146=1
- SUSE Linux Enterprise Desktop 12-SP2:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1146=1
- OpenStack Cloud Magnum Orchestration 7:
zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1146=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64):
kernel-default-debuginfo-4.4.74-92.29.1
kernel-default-debugsource-4.4.74-92.29.1
kernel-default-extra-4.4.74-92.29.1
kernel-default-extra-debuginfo-4.4.74-92.29.1
- SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-4.4.74-92.29.1
kernel-obs-build-debugsource-4.4.74-92.29.1
- SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch):
kernel-docs-4.4.74-92.29.3
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64):
kernel-default-4.4.74-92.29.1
kernel-default-base-4.4.74-92.29.1
kernel-default-base-debuginfo-4.4.74-92.29.1
kernel-default-debuginfo-4.4.74-92.29.1
kernel-default-debugsource-4.4.74-92.29.1
kernel-default-devel-4.4.74-92.29.1
kernel-syms-4.4.74-92.29.1
- SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch):
kernel-devel-4.4.74-92.29.1
kernel-macros-4.4.74-92.29.1
kernel-source-4.4.74-92.29.1
- SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64):
kernel-default-4.4.74-92.29.1
kernel-default-base-4.4.74-92.29.1
kernel-default-base-debuginfo-4.4.74-92.29.1
kernel-default-debuginfo-4.4.74-92.29.1
kernel-default-debugsource-4.4.74-92.29.1
kernel-default-devel-4.4.74-92.29.1
kernel-syms-4.4.74-92.29.1
- SUSE Linux Enterprise Server 12-SP2 (noarch):
kernel-devel-4.4.74-92.29.1
kernel-macros-4.4.74-92.29.1
kernel-source-4.4.74-92.29.1
- SUSE Linux Enterprise Live Patching 12 (x86_64):
kgraft-patch-4_4_74-92_29-default-1-4.1
- SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.4.74-92.29.1
cluster-md-kmp-default-debuginfo-4.4.74-92.29.1
cluster-network-kmp-default-4.4.74-92.29.1
cluster-network-kmp-default-debuginfo-4.4.74-92.29.1
dlm-kmp-default-4.4.74-92.29.1
dlm-kmp-default-debuginfo-4.4.74-92.29.1
gfs2-kmp-default-4.4.74-92.29.1
gfs2-kmp-default-debuginfo-4.4.74-92.29.1
kernel-default-debuginfo-4.4.74-92.29.1
kernel-default-debugsource-4.4.74-92.29.1
ocfs2-kmp-default-4.4.74-92.29.1
ocfs2-kmp-default-debuginfo-4.4.74-92.29.1
- SUSE Linux Enterprise Desktop 12-SP2 (noarch):
kernel-devel-4.4.74-92.29.1
kernel-macros-4.4.74-92.29.1
kernel-source-4.4.74-92.29.1
- SUSE Linux Enterprise Desktop 12-SP2 (x86_64):
kernel-default-4.4.74-92.29.1
kernel-default-debuginfo-4.4.74-92.29.1
kernel-default-debugsource-4.4.74-92.29.1
kernel-default-devel-4.4.74-92.29.1
kernel-default-extra-4.4.74-92.29.1
kernel-default-extra-debuginfo-4.4.74-92.29.1
kernel-syms-4.4.74-92.29.1
- OpenStack Cloud Magnum Orchestration 7 (x86_64):
kernel-default-4.4.74-92.29.1
kernel-default-debuginfo-4.4.74-92.29.1
kernel-default-debugsource-4.4.74-92.29.1
References:
https://www.suse.com/security/cve/CVE-2017-1000365.html
https://www.suse.com/security/cve/CVE-2017-1000380.html
https://www.suse.com/security/cve/CVE-2017-7346.html
https://www.suse.com/security/cve/CVE-2017-7487.html
https://www.suse.com/security/cve/CVE-2017-7616.html
https://www.suse.com/security/cve/CVE-2017-7618.html
https://www.suse.com/security/cve/CVE-2017-8890.html
https://www.suse.com/security/cve/CVE-2017-8924.html
https://www.suse.com/security/cve/CVE-2017-8925.html
https://www.suse.com/security/cve/CVE-2017-9074.html
https://www.suse.com/security/cve/CVE-2017-9075.html
https://www.suse.com/security/cve/CVE-2017-9076.html
https://www.suse.com/security/cve/CVE-2017-9077.html
https://www.suse.com/security/cve/CVE-2017-9150.html
https://www.suse.com/security/cve/CVE-2017-9242.html
https://bugzilla.suse.com/1003581
https://bugzilla.suse.com/1004003
https://bugzilla.suse.com/1011044
https://bugzilla.suse.com/1012060
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1012422
https://bugzilla.suse.com/1012452
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1012910
https://bugzilla.suse.com/1012985
https://bugzilla.suse.com/1013561
https://bugzilla.suse.com/1013887
https://bugzilla.suse.com/1015342
https://bugzilla.suse.com/1015452
https://bugzilla.suse.com/1017461
https://bugzilla.suse.com/1018885
https://bugzilla.suse.com/1020412
https://bugzilla.suse.com/1021424
https://bugzilla.suse.com/1022266
https://bugzilla.suse.com/1022595
https://bugzilla.suse.com/1023287
https://bugzilla.suse.com/1025461
https://bugzilla.suse.com/1026570
https://bugzilla.suse.com/1027101
https://bugzilla.suse.com/1027512
https://bugzilla.suse.com/1027974
https://bugzilla.suse.com/1028217
https://bugzilla.suse.com/1028310
https://bugzilla.suse.com/1028340
https://bugzilla.suse.com/1028883
https://bugzilla.suse.com/1029607
https://bugzilla.suse.com/1030057
https://bugzilla.suse.com/1030070
https://bugzilla.suse.com/1031040
https://bugzilla.suse.com/1031142
https://bugzilla.suse.com/1031147
https://bugzilla.suse.com/1031470
https://bugzilla.suse.com/1031500
https://bugzilla.suse.com/1031512
https://bugzilla.suse.com/1031555
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1031796
https://bugzilla.suse.com/1032141
https://bugzilla.suse.com/1032339
https://bugzilla.suse.com/1032345
https://bugzilla.suse.com/1032400
https://bugzilla.suse.com/1032581
https://bugzilla.suse.com/1032803
https://bugzilla.suse.com/1033117
https://bugzilla.suse.com/1033281
https://bugzilla.suse.com/1033336
https://bugzilla.suse.com/1033340
https://bugzilla.suse.com/1033885
https://bugzilla.suse.com/1034048
https://bugzilla.suse.com/1034419
https://bugzilla.suse.com/1034635
https://bugzilla.suse.com/1034670
https://bugzilla.suse.com/1034671
https://bugzilla.suse.com/1034762
https://bugzilla.suse.com/1034902
https://bugzilla.suse.com/1034995
https://bugzilla.suse.com/1035024
https://bugzilla.suse.com/1035866
https://bugzilla.suse.com/1035887
https://bugzilla.suse.com/1035920
https://bugzilla.suse.com/1035922
https://bugzilla.suse.com/1036214
https://bugzilla.suse.com/1036638
https://bugzilla.suse.com/1036752
https://bugzilla.suse.com/1036763
https://bugzilla.suse.com/1037177
https://bugzilla.suse.com/1037186
https://bugzilla.suse.com/1037384
https://bugzilla.suse.com/1037483
https://bugzilla.suse.com/1037669
https://bugzilla.suse.com/1037840
https://bugzilla.suse.com/1037871
https://bugzilla.suse.com/1037969
https://bugzilla.suse.com/1038033
https://bugzilla.suse.com/1038043
https://bugzilla.suse.com/1038085
https://bugzilla.suse.com/1038142
https://bugzilla.suse.com/1038143
https://bugzilla.suse.com/1038297
https://bugzilla.suse.com/1038458
https://bugzilla.suse.com/1038544
https://bugzilla.suse.com/1038842
https://bugzilla.suse.com/1038843
https://bugzilla.suse.com/1038846
https://bugzilla.suse.com/1038847
https://bugzilla.suse.com/1038848
https://bugzilla.suse.com/1038879
https://bugzilla.suse.com/1038981
https://bugzilla.suse.com/1038982
https://bugzilla.suse.com/1039214
https://bugzilla.suse.com/1039348
https://bugzilla.suse.com/1039354
https://bugzilla.suse.com/1039700
https://bugzilla.suse.com/1039864
https://bugzilla.suse.com/1039882
https://bugzilla.suse.com/1039883
https://bugzilla.suse.com/1039885
https://bugzilla.suse.com/1039900
https://bugzilla.suse.com/1040069
https://bugzilla.suse.com/1040125
https://bugzilla.suse.com/1040182
https://bugzilla.suse.com/1040279
https://bugzilla.suse.com/1040351
https://bugzilla.suse.com/1040364
https://bugzilla.suse.com/1040395
https://bugzilla.suse.com/1040425
https://bugzilla.suse.com/1040463
https://bugzilla.suse.com/1040567
https://bugzilla.suse.com/1040609
https://bugzilla.suse.com/1040855
https://bugzilla.suse.com/1040929
https://bugzilla.suse.com/1040941
https://bugzilla.suse.com/1041087
https://bugzilla.suse.com/1041160
https://bugzilla.suse.com/1041168
https://bugzilla.suse.com/1041242
https://bugzilla.suse.com/1041431
https://bugzilla.suse.com/1041810
https://bugzilla.suse.com/1042286
https://bugzilla.suse.com/1042356
https://bugzilla.suse.com/1042421
https://bugzilla.suse.com/1042517
https://bugzilla.suse.com/1042535
https://bugzilla.suse.com/1042536
https://bugzilla.suse.com/1042863
https://bugzilla.suse.com/1042886
https://bugzilla.suse.com/1043014
https://bugzilla.suse.com/1043231
https://bugzilla.suse.com/1043236
https://bugzilla.suse.com/1043347
https://bugzilla.suse.com/1043371
https://bugzilla.suse.com/1043467
https://bugzilla.suse.com/1043488
https://bugzilla.suse.com/1043598
https://bugzilla.suse.com/1043912
https://bugzilla.suse.com/1043935
https://bugzilla.suse.com/1043990
https://bugzilla.suse.com/1044015
https://bugzilla.suse.com/1044082
https://bugzilla.suse.com/1044120
https://bugzilla.suse.com/1044125
https://bugzilla.suse.com/1044532
https://bugzilla.suse.com/1044767
https://bugzilla.suse.com/1044772
https://bugzilla.suse.com/1044854
https://bugzilla.suse.com/1044880
https://bugzilla.suse.com/1044912
https://bugzilla.suse.com/1045154
https://bugzilla.suse.com/1045235
https://bugzilla.suse.com/1045286
https://bugzilla.suse.com/1045307
https://bugzilla.suse.com/1045467
https://bugzilla.suse.com/1045568
https://bugzilla.suse.com/1046105
https://bugzilla.suse.com/1046434
https://bugzilla.suse.com/1046589
https://bugzilla.suse.com/799133
https://bugzilla.suse.com/863764
https://bugzilla.suse.com/922871
https://bugzilla.suse.com/939801
https://bugzilla.suse.com/966170
https://bugzilla.suse.com/966172
https://bugzilla.suse.com/966191
https://bugzilla.suse.com/966321
https://bugzilla.suse.com/966339
https://bugzilla.suse.com/971975
https://bugzilla.suse.com/988065
https://bugzilla.suse.com/989311
https://bugzilla.suse.com/990058
https://bugzilla.suse.com/990682
https://bugzilla.suse.com/993832
https://bugzilla.suse.com/995542
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0
[security-announce] SUSE-SU-2017:1850-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 12 Jul '17
by opensuse-security@opensuse.org 12 Jul '17
12 Jul '17
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:1850-1
Rating: important
References: #1035283
Cross-References: CVE-2017-10971 CVE-2017-10972
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a
stack overflow by clients. (bnc#1035283)
- Make sure the type of all events to be sent by ProcXSendExtensionEvent
are in the allowed range.
- CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid
information leakage.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-xorg-x11-server-13206=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-xorg-x11-server-13206=1
- SUSE Linux Enterprise Server 11-SP3-LTSS:
zypper in -t patch slessp3-xorg-x11-server-13206=1
- SUSE Linux Enterprise Point of Sale 11-SP3:
zypper in -t patch sleposp3-xorg-x11-server-13206=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-xorg-x11-server-13206=1
- SUSE Linux Enterprise Debuginfo 11-SP3:
zypper in -t patch dbgsp3-xorg-x11-server-13206=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64):
xorg-x11-server-sdk-7.4-27.121.2
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
xorg-x11-Xvnc-7.4-27.121.2
xorg-x11-server-7.4-27.121.2
xorg-x11-server-extra-7.4-27.121.2
- SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64):
xorg-x11-Xvnc-7.4-27.121.2
xorg-x11-server-7.4-27.121.2
xorg-x11-server-extra-7.4-27.121.2
- SUSE Linux Enterprise Point of Sale 11-SP3 (i586):
xorg-x11-Xvnc-7.4-27.121.2
xorg-x11-server-7.4-27.121.2
xorg-x11-server-extra-7.4-27.121.2
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
xorg-x11-server-debuginfo-7.4-27.121.2
xorg-x11-server-debugsource-7.4-27.121.2
- SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64):
xorg-x11-server-debuginfo-7.4-27.121.2
xorg-x11-server-debugsource-7.4-27.121.2
References:
https://www.suse.com/security/cve/CVE-2017-10971.html
https://www.suse.com/security/cve/CVE-2017-10972.html
https://bugzilla.suse.com/1035283
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
1
0