[opensuse-security] Re: [security-announce] SUSE-SU-2012:0789-1: important: Security update for Linux kernel
Hello all, I installed that kernel update at a SLES11-SP2 machine. As one can read the kernel number changed from 3.0.26-0.7 to 3.0.34-0-7 instead of backporting the fixes. Unusual for an openSUSE security update but much more unusual (and unwanted) for an enterprise system! In our case it broke my Symantec Netbackup media server, because of changes (or an error?) in the new tape drivers. Even lsscsi could not identify the tape drives of our Quantum tape library any more. We had to go back to the older kernel to make our backup system work again. Everyone should consider to configure all own SLES installations to allow the multiversion kernel feature to have a fallback in such cases: http://en.opensuse.org/SDB:Keep_multiple_kernel_versions It is an openSUSE SDB entry but worked for me. Joe Am Dienstag, 26. Juni 2012 02:08:23 schrieb opensuse-security@opensuse.org:
SUSE Security Update: Security update for Linux kernel ___________________________________________________________________________ ___
Announcement ID: SUSE-SU-2012:0789-1 Rating: important References: #556135 #735909 #743579 #744404 #747404 #754690 #756050 #757315 #758243 #759336 #759545 #759805 #760237 #760806 #761087 #761245 #762991 #762992 #763267 #763307 #763485 #763717 #764091 #764150 #764209 #764500 #764900 #765102 #765253 #765320 #765524 Cross-References: CVE-2012-2119 CVE-2012-2136 CVE-2012-2373 CVE-2012-2375 CVE-2012-2390 Affected Products: SUSE Linux Enterprise Server 11 SP2 for VMware SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise Desktop 11 SP2 SLE 11 SERVER Unsupported Extras ___________________________________________________________________________ ___
An update that solves 5 vulnerabilities and has 26 fixes is now available. It includes one version update.
Description:
The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.34, fixing a lot of bugs and security issues.
The update from Linux kernel 3.0.31 to 3.0.34 also fixes various bugs not listed here.
The following security issues have been fixed:
*
CVE-2012-2136: Local attackers could trigger an overflow in sock_alloc_send_pksb(), potentially crashing the machine or escalate privileges.
*
CVE-2012-2390: A memory leak in transparent hugepages on mmap failure could be used by local attacker to run the machine out of memory (local denial of service).
*
CVE-2012-2119: A malicious guest driver could overflow the host stack by passing a long descriptor, so potentially crashing the host system or escalating privileges on the host.
*
CVE-2012-2375: Malicious NFS server could crash the clients when more than 2 GETATTR bitmap words are returned in response to the FATTR4_ACL attribute requests, only incompletely fixed by CVE-2011-4131.
The following non-security bugs have been fixed:
Hyper-V:
* storvsc: Properly handle errors from the host (bnc#747404). * HID: hid-hyperv: Do not use hid_parse_report() directly. * HID: hyperv: Set the hid drvdata correctly. * drivers/hv: Get rid of an unnecessary check in vmbus_prep_negotiate_resp(). * drivers/hv: util: Properly handle version negotiations. * hv: fix return type of hv_post_message(). * net/hyperv: Add flow control based on hi/low watermark. * usb/net: rndis: break out <1/rndis.h> defines. only net/hyperv part * usb/net: rndis: remove ambigous status codes. only net/hyperv part * usb/net: rndis: merge command codes. only net/hyperv part * net/hyperv: Adding cancellation to ensure rndis filter is closed. * update hv drivers to 3.4-rc1, requires new hv_kvp_daemon: * drivers: hv: kvp: Add/cleanup connector defines. * drivers: hv: kvp: Move the contents of hv_kvp.h to hyperv.h. * net/hyperv: Convert camel cased variables in rndis_filter.c to lower cases. * net/hyperv: Correct the assignment in netvsc_recv_callback(). * net/hyperv: Remove the unnecessary memset in rndis_filter_send(). * drivers: hv: Cleanup the kvp related state in hyperv.h. * tools: hv: Use hyperv.h to get the KVP definitions. * drivers: hv: kvp: Cleanup the kernel/user protocol. * drivers: hv: Increase the number of VCPUs supported in the guest. * net/hyperv: Fix data corruption in rndis_filter_receive(). * net/hyperv: Add support for vlan trunking from guests. * Drivers: hv: Add new message types to enhance KVP. * Drivers: hv: Support the newly introduced KVP messages in the driver. * Tools: hv: Fully support the new KVP verbs in the user level daemon. * Tools: hv: Support enumeration from all the pools. * net/hyperv: Fix the code handling tx busy. * patches.suse/suse-hv-pata_piix-ignore-disks.patch replace our version of this patch with upstream variant: ata_piix: defer disks to the Hyper-V drivers by default libata: add a host flag to ignore detected ATA devices.
