Security update for kdump
Announcement ID: | SUSE-SU-2016:2553-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability and has 13 security fixes can now be installed.
Description:
This update for kdump provides several fixes and enhancements:
- Refresh kdumprd if /etc/hosts or /etc/nsswitch.conf is changed. (bsc#943214)
- Add a separate systemd service to rebuild kdumprd at boot. (bsc#943214)
- Improve network setup in the kdump environment by reading configuration from wicked by default (system configuration files are used as a fallback). (bsc#980328)
- Use the last mount entry in kdump_get_mountpoints(). (bsc#951844)
- Remove 'notsc' from the kdump kernel command line. (bsc#973213)
- Handle dump files with many program headers. (bsc#932339, bsc#970708)
- Fall back to stat() if file type is DT_UNKNOWN. (bsc#964206)
- Remove vm. sysctls from kdump initrd. (bsc#927451, bsc#987862)
- Use the exit code of kexec, not that of "local". (bsc#984799)
- Convert sysroot to a bind mount in kdump initrd. (bsc#976864)
- Distinguish between Xenlinux (aka Xenified or SUSE) and pvops Xen kernels, as the latter can run on bare metal. (bsc#974270)
- CVE-2016-5759: Use full path to dracut as argument to bash. (bsc#989972, bsc#990200)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Desktop 12 SP1
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1492=1
-
SUSE Linux Enterprise Server for SAP Applications 12 SP1
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1492=1
-
SUSE Linux Enterprise Server 12 SP1
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1492=1
Package List:
-
SUSE Linux Enterprise Desktop 12 SP1 (x86_64)
- kdump-debuginfo-0.8.15-29.1
- kdump-0.8.15-29.1
- kdump-debugsource-0.8.15-29.1
-
SUSE Linux Enterprise Server for SAP Applications 12 SP1 (ppc64le x86_64)
- kdump-debuginfo-0.8.15-29.1
- kdump-0.8.15-29.1
- kdump-debugsource-0.8.15-29.1
-
SUSE Linux Enterprise Server 12 SP1 (ppc64le s390x x86_64)
- kdump-debuginfo-0.8.15-29.1
- kdump-0.8.15-29.1
- kdump-debugsource-0.8.15-29.1
References:
- https://www.suse.com/security/cve/CVE-2016-5759.html
- https://bugzilla.suse.com/show_bug.cgi?id=927451
- https://bugzilla.suse.com/show_bug.cgi?id=932339
- https://bugzilla.suse.com/show_bug.cgi?id=943214
- https://bugzilla.suse.com/show_bug.cgi?id=951844
- https://bugzilla.suse.com/show_bug.cgi?id=964206
- https://bugzilla.suse.com/show_bug.cgi?id=970708
- https://bugzilla.suse.com/show_bug.cgi?id=973213
- https://bugzilla.suse.com/show_bug.cgi?id=974270
- https://bugzilla.suse.com/show_bug.cgi?id=976864
- https://bugzilla.suse.com/show_bug.cgi?id=980328
- https://bugzilla.suse.com/show_bug.cgi?id=984799
- https://bugzilla.suse.com/show_bug.cgi?id=987862
- https://bugzilla.suse.com/show_bug.cgi?id=989972
- https://bugzilla.suse.com/show_bug.cgi?id=990200