SUSE 5008 Published by

Updated kernel packages has been released for openSUSE Leap 42.2 and 42.3:

openSUSE-SU-2017:2494-1: important: Security update for the Linux Kernel
openSUSE-SU-2017:2495-1: important: Security update for the Linux Kernel



openSUSE-SU-2017:2494-1: important: Security update for the Linux Kernel

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2494-1
Rating: important
References: #1012829 #1021424 #1022743 #1024405 #1031717
#1035479 #1036060 #1038583 #1046529 #1048893
#1048912 #1049361 #1049580 #1054654 #1056261
#1056849 #1056982 #1057015 #1057031 #1057035
#1057038 #1057047 #1057067 #1057389 #1057849
#1058116 #971975 #981309
Cross-References: CVE-2017-1000251 CVE-2017-11472 CVE-2017-14106

Affected Products:
openSUSE Leap 42.3
______________________________________________________________________________

An update that solves three vulnerabilities and has 25
fixes is now available.

Description:



The openSUSE Leap 42.3 kernel was updated to 4.4.87 to receive various
security and bugfixes.


The following security bugs were fixed:

- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ)
was vulnerable to a stack overflow vulnerability in the processing of
L2CAP configuration responses resulting in Remote code execution in
kernel space (bnc#1057389).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the
Linux kernel allowed local users to cause a denial of service
(__tcp_select_window divide-by-zero error and system crash) by
triggering a disconnect within a certain tcp_recvmsg code path
(bnc#1056982).
- CVE-2017-11472: The acpi_ns_terminate() function in
drivers/acpi/acpica/nsutils.c in the Linux kernel did not flush the
operand cache and causes a kernel stack dump, which allowed local users
to obtain sensitive information from kernel memory and bypass the KASLR
protection mechanism via a crafted ACPI table (bnc#1049580).

The following non-security bugs were fixed:

