Security update for HA kernel modules

SUSE Security Update: Security update for HA kernel modules
Announcement ID: SUSE-SU-2018:1486-1
Rating: moderate
References: #1068032 #936517 #962257
Affected Products:
  • SUSE Linux Enterprise High Availability 12

  • An update that solves one vulnerability and has two fixes is now available.


    This update provides rebuilds of HA kernel modules with retpoline support
    to mitigate Spectre Variant 2 (CVE-2017-5715 bsc#1068032)

    cluster fs also received these bugfixes:

    - backport patch to fix dlmglue false deadlock (bnc#962257)
    - Fix for online increase of filesystem in kernel mode fails (bsc#936517).

    Patch Instructions:

    To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise High Availability 12:
      zypper in -t patch SUSE-SLE-HA-12-2018-1014=1

    Package List:

    • SUSE Linux Enterprise High Availability 12 (s390x x86_64):
      • cluster-network-kmp-default-1.4_k3.12.61_52.133-26.4.1
      • cluster-network-kmp-default-debuginfo-1.4_k3.12.61_52.133-26.4.1
      • dlm-kmp-default-4.0.2_k3.12.61_52.133-22.5.1
      • dlm-kmp-default-debuginfo-4.0.2_k3.12.61_52.133-22.5.1
      • drbd-
      • drbd-debuginfo-
      • drbd-debugsource-
      • drbd-kmp-default-
      • drbd-kmp-default-debuginfo-
      • gfs2-kmp-default-3.1.6_k3.12.61_52.133-22.5.1
      • gfs2-kmp-default-debuginfo-3.1.6_k3.12.61_52.133-22.5.1
      • ocfs2-kmp-default-1.8.2_k3.12.61_52.133-22.5.1
      • ocfs2-kmp-default-debuginfo-1.8.2_k3.12.61_52.133-22.5.1
    • SUSE Linux Enterprise High Availability 12 (x86_64):
      • cluster-network-kmp-xen-1.4_k3.12.61_52.133-26.4.1
      • cluster-network-kmp-xen-debuginfo-1.4_k3.12.61_52.133-26.4.1
      • dlm-kmp-xen-4.0.2_k3.12.61_52.133-22.5.1
      • dlm-kmp-xen-debuginfo-4.0.2_k3.12.61_52.133-22.5.1
      • drbd-kmp-xen-
      • drbd-kmp-xen-debuginfo-
      • gfs2-kmp-xen-3.1.6_k3.12.61_52.133-22.5.1
      • gfs2-kmp-xen-debuginfo-3.1.6_k3.12.61_52.133-22.5.1
      • ocfs2-kmp-xen-1.8.2_k3.12.61_52.133-22.5.1
      • ocfs2-kmp-xen-debuginfo-1.8.2_k3.12.61_52.133-22.5.1