Mailinglist Archive: opensuse-updates (113 mails)

< Previous Next >
openSUSE-SU-2017:1033-1: moderate: Security update for dracut
openSUSE Security Update: Security update for dracut
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:1033-1
Rating: moderate
References:
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:


This update for dracut fixes the following issues:

Security issues fixed:

- CVE-2016-8637: When the early microcode loading was enabled during
initrd creation, the initrd would be read-only available for all users,
allowing local users to retrieve secrets stored in the initial ramdisk.
(bsc#1008340)

Non security issues fixed:

- Remove zlib module as requirement. (bsc#1020063)
- Unlimit TaskMax for xfs_repair in emergency shell. (bsc#1019938)
- Resolve symbolic links for -i and -k parameters. (bsc#902375)
- Enhance purge-kernels script to handle kgraft patches. (bsc#1017141)
- Allow booting from degraded MD arrays with systemd. (bsc#1017695)
- Allow booting on s390x with fips=1 on the kernel command line.
(bnc#1021687)
- Start multipath services before local-fs-pre.target. (bsc#1005410,
bsc#1006118, bsc#1007925)
- Fix /sbin/installkernel to handle kernel packages built with 'make
bin-rpmpkg'. (bsc#1008648)

This update was imported from the SUSE:SLE-12-SP2:Update update project.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-482=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.2 (i586 x86_64):

dracut-044-16.3.1
dracut-debuginfo-044-16.3.1
dracut-debugsource-044-16.3.1
dracut-fips-044-16.3.1
dracut-tools-044-16.3.1


References:



< Previous Next >
This Thread
  • No further messages