Btrfs:
* btrfs: more module message prefixes. * vfs: re-implement writeback_inodes_sb(_nr)_if_idle() and rename them * btrfs: flush all the dirty pages if try_to_writeback_inodes_sb_nr() fails * vfs: re-implement writeback_inodes_sb(_nr)_if_idle() and rename them * btrfs: fix locking in btrfs_destroy_delayed_refs * btrfs: wake up transaction waiters when aborting a transaction * btrfs: abort the transaction if the commit fails * btrfs: fix btrfs_destroy_marked_extents * btrfs: unlock everything properly in the error case for nocow * btrfs: fix return code in drop_objectid_items * btrfs: check to see if the inode is in the log before fsyncing * btrfs: pass locked_page into extent_clear_unlock_delalloc if theres an error * btrfs: check the return code of btrfs_save_ino_cache * btrfs: do not update atime for RO snapshots (FATE#306586). * btrfs: convert the inode bit field to use the actual bit operations * btrfs: fix deadlock when the process of delayed refs fails * btrfs: stop defrag the files automatically when doin readonly remount or umount * btrfs: avoid memory leak of extent state in error handling routine * btrfs: make sure that we have made everything in pinned tree clean * btrfs: destroy the items of the delayed inodes in error handling routine * btrfs: ulist realloc bugfix * btrfs: bugfix in btrfs_find_parent_nodes * btrfs: bugfix: ignore the wrong key for indirect tree block backrefs * btrfs: avoid buffer overrun in btrfs_printk * btrfs: fall back to non-inline if we do not have enough space * btrfs: NUL-terminate path buffer in DEV_INFO ioctl result * btrfs: avoid buffer overrun in mount option handling * btrfs: do not do balance in readonly mode * btrfs: fix the same inode id problem when doing auto defragment * btrfs: fix wrong error returned by adding a device * btrfs: use fastpath in extent state ops as much as possible
Misc:
* tcp: drop SYN+FIN messages (bnc#765102). * mm: avoid swapping out with swappiness==0 (swappiness). * thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE (bnc#762991). * paravirt: Split paravirt MMU ops (bnc#556135, bnc#754690, FATE#306453). * paravirt: Only export pv_mmu_ops symbol if PARAVIRT_MMU * parvirt: Stub support KABI for KVM_MMU (bnc#556135, bnc#754690, FATE#306453). * tmpfs: implement NUMA node interleaving (bnc#764209). * synaptics-hp-clickpad: Fix the detection of LED on the recent HP laptops (bnc#765524) * supported.conf: mark xt_AUDIT as supported (bnc#765253) * mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race condition (bnc#762991 CVE-2012-2373). * xhci: Do not free endpoints in xhci_mem_cleanup() (bnc#763307). * xhci: Fix invalid loop check in xhci_free_tt_info() (bnc#763307). * drm: Skip too big EDID extensions (bnc#764900). * drm/i915: Add HP EliteBook to LVDS-temporary-disable list (bnc#763717). * hwmon: (fam15h_power) Increase output resolution (bnc#759336). * hwmon: (k10temp) Add support for AMD Trinity CPUs (bnc#759336). * rpm/kernel-binary.spec.in: Own the right -kdump initrd (bnc#764500) * memcg: prevent from OOM with too many dirty pages. * dasd: re-prioritize partition detection message (bnc#764091,LTC#81617). * kernel: pfault task state race (bnc#764091,LTC#81724). * kernel: clear page table for sw large page emulation (bnc#764091,LTC#81933). * USB: fix bug of device descriptor got from superspeed device (bnc#761087). * xfrm: take net hdr len into account for esp payload size calculation (bnc#759545). * st: clean up dev cleanup in st_probe (bnc#760806). * st: clean up device file creation and removal (bnc#760806). * st: get rid of scsi_tapes array (bnc#760806). * st: raise device limit (bnc#760806). * st: Use static class attributes (bnc#760806). * mm: Optimize put_mems_allowed() usage (VM performance). * cifs: fix oops while traversing open file list (try #4) (bnc#756050). * scsi: Fix dm-multipath starvation when scsi host is busy (bnc#763485). * dasd: process all requests in the device tasklet (bnc#763267). * rt2x00:Add RT539b chipset support (bnc#760237). * kabi/severities: Ignore changes in drivers/net/wireless/rt2x00, these are just exports used among the rt2x00 modules. * rt2800: radio 3xxx: reprogram only lower bits of RF_R3 (bnc#759805). * rt2800: radio 3xxx: program RF_R1 during channel switch (bnc#759805). * rt2800: radio 3xxxx: channel switch RX/TX calibration fixes (bnc#759805). * rt2x00: Avoid unnecessary uncached (bnc#759805). * rt2x00: Introduce sta_add/remove callbacks (bnc#759805). * rt2x00: Add WCID to crypto struct (bnc#759805). * rt2x00: Add WCID to HT TX descriptor (bnc#759805). * rt2x00: Move bssidx calculation into its own function (bnc#759805). * rt2x00: Make use of sta_add/remove callbacks in rt2800 (bnc#759805). * rt2x00: Forbid aggregation for STAs not programmed into the hw (bnc#759805). * rt2x00: handle spurious pci interrupts (bnc#759805). * rt2800: disable DMA after firmware load. * rt2800: radio 3xxx: add channel switch calibration routines (bnc#759805). * rpm/kernel-binary.spec.in: Obsolete ath3k, as it is now in the tree. * floppy: remove floppy-specific O_EXCL handling (bnc#757315). * floppy: convert to delayed work and single-thread wq (bnc#761245).
Security Issue references:
* CVE-2012-2119 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2119
* CVE-2012-2136 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2136
* CVE-2012-2373 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2373
* CVE-2012-2390 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2390
* CVE-2012-2375 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2375
Indications:
Everyone using the Linux Kernel on x86_64 architecture should update.
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2 for VMware:
zypper in -t patch slessp2-kernel-6457 slessp2-kernel-6463
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp2-kernel-6453 slessp2-kernel-6457 slessp2-kernel-6458 slessp2-kernel-6463 slessp2-kernel-6467
- SUSE Linux Enterprise High Availability Extension 11 SP2:
zypper in -t patch sleshasp2-kernel-6453 sleshasp2-kernel-6457 sleshasp2-kernel-6458 sleshasp2-kernel-6463 sleshasp2-kernel-6467
- SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp2-kernel-6457 sledsp2-kernel-6463
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586 x86_64) [New Version: 3.0.34]:
kernel-default-3.0.34-0.7.9 kernel-default-base-3.0.34-0.7.9 kernel-default-devel-3.0.34-0.7.9 kernel-source-3.0.34-0.7.9 kernel-syms-3.0.34-0.7.9 kernel-trace-3.0.34-0.7.9 kernel-trace-base-3.0.34-0.7.9 kernel-trace-devel-3.0.34-0.7.9 kernel-xen-devel-3.0.34-0.7.9
- SUSE Linux Enterprise Server 11 SP2 for VMware (i586) [New Version: 3.0.34]:
