LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2020

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2020

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: EXT: Security ERRATA Important: kernel on SL7.x x86_64
From:	Patrick Riehecky <[log in to unmask]>
Reply To:	Patrick Riehecky <[log in to unmask]>
Date:	Wed, 18 Mar 2020 17:30:21 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (146 lines)

Interesting..... I didn't see this in the internal repoclosures.  I'll have to take a closer look to see what makes the most sense.

Pat

--
Pat Riehecky

Fermi National Accelerator Laboratory
www.fnal.gov
www.scientificlinux.org

________________________________________
From: Mailing list for Scientific Linux users worldwide <[log in to unmask]> on behalf of Peed, Andrew (GE Healthcare) <[log in to unmask]>
Sent: Wednesday, March 18, 2020 10:05 AM
To: scientific-linux-users
Subject: Re: [SCIENTIFIC-LINUX-USERS] EXT: Security ERRATA Important: kernel on SL7.x x86_64

Hi,

When I update my repository with this kernel package update, I get the following error from repoclosure:

package: kpatch-patch-3_10_0-1062_12_1-0-0.el7.x86_64
  unresolved deps:
     kernel = 0:3.10.0-1062.12.1.el7

kpatch-patch is self-described in the SPEC file as being an empty package that provides a method to subscribe to the kpatch stream for kernel-3.10.0-1062.12.1.el7 (the previous version), and has an explicit requirement for that version.

Does SL  plan to update this package, or will we need to so that we can get a clean repoclosure?

Thanks,
-- Andy


-----Original Message-----
From: [log in to unmask] <[log in to unmask]> On Behalf Of Farhan Ahmed
Sent: Tuesday, March 17, 2020 4:43 PM
To: [log in to unmask]
Subject: EXT: Security ERRATA Important: kernel on SL7.x x86_64

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       SLSA-2020:0834-1
Issue Date:        2020-03-17
CVE Numbers:       CVE-2019-11487
                   CVE-2019-17666
                   CVE-2019-19338
--

Security Fix(es):

* kernel: Count overflow in FUSE request leading to use-after-free issues.
(CVE-2019-11487)

* kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)

* Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA
(CVE-2019-11135) (CVE-2019-19338)

Bug Fix(es):

* SL7.7 - default idle mishandles lazy irq state

* Sanitize MM backported code for SL7

* A bio with a flush and write to an md device can be lost and never complete by the md layer

* [FJ7.7 Bug]: [REG] Read from /proc/net/if_inet6 never stop.

* SL7.7 - zfcp: fix reaction on bit error threshold notification

* SL7.7 Snapshot3 - Kernel Panic when running LTP mm test on s390x

* Leak in cachefiles driver

* VFS: Busy inodes after unmount of loop0 when encountering duplicate directory inodes

* Allocation failure in md's r10buf_pool_alloc function leads to a crash from accessing uninitialized pointers

* [Hyper-V][SL7.6]Hyper-V guest waiting indefinitely for RCU callback when removing a mem cgroup

* A bnx2fc abort attempt doesn't timeout from miscalculation causing a huge timeout value

* scsi: libiscsi: fall back to sendmsg for slab pages

* SL7.7 - kernel: avoid cpu yield in SMT environment

* SL7.6 - kernel: jump label transformation performance

* drm radeon power management warning on VERDE cards

* Duplicate enum value in include/linux/blk_types.h

* [HPE 7.7 Bug] hpsa: bug fix for reset issue

* System Crash on vport creation (NPIV on FCoE)

* [Hyper-V][SL 7.8] Four Mellanox Patches needed for kernels that have that have SRIOV

* WARNING: CPU: 7 PID: 2049 at mm/slub.c:2296 ___slab_alloc+0x508/0x520

* fio with ioengine=pmemblk on fsdax failed

* [HPE 7.7 Bug] hpsa: bug fixes

* perf top -p PID does not show anything

* Delay in RT task scheduled. Incorrect nr_scheduled value.

* A directory on a gfs2 filesystem appears corrupt on nodeB after nodeA renames the directory

* ixgbevf interface goes down on hypervisor and causes outage

* Can't enable virt-ssbd on some AMD hosts

* [HPEMC 7.8 BUG] x86/boot/64: Avoid mapping reserved ranges in early page tables

Enhancement(s):

* scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show'
--

SL7
  x86_64
    bpftool-3.10.0-1062.18.1.el7.x86_64.rpm
    bpftool-debuginfo-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-debug-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-debug-debuginfo-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-debug-devel-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-debuginfo-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-debuginfo-common-x86_64-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-devel-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-headers-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-tools-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-tools-debuginfo-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-tools-libs-3.10.0-1062.18.1.el7.x86_64.rpm
    perf-3.10.0-1062.18.1.el7.x86_64.rpm
    perf-debuginfo-3.10.0-1062.18.1.el7.x86_64.rpm
    python-perf-3.10.0-1062.18.1.el7.x86_64.rpm
    python-perf-debuginfo-3.10.0-1062.18.1.el7.x86_64.rpm
    kernel-tools-libs-devel-3.10.0-1062.18.1.el7.x86_64.rpm
  noarch
    kernel-abi-whitelists-3.10.0-1062.18.1.el7.noarch.rpm
    kernel-doc-3.10.0-1062.18.1.el7.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV