Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.6:Update
patchinfo.29715
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.29715
<patchinfo incident="29715"> <issue id="1160435" tracker="bnc">5.5 kernel-docs package build failure</issue> <issue id="1172073" tracker="bnc">kernel-devel and kernel-source need Obsolete for previous package rebuilds of the same version</issue> <issue id="1187829" tracker="bnc">L3 Question: .rela.debug_info - size larger than .debug_info?</issue> <issue id="1191731" tracker="bnc">kernel-default-base from SLE-15-SP4-JeOS-Alpha-202110-1 conflicts with kernel-default-base from the "moving target" repository</issue> <issue id="1199046" tracker="bnc">zypper dup wants to install kernel-preempt-5.3.18-150300</issue> <issue id="1200217" tracker="bnc">[TRACKERBUG] SLE15-SP3 backports for cifs.ko</issue> <issue id="1205758" tracker="bnc">VUL-0: CVE-2022-45885: kernel-source-rt,kernel-source,kernel-source-azure: UaF in drivers/media/dvb-core/dvb_frontend.c</issue> <issue id="1208600" tracker="bnc">VUL-0: CVE-2023-1077: kernel: type confusion in pick_next_rt_entity</issue> <issue id="1209039" tracker="bnc">VUL-0: CVE-2023-1249: kernel: missing mmap_lock in fill_files_note that could possibly lead to a use after free in the coredump code</issue> <issue id="1209342" tracker="bnc">L3: cifs mount becomes inaccessible after about 30 minutes (STATUS_FILE_CLOSED) (bad file descriptor)</issue> <issue id="1210533" tracker="bnc">VUL-0: CVE-2023-2002: kernel-source-azure,kernel-source-rt,kernel-source: unauthorized management command execution</issue> <issue id="1210791" tracker="bnc">KMP build fails with ld: cannot find arch/s390/lib/expoline/expoline.o</issue> <issue id="1211089" tracker="bnc">ALP Workbench: kmod-testsuite fails to build on s390x</issue> <issue id="1211519" tracker="bnc">Update gve kernel module to 6.2 upstream</issue> <issue id="1211796" tracker="bnc">kernel modules not usrmerged</issue> <issue id="1212128" tracker="bnc">VUL-0: CVE-2023-3159: kernel-source,kernel-source-azure,kernel-source-rt: kernel: use after free issue in driver/firewire in outbound_phy_packet_callback</issue> <issue id="1212129" tracker="bnc">VUL-0: CVE-2023-3141: kernel-source,kernel-source-azure,kernel-source-rt: kernel: Use after free bug in r592_remove</issue> <issue id="1212154" tracker="bnc">VUL-0: CVE-2023-3161: kernel: fbcon: shift-out-of-bounds in fbcon_set_font()</issue> <issue id="1212158" tracker="bnc">kernel-docs missing top level chapter numbers</issue> <issue id="1212494" tracker="bnc">VUL-0: CVE-2023-35823: kernel-source,kernel-source-azure,kernel-source-rt: use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c</issue> <issue id="1212501" tracker="bnc">VUL-0: CVE-2023-35824: kernel-source-azure,kernel-source-rt,kernel-source: Use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c</issue> <issue id="1212502" tracker="bnc">VUL-0: CVE-2023-3268: kernel: out-of-bounds access in relay_file_read</issue> <issue id="1212504" tracker="bnc">VUL-0: CVE-2023-35788: kernel: out-of-bounds write in net/sched/cls_flower.c</issue> <issue id="1212513" tracker="bnc">VUL-0: CVE-2023-35828: kernel: use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c</issue> <issue id="1212606" tracker="bnc">VUL-0: CVE-2023-3358: kernel-source-azure,kernel-source-rt,kernel-source: NULL Pointer Dereference in drivers/hid/intel-ish-hid/ishtp/dma-if.c</issue> <issue id="1212842" tracker="bnc">VUL-0: CVE-2023-3090: kernel: heap out-of-bounds vulnerability in the ipvlan network driver could lead to local privilege escalation</issue> <issue id="2023-1077" tracker="cve" /> <issue id="2023-1249" tracker="cve" /> <issue id="2023-2002" tracker="cve" /> <issue id="2023-3090" tracker="cve" /> <issue id="2023-3141" tracker="cve" /> <issue id="2023-3159" tracker="cve" /> <issue id="2023-3161" tracker="cve" /> <issue id="2023-3268" tracker="cve" /> <issue id="2023-3358" tracker="cve" /> <issue id="2023-35788" tracker="cve" /> <issue id="2023-35823" tracker="cve" /> <issue id="2023-35824" tracker="cve" /> <issue