kernel-pae-3.0.34-0.7.9 kernel-pae-base-3.0.34-0.7.9 kernel-pae-devel-3.0.34-0.7.9
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.34]:
kernel-default-3.0.34-0.7.9 kernel-default-base-3.0.34-0.7.9 kernel-default-devel-3.0.34-0.7.9 kernel-source-3.0.34-0.7.9 kernel-syms-3.0.34-0.7.9 kernel-trace-3.0.34-0.7.9 kernel-trace-base-3.0.34-0.7.9 kernel-trace-devel-3.0.34-0.7.9
- SUSE Linux Enterprise Server 11 SP2 (i586 x86_64) [New Version: 3.0.34]:
kernel-ec2-3.0.34-0.7.9 kernel-ec2-base-3.0.34-0.7.9 kernel-ec2-devel-3.0.34-0.7.9 kernel-xen-3.0.34-0.7.9 kernel-xen-base-3.0.34-0.7.9 kernel-xen-devel-3.0.34-0.7.9
- SUSE Linux Enterprise Server 11 SP2 (s390x) [New Version: 3.0.34]:
kernel-default-man-3.0.34-0.7.9
- SUSE Linux Enterprise Server 11 SP2 (ppc64) [New Version: 3.0.34]:
kernel-ppc64-3.0.34-0.7.9 kernel-ppc64-base-3.0.34-0.7.9 kernel-ppc64-devel-3.0.34-0.7.9
- SUSE Linux Enterprise Server 11 SP2 (i586) [New Version: 3.0.34]:
kernel-pae-3.0.34-0.7.9 kernel-pae-base-3.0.34-0.7.9 kernel-pae-devel-3.0.34-0.7.9
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 ia64 ppc64 s390x x86_64):
cluster-network-kmp-default-1.4_3.0.34_0.7-2.10.30 cluster-network-kmp-trace-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-default-2_3.0.34_0.7-0.7.30 gfs2-kmp-trace-2_3.0.34_0.7-0.7.30 ocfs2-kmp-default-1.6_3.0.34_0.7-0.7.30 ocfs2-kmp-trace-1.6_3.0.34_0.7-0.7.30
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586 x86_64):
cluster-network-kmp-xen-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-xen-2_3.0.34_0.7-0.7.30 ocfs2-kmp-xen-1.6_3.0.34_0.7-0.7.30
- SUSE Linux Enterprise High Availability Extension 11 SP2 (ppc64):
cluster-network-kmp-ppc64-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-ppc64-2_3.0.34_0.7-0.7.30 ocfs2-kmp-ppc64-1.6_3.0.34_0.7-0.7.30
- SUSE Linux Enterprise High Availability Extension 11 SP2 (i586):
cluster-network-kmp-pae-1.4_3.0.34_0.7-2.10.30 gfs2-kmp-pae-2_3.0.34_0.7-0.7.30 ocfs2-kmp-pae-1.6_3.0.34_0.7-0.7.30
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 3.0.34]:
kernel-default-3.0.34-0.7.9 kernel-default-base-3.0.34-0.7.9 kernel-default-devel-3.0.34-0.7.9 kernel-default-extra-3.0.34-0.7.9 kernel-source-3.0.34-0.7.9 kernel-syms-3.0.34-0.7.9 kernel-trace-3.0.34-0.7.9 kernel-trace-base-3.0.34-0.7.9 kernel-trace-devel-3.0.34-0.7.9 kernel-trace-extra-3.0.34-0.7.9 kernel-xen-3.0.34-0.7.9 kernel-xen-base-3.0.34-0.7.9 kernel-xen-devel-3.0.34-0.7.9 kernel-xen-extra-3.0.34-0.7.9
- SUSE Linux Enterprise Desktop 11 SP2 (i586) [New Version: 3.0.34]:
kernel-pae-3.0.34-0.7.9 kernel-pae-base-3.0.34-0.7.9 kernel-pae-devel-3.0.34-0.7.9 kernel-pae-extra-3.0.34-0.7.9
- SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):
ext4-writeable-kmp-default-0_3.0.34_0.7-0.14.11 kernel-default-extra-3.0.34-0.7.9
- SLE 11 SERVER Unsupported Extras (i586 x86_64):
ext4-writeable-kmp-xen-0_3.0.34_0.7-0.14.11 kernel-xen-extra-3.0.34-0.7.9
- SLE 11 SERVER Unsupported Extras (ppc64):
ext4-writeable-kmp-ppc64-0_3.0.34_0.7-0.14.11 kernel-ppc64-extra-3.0.34-0.7.9
- SLE 11 SERVER Unsupported Extras (i586):
ext4-writeable-kmp-pae-0_3.0.34_0.7-0.14.11 kernel-pae-extra-3.0.34-0.7.9
References:
http://support.novell.com/security/cve/CVE-2012-2119.html http://support.novell.com/security/cve/CVE-2012-2136.html http://support.novell.com/security/cve/CVE-2012-2373.html http://support.novell.com/security/cve/CVE-2012-2375.html http://support.novell.com/security/cve/CVE-2012-2390.html https://bugzilla.novell.com/556135 https://bugzilla.novell.com/735909 https://bugzilla.novell.com/743579 https://bugzilla.novell.com/744404 https://bugzilla.novell.com/747404 https://bugzilla.novell.com/754690 https://bugzilla.novell.com/756050 https://bugzilla.novell.com/757315 https://bugzilla.novell.com/758243 https://bugzilla.novell.com/759336 https://bugzilla.novell.com/759545 https://bugzilla.novell.com/759805 https://bugzilla.novell.com/760237 https://bugzilla.novell.com/760806 https://bugzilla.novell.com/761087 https://bugzilla.novell.com/761245 https://bugzilla.novell.com/762991 https://bugzilla.novell.com/762992 https://bugzilla.novell.com/763267 https://bugzilla.novell.com/763307 https://bugzilla.novell.com/763485 https://bugzilla.novell.com/763717 https://bugzilla.novell.com/764091 https://bugzilla.novell.com/764150 https://bugzilla.novell.com/764209 https://bugzilla.novell.com/764500 https://bugzilla.novell.com/764900 https://bugzilla.novell.com/765102 https://bugzilla.novell.com/765253 https://bugzilla.novell.com/765320 https://bugzilla.novell.com/765524
http://download.novell.com/patch/finder/?keywords=1a7682fe55225a6d2fb7535ed 5b3a6f0 http://download.novell.com/patch/finder/?keywords=31fea157a35016e51d4182b32 fcb4191 http://download.novell.com/patch/finder/?keywords=4011009aab039f02db913a7bc e208f8f http://download.novell.com/patch/finder/?keywords=5a7bc846608efdf1aca0d4f66 ea9c9bb http://download.novell.com/patch/finder/?keywords=643ef9cef491ee6820b78654f 2716745 http://download.novell.com/patch/finder/?keywords=681e25e2cce92c21c5a62ccbf 5cc5678 http://download.novell.com/patch/finder/?keywords=8d123a34ca9f20522bea6195c 39428aa http://download.novell.com/patch/finder/?keywords=970acd862c76b234643d06e43 d4048ed http://download.novell.com/patch/finder/?keywords=e33c406efece164f0fd3b33e3 b387568 http://download.novell.com/patch/finder/?keywords=f2bfce4b05959a193517d5099 e8b3451 -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
On Wed, Jul 11, 2012 at 11:54:19AM +0200, Joachim Schönberg wrote:
Hello all,
I installed that kernel update at a SLES11-SP2 machine. As one can read the kernel number changed from 3.0.26-0.7 to 3.0.34-0-7 instead of backporting the fixes. Unusual for an openSUSE security update but much more unusual (and unwanted) for an enterprise system!
We are doing this for some time now, even SLES 10 did that with 2.6.16. The kernel teams look into those stable updates for problems.
In our case it broke my Symantec Netbackup media server, because of changes (or an error?) in the new tape drivers. Even lsscsi could not identify the tape drives of our Quantum tape library any more. We had to go back to the older kernel to make our backup system work again.
Did you report this in other channels, like our support team NTS? Do you have more details? We did some TAPE fixes in this release.
Everyone should consider to configure all own SLES installations to allow the multiversion kernel feature to have a fallback in such cases:
http://en.opensuse.org/SDB:Keep_multiple_kernel_versions
It is an openSUSE SDB entry but worked for me.
In general good idea, yes. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Am Mittwoch, 11. Juli 2012, 12:12:04 schrieb Marcus Meissner: Hi,
Did you report this in other channels, like our support team NTS?
Too bad that bug reports for kernel crashes for SLES get closed as invalid if no seperate support contract is signed with Novell/Suse.com :-( E.g. I have support contracts with HP for SLES and and therefore cannot report any kernel crashes via bnc. https://bugzilla.novell.com/show_bug.cgi?id=769292 (*) This is imho an unfortunate policy as I am happily paying for SLES maintenance but I am not entitled to even report a kernel crash. In addition reporting via http://support.novell.com/additional/bugreport.html is a black hole with a O_DIRECT to /dev/null. Yours, -- martin P.S.: The above mentioned crash could just today be reproduced with the 3.0.36 SLES kernel from monday but cannot be reported via proper channels even though a kdump is available.... (*) It is difficult to understand why I can report kernel crashes for opensuse while I cannot for SLES11 even though I am paying for the later but not for the former. -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
On Wed, Jul 11, 2012 at 10:15:36PM +0200, Martin Konold wrote:
Am Mittwoch, 11. Juli 2012, 12:12:04 schrieb Marcus Meissner:
Hi,
Did you report this in other channels, like our support team NTS?
Too bad that bug reports for kernel crashes for SLES get closed as invalid if no seperate support contract is signed with Novell/Suse.com :-(
E.g. I have support contracts with HP for SLES and and therefore cannot report any kernel crashes via bnc. https://bugzilla.novell.com/show_bug.cgi?id=769292 (*)
.. and did you try with HP?
This is imho an unfortunate policy as I am happily paying for SLES maintenance but I am not entitled to even report a kernel crash.
In addition reporting via http://support.novell.com/additional/bugreport.html is a black hole with a O_DIRECT to /dev/null.
Yours, -- martin P.S.: The above mentioned crash could just today be reproduced with the 3.0.36 SLES kernel from monday but cannot be reported via proper channels even though a kdump is available....
(*) It is difficult to understand why I can report kernel crashes for opensuse while I cannot for SLES11 even though I am paying for the later but not for the former.
Its really nothing that this list can solve. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Am 11.07.2012 22:15, schrieb Martin Konold:
Am Mittwoch, 11. Juli 2012, 12:12:04 schrieb Marcus Meissner:
Hi,
Did you report this in other channels, like our support team NTS?
Too bad that bug reports for kernel crashes for SLES get closed as invalid if no seperate support contract is signed with Novell/Suse.com :-(
E.g. I have support contracts with HP
Well, then you probably need to report the kernel crash to HP.
for SLES and and therefore cannot report any kernel crashes via bnc. https://bugzilla.novell.com/show_bug.cgi?id=769292 (*)
Even if you have a support contract with SUSE / Novell you cannot enter bugs against SLES usually. The workflow is different: you open a Service Request with support, they then open the bug if necessary.
This is imho an unfortunate policy as I am happily paying for SLES maintenance but I am not entitled to even report a kernel crash.
In addition reporting via http://support.novell.com/additional/bugreport.html is a black hole with a O_DIRECT to /dev/null.
http://www.novell.com/customercenter/, log in, on the left side "My Support -> Service requests", then "Submit new SR". Works almost every day for me, with timely response by the support team. For my customer (with a slightly bigger support contract), I simply mail or call my designated support engineer.
P.S.: The above mentioned crash could just today be reproduced with the 3.0.36 SLES kernel from monday but cannot be reported via proper channels even though a kdump is available....
It can, via proper channel.
(*) It is difficult to understand why I can report kernel crashes for opensuse while I cannot for SLES11 even though I am paying for the later but not for the former.
I report kernel crashes including crashdumps etc. for SLES almost every week, so I cannot really see where the problem is. -- Stefan Seyfried "Dispatch war rocket Ajax to bring back his body!" -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (4)
-
Joachim Schönberg -
Marcus Meissner -
Martin Konold -
Stefan Seyfried