- acpica: IORT: Update SMMU models for revision C (bsc#1036060).
- acpi/nfit: Fix memory corruption/Unregister mce decoder on failure
(bsc#1057047).
- ahci: do not use MSI for devices with the silly Intel NVMe remapping
scheme (bsc#1048912).
- ahci: thunderx2: stop engine fix update (bsc#1057031).
- alsa: hda/realtek - Add support headphone Mic for ALC221 of HP platform
(bsc#1024405).
- arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT (bsc#1046529).
- arm64: PCI: Fix struct acpi_pci_root_ops allocation failure path
(bsc#1056849).
- arm64: Update config files. Enable ARCH_PROC_KCORE_TEXT
- blacklist.conf: gcc7 compiler warning (bsc#1056849)
- bnxt: add a missing rcu synchronization (bnc#1038583).
- bnxt: do not busy-poll when link is down (bnc#1038583).
- bnxt_en: Enable MRU enables bit when configuring VNIC MRU (bnc#1038583).
- bnxt_en: Fix and clarify link_info->advertising (bnc#1038583).
- bnxt_en: Fix a VXLAN vs GENEVE issue (bnc#1038583).
- bnxt_en: Fix NULL pointer dereference in a failure path during open
(bnc#1038583).
- bnxt_en: Fix NULL pointer dereference in reopen failure path
(bnc#1038583).
- bnxt_en: fix pci cleanup in bnxt_init_one() failure path (bnc#1038583).
- bnxt_en: Fix ring arithmetic in bnxt_setup_tc() (bnc#1038583).
- bnxt_en: Fix TX push operation on ARM64 (bnc#1038583).
- bnxt_en: Fix "uninitialized variable" bug in TPA code path (bnc#1038583).
- bnxt_en: Fix VF virtual link state (bnc#1038583).
- bnxt_en: initialize rc to zero to avoid returning garbage (bnc#1038583).
- bnxt_en: Pad TX packets below 52 bytes (bnc#1038583).
- bnxt_en: Refactor TPA code path (bnc#1038583).
- ceph: fix readpage from fscache (bsc#1057015).
- cifs: add build_path_from_dentry_optional_prefix() (fate#323482).
- cifs: add use_ipc flag to SMB2_ioctl() (fate#323482).
- cifs: Fix sparse warnings (fate#323482).
- cifs: implement get_dfs_refer for SMB2+ (fate#323482).
- cifs: let ses->ipc_tid hold smb2 TreeIds (fate#323482).
- cifs: move DFS response parsing out of SMB1 code (fate#323482).
- cifs: remove any preceding delimiter from prefix_path (fate#323482).
- cifs: set signing flag in SMB2+ TreeConnect if needed (fate#323482).
- cifs: use DFS pathnames in SMB2+ Create requests (fate#323482).
- cpufreq: intel_pstate: Disable energy efficiency optimization
(bsc#1054654).
- cxgb4: Fix stack out-of-bounds read due to wrong size to
t4_record_mbox() (bsc#1021424 bsc#1022743).
- device-dax: fix cdev leak (bsc#1057047).
- dmaengine: mv_xor_v2: do not use descriptors not acked by async_tx
(bsc#1056849).
- dmaengine: mv_xor_v2: enable XOR engine after its configuration
(bsc#1056849).
- dmaengine: mv_xor_v2: fix tx_submit() implementation (bsc#1056849).
- dmaengine: mv_xor_v2: handle mv_xor_v2_prep_sw_desc() error properly
(bsc#1056849).
- dmaengine: mv_xor_v2: properly handle wrapping in the array of HW
descriptors (bsc#1056849).
- dmaengine: mv_xor_v2: remove interrupt coalescing (bsc#1056849).
- dmaengine: mv_xor_v2: set DMA mask to 40 bits (bsc#1056849).
- drivers: base: cacheinfo: fix boot error message when acpi is enabled
(bsc#1057849).
- edac, thunderx: Fix a warning during l2c debugfs node creation
(bsc#1057038).
- edac, thunderx: Fix error handling path in thunderx_lmc_probe()
(bsc#1057038).
- fs/proc: kcore: use kcore_list type to check for vmalloc/module address
(bsc#1046529).
- gfs2: Do not clear SGID when inheriting ACLs (bsc#1012829).
- ib/hns: checking for IS_ERR() instead of NULL (bsc#1056849).
- ibmvnic: Clean up resources on probe failure (fate#323285, bsc#1058116).
- ib/rxe: Add dst_clone() in prepare_ipv6_hdr() (bsc#1049361).
- ib/rxe: Avoid ICRC errors by copying into the skb first (bsc#1049361).
- ib/rxe: Disable completion upcalls when a CQ is destroyed (bsc#1049361).
- ib/rxe: Fix destination cache for IPv6 (bsc#1049361).
- ib/rxe: Fix up rxe_qp_cleanup() (bsc#1049361).
- ib/rxe: Fix up the responder's find_resources() function (bsc#1049361).
- ib/rxe: Handle NETDEV_CHANGE events (bsc#1049361).
- ib/rxe: Move refcounting earlier in rxe_send() (bsc#1049361).
- ib/rxe: Remove dangling prototype (bsc#1049361).
- ib/rxe: Remove unneeded initialization in prepare6() (bsc#1049361).
- ib/rxe: Set dma_mask and coherent_dma_mask (bsc#1049361).
- iommu/arm-smmu-v3, acpi: Add temporary Cavium SMMU-V3 IORT model number
definitions (bsc#1036060).
- iommu/arm-smmu-v3: Increase CMDQ drain timeout value (bsc#1035479).
Refresh patch to mainline version
- irqchip/gic-v3-its: Fix command buffer allocation (bsc#1057067).
- iwlwifi: mvm: do not send CTDP commands via debugfs if not supported
(bsc#1031717).
- kernel/*: switch to memdup_user_nul() (bsc#1048893).
- lightnvm: remove unused rq parameter of nvme_nvm_rqtocmd() to kill
warning (FATE#319466).
- md/raid5: fix a race condition in stripe batch (linux-stable).
- mmc: sdhci-xenon: add set_power callback (bsc#1057035).
- mmc: sdhci-xenon: Fix the work flow in xenon_remove() (bsc#1057035).
- mm/page_alloc.c: apply gfp_allowed_mask before the first allocation
attempt (bnc#971975 VM -- git fixes).
- mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap
mappings (bsc#1046529).
- new helper: memdup_user_nul() (bsc#1048893).
- nfs: flush data when locking a file to ensure cache coherence for mmap
(bsc#981309).
- pci: rockchip: Handle regulator_get_current_limit() failure correctly
(bsc#1056849).
- pci: rockchip: Use normal register bank for config accessors
(bsc#1056849).
- pm / Domains: Fix unsafe iteration over modified list of domains
(bsc#1056849).
- rtnetlink: fix rtnl_vfinfo_size (bsc#1056261).
- scsi: hisi_sas: add missing break in switch statement (bsc#1056849).
- sysctl: fix lax sysctl_check_table() sanity check (bsc#1048893).
- sysctl: fold sysctl_writes_strict checks into helper (bsc#1048893).
- sysctl: kdoc'ify sysctl_writes_strict (bsc#1048893).
- sysctl: simplify unsigned int support (bsc#1048893).
- ubifs: Correctly evict xattr inodes (bsc#1012829).
- ubifs: Do not leak kernel memory to the MTD (bsc#1012829).
- xfs: fix inobt inode allocation search optimization (bsc#1012829).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2017-1063=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.3 (noarch):

kernel-devel-4.4.87-25.1
kernel-docs-4.4.87-25.2
kernel-docs-html-4.4.87-25.2
kernel-docs-pdf-4.4.87-25.2
kernel-macros-4.4.87-25.1
kernel-source-4.4.87-25.1
kernel-source-vanilla-4.4.87-25.1

- openSUSE Leap 42.3 (x86_64):

kernel-debug-4.4.87-25.1
kernel-debug-base-4.4.87-25.1
kernel-debug-base-debuginfo-4.4.87-25.1
kernel-debug-debuginfo-4.4.87-25.1
kernel-debug-debugsource-4.4.87-25.1
kernel-debug-devel-4.4.87-25.1
kernel-debug-devel-debuginfo-4.4.87-25.1
kernel-default-4.4.87-25.1
kernel-default-base-4.4.87-25.1
kernel-default-base-debuginfo-4.4.87-25.1
kernel-default-debuginfo-4.4.87-25.1
kernel-default-debugsource-4.4.87-25.1
kernel-default-devel-4.4.87-25.1
kernel-obs-build-4.4.87-25.1
kernel-obs-build-debugsource-4.4.87-25.1
kernel-obs-qa-4.4.87-25.1
kernel-syms-4.4.87-25.1
kernel-vanilla-4.4.87-25.1
kernel-vanilla-base-4.4.87-25.1
kernel-vanilla-base-debuginfo-4.4.87-25.1
kernel-vanilla-debuginfo-4.4.87-25.1
kernel-vanilla-debugsource-4.4.87-25.1
kernel-vanilla-devel-4.4.87-25.1


References:

https://www.suse.com/security/cve/CVE-2017-1000251.html
https://www.suse.com/security/cve/CVE-2017-11472.html
https://www.suse.com/security/cve/CVE-2017-14106.html
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1021424
https://bugzilla.suse.com/1022743
https://bugzilla.suse.com/1024405
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1035479
https://bugzilla.suse.com/1036060
https://bugzilla.suse.com/1038583
https://bugzilla.suse.com/1046529
https://bugzilla.suse.com/1048893
https://bugzilla.suse.com/1048912
https://bugzilla.suse.com/1049361
https://bugzilla.suse.com/1049580
https://bugzilla.suse.com/1054654
https://bugzilla.suse.com/1056261
https://bugzilla.suse.com/1056849
https://bugzilla.suse.com/1056982
https://bugzilla.suse.com/1057015
https://bugzilla.suse.com/1057031
https://bugzilla.suse.com/1057035
https://bugzilla.suse.com/1057038
https://bugzilla.suse.com/1057047
https://bugzilla.suse.com/1057067
https://bugzilla.suse.com/1057389
https://bugzilla.suse.com/1057849
https://bugzilla.suse.com/1058116
https://bugzilla.suse.com/971975
https://bugzilla.suse.com/981309


openSUSE-SU-2017:2495-1: important: Security update for the Linux Kernel

openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:2495-1
Rating: important
References: #1012829 #1020645 #1020657 #1021424 #1022743
#1024405 #1030850 #1031717 #1031784 #1034048
#1038583 #1047487 #1048155 #1048893 #1048934
#1049226 #1049580 #1051790 #1052580 #1052888
#1053117 #1053802 #1053915 #1053919 #1054084
#1055013 #1055096 #1055359 #1056261 #1056588
#1056827 #1056982 #1057015 #1057389 #1058116
#971975 #981309
Cross-References: CVE-2017-1000251 CVE-2017-11472 CVE-2017-12134
CVE-2017-14051 CVE-2017-14106
Affected Products:
openSUSE Leap 42.2
______________________________________________________________________________

An update that solves 5 vulnerabilities and has 32 fixes is
now available.

Description:



The openSUSE Leap 42.2 kernel was updated to 4.4.87 to receive various
security and bugfixes.


The following security bugs were fixed:

- CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ)
was vulnerable to a stack overflow vulnerability in the processing of
L2CAP configuration responses resulting in Remote code execution in
kernel space (bnc#1057389).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the
Linux kernel allowed local users to cause a denial of service
(__tcp_select_window divide-by-zero error and system crash) by
triggering a disconnect within a certain tcp_recvmsg code path
(bnc#1056982).
- CVE-2017-11472: The acpi_ns_terminate() function in
drivers/acpi/acpica/nsutils.c in the Linux kernel did not flush the
operand cache and causes a kernel stack dump, which allowed local users
to obtain sensitive information from kernel memory and bypass the KASLR
protection mechanism (in the kernel through 4.9) via a crafted ACPI
table (bnc#1049580).
- CVE-2017-14051: An integer overflow in the
qla2x00_sysfs_write_optrom_ctl function in
drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users
to cause a denial of service (memory corruption and system crash) by
leveraging root access (bnc#1056588).
- CVE-2017-12134: The xen_biovec_phys_mergeable function in
drivers/xen/biomerge.c in Xen might allow local OS guest users to
corrupt block device data streams and consequently obtain sensitive
memory information, cause a denial of service, or gain host OS
privileges by leveraging incorrect block IO merge-ability calculation
(bnc#1051790 1053919).

The following non-security bugs were fixed:

- acpi / scan: Prefer devices without _HID for _ADR matching (git-fixes).
- alsa: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
(bsc#1020657).
- alsa: hda - Implement mic-mute LED mode enum (bsc#1055013).
- alsa: hda/realtek - Add support headphone Mic for ALC221 of HP platform
(bsc#1024405).
- alsa: ice1712: Add support for STAudio ADCIII (bsc#1048934).
- alsa: usb-audio: Apply sample rate quirk to Sennheiser headset
(bsc#1052580).
- Add "shutdown" to "struct class" (bsc#1053117).
- bluetooth: bnep: fix possible might sleep error in bnep_session
(bsc#1031784).
- bluetooth: cmtp: fix possible might sleep error in cmtp_session
(bsc#1031784).
- btrfs: fix early ENOSPC due to delalloc (bsc#1049226).
- nfs: flush data when locking a file to ensure cache coherence for mmap
(bsc#981309).
- Revert "/proc/iomem: only expose physical resource addresses to
privileged users" (kabi).
- Revert "Make file credentials available to the seqfile interfaces"
(kabi).
- usb: core: fix device node leak (bsc#1047487).
- Update
patches.drivers/tpm-141-fix-RC-value-check-in-tpm2_seal_trusted.patch
(bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048,
git-fixes 5ca4c20cfd37).
- bnxt: add a missing rcu synchronization (bnc#1038583).
- bnxt: do not busy-poll when link is down (bnc#1038583).
- bnxt_en: Enable MRU enables bit when configuring VNIC MRU (bnc#1038583).
- bnxt_en: Fix "uninitialized variable" bug in TPA code path (bnc#1038583).
- bnxt_en: Fix NULL pointer dereference in a failure path during open
(bnc#1038583).
- bnxt_en: Fix NULL pointer dereference in reopen failure path
(bnc#1038583).
- bnxt_en: Fix TX push operation on ARM64 (bnc#1038583).
- bnxt_en: Fix VF virtual link state (bnc#1038583).
- bnxt_en: Fix a VXLAN vs GENEVE issue (bnc#1038583).
- bnxt_en: Fix and clarify link_info->advertising (bnc#1038583).
- bnxt_en: Fix ring arithmetic in bnxt_setup_tc() (bnc#1038583).
- bnxt_en: Pad TX packets below 52 bytes (bnc#1038583).
- bnxt_en: Refactor TPA code path (bnc#1038583).
- bnxt_en: fix pci cleanup in bnxt_init_one() failure path (bnc#1038583).
- bnxt_en: initialize rc to zero to avoid returning garbage (bnc#1038583).
- ceph: fix readpage from fscache (bsc#1057015).
- cxgb4: Fix stack out-of-bounds read due to wrong size to
t4_record_mbox() (bsc#1021424 bsc#1022743).
- drivers: net: xgene: Fix wrong logical operation (bsc#1056827).
- drm/vmwgfx: Limit max desktop dimensions to 8Kx8K (bsc#1048155).
- fuse: initialize the flock flag in fuse_file on allocation (git-fixes).
- gfs2: Do not clear SGID when inheriting ACLs (bsc#1012829).
- ibmvnic: Clean up resources on probe failure (fate#323285, bsc#1058116).
- iwlwifi: missing error code in iwl_trans_pcie_alloc() (bsc#1031717).
- iwlwifi: mvm: do not send CTDP commands via debugfs if not supported
(bsc#1031717).
- kernel/*: switch to memdup_user_nul() (bsc#1048893).
- lib: test_rhashtable: Fix KASAN warning (bsc#1055359).
- lib: test_rhashtable: fix for large entry counts (bsc#1055359).
- lightnvm: remove unused rq parameter of nvme_nvm_rqtocmd() to kill
warning (FATE#319466).
- md/raid5: fix a race condition in stripe batch (linux-stable).
- mm, madvise: ensure poisoned pages are removed from per-cpu lists (VM hw
poison -- git fixes).
- mm/page_alloc.c: apply gfp_allowed_mask before the first allocation
attempt (bnc#971975 VM -- git fixes).
- mptsas: Fixup device hotplug for VMWare ESXi (bsc#1030850).
- netfilter: fix IS_ERR_VALUE usage (bsc#1052888).
- netfilter: x_tables: pack percpu counter allocations (bsc#1052888).
- netfilter: x_tables: pass xt_counters struct instead of packet counter
(bsc#1052888).
- netfilter: x_tables: pass xt_counters struct to counter allocator
(bsc#1052888).
- new helper: memdup_user_nul() (bsc#1048893).
- of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes()
(bsc#1056827).
- ovl: fix dentry leak for default_permissions (bsc#1054084).
- percpu_ref: allow operation mode switching operations to be called
concurrently (bsc#1055096).
- percpu_ref: remove unnecessary RCU grace period for staggered atomic
switching confirmation (bsc#1055096).
- percpu_ref: reorganize __percpu_ref_switch_to_atomic() and relocate
percpu_ref_switch_to_atomic() (bsc#1055096).
- percpu_ref: restructure operation mode switching (bsc#1055096).
- percpu_ref: unify staggered atomic switching wait behavior (bsc#1055096).
- rtnetlink: fix rtnl_vfinfo_size (bsc#1056261).
- s390: export symbols for crash-kmp (bsc#1053915).
- supported.conf: clear mistaken external support flag for cifs.ko
(bsc#1053802).
- sysctl: fix lax sysctl_check_table() sanity check (bsc#1048893).
- sysctl: fold sysctl_writes_strict checks into helper (bsc#1048893).
- sysctl: kdoc'ify sysctl_writes_strict (bsc#1048893).
- sysctl: simplify unsigned int support (bsc#1048893).
- tpm: Issue a TPM2_Shutdown for TPM2 devices (bsc#1053117).
- tpm: KABI fix (bsc#1053117).
- tpm: fix: return rc when devm_add_action() fails (bsc#1020645,
fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes
8e0ee3c9faed).
- tpm: read burstcount from TPM_STS in one 32-bit transaction
(bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048,
git-fixes 27084efee0c3).
- tpm_tis_core: Choose appropriate timeout for reading burstcount
(bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048,
git-fixes aec04cbdf723).
- tpm_tis_core: convert max timeouts from msec to jiffies (bsc#1020645,
fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes
aec04cbdf723).
- tty: serial: msm: Support more bauds (git-fixes).
- ubifs: Correctly evict xattr inodes (bsc#1012829).
- ubifs: Do not leak kernel memory to the MTD (bsc#1012829).
- xfs: fix inobt inode allocation search optimization (bsc#1012829).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2017-1062=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Leap 42.2 (noarch):

kernel-devel-4.4.87-18.29.1
kernel-docs-4.4.87-18.29.2
kernel-docs-html-4.4.87-18.29.2
kernel-docs-pdf-4.4.87-18.29.2
kernel-macros-4.4.87-18.29.1
kernel-source-4.4.87-18.29.1
kernel-source-vanilla-4.4.87-18.29.1

- openSUSE Leap 42.2 (x86_64):

kernel-debug-4.4.87-18.29.1
kernel-debug-base-4.4.87-18.29.1
kernel-debug-base-debuginfo-4.4.87-18.29.1
kernel-debug-debuginfo-4.4.87-18.29.1
kernel-debug-debugsource-4.4.87-18.29.1
kernel-debug-devel-4.4.87-18.29.1
kernel-debug-devel-debuginfo-4.4.87-18.29.1
kernel-default-4.4.87-18.29.1
kernel-default-base-4.4.87-18.29.1
kernel-default-base-debuginfo-4.4.87-18.29.1
kernel-default-debuginfo-4.4.87-18.29.1
kernel-default-debugsource-4.4.87-18.29.1
kernel-default-devel-4.4.87-18.29.1
kernel-obs-build-4.4.87-18.29.1
kernel-obs-build-debugsource-4.4.87-18.29.1
kernel-obs-qa-4.4.87-18.29.1
kernel-syms-4.4.87-18.29.1
kernel-vanilla-4.4.87-18.29.1
kernel-vanilla-base-4.4.87-18.29.1
kernel-vanilla-base-debuginfo-4.4.87-18.29.1
kernel-vanilla-debuginfo-4.4.87-18.29.1
kernel-vanilla-debugsource-4.4.87-18.29.1
kernel-vanilla-devel-4.4.87-18.29.1


References:

https://www.suse.com/security/cve/CVE-2017-1000251.html
https://www.suse.com/security/cve/CVE-2017-11472.html
https://www.suse.com/security/cve/CVE-2017-12134.html
https://www.suse.com/security/cve/CVE-2017-14051.html
https://www.suse.com/security/cve/CVE-2017-14106.html
https://bugzilla.suse.com/1012829
https://bugzilla.suse.com/1020645
https://bugzilla.suse.com/1020657
https://bugzilla.suse.com/1021424
https://bugzilla.suse.com/1022743
https://bugzilla.suse.com/1024405
https://bugzilla.suse.com/1030850
https://bugzilla.suse.com/1031717
https://bugzilla.suse.com/1031784
https://bugzilla.suse.com/1034048
https://bugzilla.suse.com/1038583
https://bugzilla.suse.com/1047487
https://bugzilla.suse.com/1048155
https://bugzilla.suse.com/1048893
https://bugzilla.suse.com/1048934
https://bugzilla.suse.com/1049226
https://bugzilla.suse.com/1049580
https://bugzilla.suse.com/1051790
https://bugzilla.suse.com/1052580
https://bugzilla.suse.com/1052888
https://bugzilla.suse.com/1053117
https://bugzilla.suse.com/1053802
https://bugzilla.suse.com/1053915
https://bugzilla.suse.com/1053919
https://bugzilla.suse.com/1054084
https://bugzilla.suse.com/1055013
https://bugzilla.suse.com/1055096
https://bugzilla.suse.com/1055359
https://bugzilla.suse.com/1056261
https://bugzilla.suse.com/1056588
https://bugzilla.suse.com/1056827
https://bugzilla.suse.com/1056982
https://bugzilla.suse.com/1057015
https://bugzilla.suse.com/1057389
https://bugzilla.suse.com/1058116
https://bugzilla.suse.com/971975
https://bugzilla.suse.com/981309