id="2023-35828" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vkarasulli</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208600). - CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039). - CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210533). - CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842). - CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129). - CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outbound_phy_packet_callback (bsc#1212128). - CVE-2023-3161: Fixed shift-out-of-bounds in fbcon_set_font() (bsc#1212154). - CVE-2023-3268: Fixed an out of bounds (OOB) memory access flaw in relay_file_read_start_pos in kernel/relay.c (bsc#1212502). - CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606). - CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212504). - CVE-2023-35823: Fixed a use-after-free flaw in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c (bsc#1212494). - CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501). - CVE-2023-35828: Fixed a use-after-free flaw in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c (bsc#1212513). The following non-security bugs were fixed: - Also include kernel-docs build requirements for ALP - Avoid unsuported tar parameter on SLE12 - Fix missing top level chapter numbers on SLE12 SP5 (bsc#1212158). - Fix usrmerge error (boo#1211796) - Generalize kernel-doc build requirements. - Move obsolete KMP list into a separate file. The list of obsoleted KMPs varies per release, move it out of the spec file. - Move setting %%build_html to config.sh - Move setting %%split_optional to config.sh - Move setting %%supported_modules_check to config.sh - Move the kernel-binary conflicts out of the spec file. Thie list of conflicting packages varies per release. To reduce merge conflicts move the list out of the spec file. - Remove obsolete rpm spec constructs defattr does not need to be specified anymore buildroot does not need to be specified anymore - Remove usrmerge compatibility symlink in buildroot (boo#1211796). - Trim obsolete KMP list. SLE11 is out of support, we do not need to handle upgrading from SLE11 SP1. - cifs: do not include page data when checking signature (bsc#1200217). - cifs: fix open leaks in open_cached_dir() (bsc#1209342). - google/gve:fix repeated words in comments (bsc#1211519). - gve: Adding a new AdminQ command to verify driver (bsc#1211519). - gve: Cache link_speed value from device (bsc#1211519). - gve: Fix GFP flags when allocing pages (bsc#1211519). - gve: Fix error return code in gve_prefill_rx_pages() (bsc#1211519). - gve: Fix spelling mistake "droping" -> "dropping" (bsc#1211519). - gve: Handle alternate miss completions (bsc#1211519). - gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519). - gve: Remove the code of clearing PBA bit (bsc#1211519). - gve: Secure enough bytes in the first TX desc for all TCP pkts (bsc#1211519). - gve: enhance no queue page list detection (bsc#1211519). - kernel-binary: Add back kernel-default-base guarded by option Add configsh option for splitting off kernel-default-base, and for not signing the kernel on non-efi - kernel-binary: install expoline.o (boo#1210791 bsc#1211089) - kernel-source: Remove unused macro variant_symbols - kernel-spec-macros: Fix up obsolete_rebuilds_subpackage to generate obsoletes correctly (boo#1172073 bsc#1191731). rpm only supports full length release, no provides - rpm/check-for-config-changes: add TOOLCHAIN_NEEDS_* to IGNORED_CONFIGS_RE. - rpm/constraints.in: Increase disk size constraint for riscv64 to 52GB - rpm/kernel-binary.spec.in: Add Provides of kernel-preempt (jsc#SLE-18857) For smooth migration with the former kernel-preempt user, kernel-default provides kernel-preempt now when CONFIG_PREEMPT_DYNAMIC is defined. - rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm - rpm/kernel-binary.spec.in: Fix missing kernel-preempt-devel and KMP Provides (bsc#1199046) - rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error (bsc#1160435) - usrmerge: Compatibility with earlier rpm (boo#1211796) - x86/build: Avoid relocation information in final vmlinux (bsc#1187829). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor