SUSE-SU-2017:0951-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170951-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0951-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2017:0951-1
Related
Published
2017-04-06T07:31:33Z
Modified
2017-04-06T07:31:33Z
Summary
Security update for dracut
Details

This update for dracut fixes the following issues:

Security issues fixed:

  • CVE-2016-8637: When the early microcode loading was enabled during initrd creation, the initrd would be read-only available for all users, allowing local users to retrieve secrets stored in the initial ramdisk. (bsc#1008340)

Non security issues fixed:

  • Remove zlib module as requirement. (bsc#1020063)
  • Unlimit TaskMax for xfs_repair in emergency shell. (bsc#1019938)
  • Resolve symbolic links for -i and -k parameters. (bsc#902375)
  • Enhance purge-kernels script to handle kgraft patches. (bsc#1017141)
  • Allow booting from degraded MD arrays with systemd. (bsc#1017695)
  • Allow booting on s390x with fips=1 on the kernel command line. (bnc#1021687)
  • Start multipath services before local-fs-pre.target. (bsc#1005410, bsc#1006118, bsc#1007925)
  • Fix /sbin/installkernel to handle kernel packages built with 'make bin-rpmpkg'. (bsc#1008648)
References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP2 / dracut

Package

Name
dracut
Purl
pkg:rpm/suse/dracut&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
044-108.1

Ecosystem specific 

{
    "binaries": [
        {
            "dracut": "044-108.1"
        }
    ]
}

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / dracut

Package

Name
dracut
Purl
pkg:rpm/suse/dracut&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
044-108.1

Ecosystem specific 

{
    "binaries": [
        {
            "dracut-fips": "044-108.1",
            "dracut": "044-108.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / dracut

Package

Name
dracut
Purl
pkg:rpm/suse/dracut&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
044-108.1

Ecosystem specific 

{
    "binaries": [
        {
            "dracut-fips": "044-108.1",
            "dracut": "044-108.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / dracut

Package

Name
dracut
Purl
pkg:rpm/suse/dracut&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
044-108.1

Ecosystem specific 

{
    "binaries": [
        {
            "dracut-fips": "044-108.1",
            "dracut": "044-108.1"
        }
    ]
}