openSUSE Security Update : dracut (openSUSE-2015-846)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for dracut fixes the following issues :

- Skip ibft setup via dhcp if dhcp ip is 0.0.0.0
(boo#953361) Added
0312-iscsi-skip-ibft-invalid-dhcp.patch

- Modify
0169-enabled-warning-for-failed-kernel-modules-per-defau
l.patch

- Add notice (boo#952491)

- Refresh patches with line offsets: M
0146-dracut.sh-corrected-logfile-check.patch M
0182-fix_add_drivers_hang.patch M
0183-kernel-modules-Fix-storage-module-selection-for-sdh
c.patch

- Modify 0181-load-xhci-pci.patch :

- Add hid-logitech-hidpp

- Ignore errors for xhci-pci, ehci-platform and
hid-logitech-hidpp

- Boo#952491, boo#935563 and boo#953035

- Add 0311-less_pointless_module_errors.patch (boo#952491
and boo#935563)

- Don't warn if installing built-in modules fails

- Don't print the error message twice

- Modify
0144-90crypt-fixed-crypttab_contains-to-also-work-with-d
e.patch and
0169-Enabled-Warning-for-failed-kernel-modules-per-defau
l.patch

- Fixes boo#935338

- Use mktemp instead of hardcoded filenames, possible
vulnerability

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=935338
https://bugzilla.opensuse.org/show_bug.cgi?id=935563
https://bugzilla.opensuse.org/show_bug.cgi?id=952491
https://bugzilla.opensuse.org/show_bug.cgi?id=953035
https://bugzilla.opensuse.org/show_bug.cgi?id=953361

Solution :

Update the affected dracut packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 87189 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now