Recommended update for tboot
Announcement ID: | SUSE-RU-2018:3380-1 |
---|---|
Rating: | moderate |
References: | |
Affected Products: |
|
An update that has three fixes can now be installed.
Description:
This update for tboot to version 1.9.7 provides the following fixes:
- Fix issues with tboot in conjunction with tpm 2.0 devices (bsc#1103182, bsc#1108184).
- Mitigations for tpm interposer attacks
- Add an option in tboot to force SINIT to use the legacy TPM2 log format.
- Add support for appending to a TPM2 TCG style event log.
- Ensure tboot log is available even when measured launch is skipped.
- Fix TPM 1.2 locality selection issue.
- Fix a null pointer dereference bug when Intel TXT is disabled.
- The size field of the MB2 tag is the size of the tag header + the size
- Make policy element stm_elt use unique type name
- Reset debug PCR16 to zero.
- Fix a logical error in function bool evtlog_append(...).
- Don't add GNU/Linux to grub menu entries. SUSE's grub2 itself doesn't do it either. (bsc#1078262)
- Perform update of bootloader configuration after installation via %posttrans. Perform cleanup of bootloader configuration upon package removal via %postun. (bsc#1078262)
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Server for SAP Applications 12 SP3
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2424=1
-
SUSE Linux Enterprise Server 12 SP3
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2424=1
-
SUSE Linux Enterprise High Performance Computing 12 SP3
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2424=1
Package List:
-
SUSE Linux Enterprise Server for SAP Applications 12 SP3 (x86_64)
- tboot-debugsource-20170711_1.9.7-7.10.1
- tboot-debuginfo-20170711_1.9.7-7.10.1
- tboot-20170711_1.9.7-7.10.1
-
SUSE Linux Enterprise Server 12 SP3 (x86_64)
- tboot-debugsource-20170711_1.9.7-7.10.1
- tboot-debuginfo-20170711_1.9.7-7.10.1
- tboot-20170711_1.9.7-7.10.1
-
SUSE Linux Enterprise High Performance Computing 12 SP3 (x86_64)
- tboot-debugsource-20170711_1.9.7-7.10.1
- tboot-debuginfo-20170711_1.9.7-7.10.1
- tboot-20170711_1.9.7-7.10.1