Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

  1. #1

    Exclamation OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Kernel patch came through in the updates today...

    Unfortunately update for my laptop (i586) does not work. Just reboot to a black screen, no HDD activity. It installed even with errors (dependencies not found), now I have had to revert to previous version of the kernel..

    Any advice for a proper update? It is still trying to update with this new kernel and I am wary of it not working.

    Any advice greatly appreciated.

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,174
    Blog Entries
    3

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Quote Originally Posted by Greybeard View Post
    Unfortunately update for my laptop (i586) does not work. Just reboot to a black screen, no HDD activity. It installed even with errors (dependencies not found), now I have had to revert to previous version of the kernel..
    The 64-bit update is working fine here on two systems.

    In your circumstances: No real advice, but here is what I would do:

    1. I would accept the update, so that I am not continually bugged about it;
    2. I would manually edit "/boot/grub2/grub.cfg" (and ignore the warning to not do that), so that the default boot would be to the older kernel;
    3. I would file a bug report, and hope that the problem is corrected quickly.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  3. #3
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    13,174
    Blog Entries
    3

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Quote Originally Posted by Greybeard View Post
    Any advice greatly appreciated.
    Is this possibly an NVIDIA problem? Perhaps you need to reinstall the Nvidia drivers?

    On my system with Nvidia, the new kernel took me to a text (command line) terminal, where I had to reinstall Nvidia (I'm doing it "the hard way"). Reboot then got me back a GUI.

    I'm about to update the kernel on my 32-bit box. I'll see how that goes.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  4. #4

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Quote Originally Posted by Greybeard View Post
    Unfortunately update for my laptop (i586) does not work. Just reboot to a black screen, no HDD activity. It installed even with errors (dependencies not found), now I have had to revert to previous version of the kernel..

    Any advice for a proper update? It is still trying to update with this new kernel and I am wary of it not working.
    Please install the update by running "sudo zypper patch" in a terminal window, and then post the exact error messages you get.

    It's hard to say what's wrong without knowing what those errors about "dependencies not found" were about.

  5. #5
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not workingfor 12.3 (i586)

    On 2014-05-19 23:46, wolfi323 wrote:

    > It's hard to say what's wrong without knowing what those errors about
    > "dependencies not found" were about.


    Maybe we should also see the repository list.

    Greybeard, please post the output of "zypper lr --details", and please
    do so inside code tags (the '#' button in the forum editor).
    See photo

    --
    Cheers / Saludos,

    Carlos E. R.

    (from 13.1 x86_64 "Bottle" (Minas Tirith))

  6. #6

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Greetings,

    Sorry for the delay in getting back to you, today has been a travel day.

    Can't be nvidia, all intel inside.

    Ran: 'sudo zypper patch'. Results below:

    Code:
    spryte@linux-2hff:~> sudo zypper patch
    root's password:
    Loading repository data...
    Reading installed packages...
    Resolving package dependencies...
    
    The following NEW package is going to be installed:
      kernel-default-3.15.rc5-7.1.g8ba853c 
    
    The following NEW patch is going to be installed:
      openSUSE-2014-376 
    
    1 new package to install.
    Overall download size: 108.8 MiB. After the operation, additional 229.4 MiB will be used.
    Continue? [y/n/? shows all options] (y): y
    Retrieving package kernel-default-3.15.rc5-7.1.g8ba853c.i586       (1/1), 108.8 MiB (229.4 MiB unpacked)
    Retrieving: kernel-default-3.15.rc5-7.1.g8ba853c.i586.rpm ............................[done (1.6 MiB/s)]
    (1/1) Installing: kernel-default-3.15.rc5-7.1.g8ba853c ...........................................[done]
    Additional rpm output:
    
    Kernel image:   /boot/vmlinuz-3.15.0-rc5-7.g8ba853c-default
    Initrd image:   /boot/initrd-3.15.0-rc5-7.g8ba853c-default
    KMS drivers:     i915
    Root device:    /dev/disk/by-id/ata-FUJITSU_MHZ2250BH_G2_K617T872J97G-part6 (/dev/sda6) (mounted on / as ext4)
    Resume device:  /dev/disk/by-id/ata-FUJITSU_MHZ2250BH_G2_K617T872J97G-part5 (/dev/sda5)
    Kernel Modules: hwmon thermal_sys thermal processor fan scsi_dh scsi_dh_emc scsi_dh_alua scsi_dh_rdac scsi_dh_hp_sw video i2c-core button i2c-algo-bit drm drm_kms_helper i915 libata pata_via libahci acard-ahci pata_ali sata_inic162x sata_sil24 pata_cmd64x pata_sil680 sata_via pata_cs5520 pata_cmd640 pata_pdc202xx_old ahci pata_atp867x sata_sil sata_sx4 pata_triflex pcmcia_core pcmcia pata_pcmcia pata_piccolo pata_rz1000 pata_hpt366 pata_isapnp pata_rdc pata_optidma pata_hpt3x2n sata_svw pata_pdc2027x pata_it8213 ata_piix pata_radisys pdc_adma sata_nv pata_jmicron pata_cs5530 pata_atiixp sata_uli pata_sl82c105 pata_ns87410 libahci_platform sata_promise pata_ninja32 pata_mpiix pata_cypress sata_mv pata_sis pata_hpt3x3 pata_netcell pata_acpi pata_sch pata_it821x pata_cs5535 ata_generic ahci_platform sata_vsc pata_opti pata_ns87415 pata_legacy pata_artop sata_qstor pata_oldpiix pata_marvell pata_cs5536 pata_efar pata_hpt37x sata_sis pata_amd pata_serverworks pata_sc1200 usb-common usbcore ohci-hcd uhci-hcd ehci-hcd xhci-hcd usbhid hid-logitech-dj hid-generic xor raid6_pq btrfs 
    Features:       acpi kms plymouth block usb btrfs resume.userspace resume.kernel
    lddlibc4: cannot read header from `/usr/sbin/fsck.btrfs'
    lddlibc4: cannot read header from `/usr/sbin/fsck.btrfs'
    
    
    Warning: One of installed patches requires reboot of your machine. Reboot as soon as possible.
    spryte@linux-2hff:~>
    Hope this helps figure out the issue.

    Cheers

  7. #7

    Default AW: Re: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Quote Originally Posted by Greybeard View Post
    Greetings,

    Sorry for the delay in getting back to you, today has been a travel day.

    Can't be nvidia, all intel inside.

    Ran: 'sudo zypper patch'. Results below:

    Code:
    spryte@linux-2hff:~> sudo zypper patch
    root's password:
    Loading repository data...
    Reading installed packages...
    Resolving package dependencies...
    
    The following NEW package is going to be installed:
      kernel-default-3.15.rc5-7.1.g8ba853c
    Please post your repo list:
    Code:
    zypper lr -d
    Kernel 3.15 has definitely NOT been released as security update for 12.3!

  8. #8

    Default Re: AW: Re: OpenSuse 2014-376 - kernel: security and bugfix update not working for 12.3 (i586)

    Quote Originally Posted by wolfi323 View Post
    Please post your repo list:
    Code:
    zypper lr -d
    Kernel 3.15 has definitely NOT been released as security update for 12.3!
    Here is the repo list:

    Code:
    spryte@linux-2hff:~> zypper lr -d
    #  | Alias                             | Name                               | Enabled | Refresh | Priority | Type   | URI                                                                                                | Service
    ---+-----------------------------------+------------------------------------+---------+---------+----------+--------+----------------------------------------------------------------------------------------------------+--------
     1 | Application:Geo                   | Application:Geo                    | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/Application:/Geo/openSUSE_12.3/                          |        
     2 | Kernel:HEAD                       | Kernel:HEAD                        | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/Kernel:/HEAD/standard/                                   |        
     3 | Office                            | Office                             | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/Office/openSUSE_12.3/                                    |        
     4 | ftp.gwdg.de-suse                  | Packman Repository                 | Yes     | Yes     |   99     | rpm-md | http://ftp.gwdg.de/pub/linux/packman/suse/openSUSE_12.3/                                           |        
     5 | home:ZaWertun:db                  | home:ZaWertun:db                   | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/home:/ZaWertun:/db/openSUSE_12.3/                        |        
     6 | home:sumski:hazard:to:your:stereo | home:sumski:hazard:to:your:stereo  | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/home:/sumski:/hazard:/to:/your:/stereo/openSUSE_Factory/ |        
     7 | opensuse-guide.org-repo           | libdvdcss repository               | Yes     | Yes     |   99     | rpm-md | http://opensuse-guide.org/repo/12.3/                                                               |        
     8 | repo-debug                        | openSUSE-12.3-Debug                | No      | Yes     |   99     | NONE   | http://download.opensuse.org/debug/distribution/12.3/repo/oss/                                     |        
     9 | repo-debug-update                 | openSUSE-12.3-Update-Debug         | No      | Yes     |   99     | NONE   | http://download.opensuse.org/debug/update/12.3/                                                    |        
    10 | repo-debug-update-non-oss         | openSUSE-12.3-Update-Debug-Non-Oss | No      | Yes     |   99     | NONE   | http://download.opensuse.org/debug/update/12.3-non-oss/                                            |        
    11 | repo-non-oss                      | openSUSE-12.3-Non-Oss              | Yes     | Yes     |   99     | yast2  | http://download.opensuse.org/distribution/12.3/repo/non-oss/                                       |        
    12 | repo-oss                          | openSUSE-12.3-Oss                  | Yes     | Yes     |   99     | yast2  | http://download.opensuse.org/distribution/12.3/repo/oss/                                           |        
    13 | repo-source                       | openSUSE-12.3-Source               | No      | Yes     |   99     | NONE   | http://download.opensuse.org/source/distribution/12.3/repo/oss/                                    |        
    14 | repo-update                       | openSUSE-12.3-Update               | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/update/12.3/                                                          |        
    15 | repo-update-non-oss               | openSUSE-12.3-Update-Non-Oss       | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/update/12.3-non-oss/                                                  |        
    16 | server:database                   | server:database                    | Yes     | Yes     |   99     | rpm-md | http://download.opensuse.org/repositories/server:/database/openSUSE_12.3/                          |        
    spryte@linux-2hff:~>
    I am not sure just what the update is supposed to be, just what Apper is trying to download and install. With the last one I was able to capture some of the original error messages I missed the first time. They are below and ond one is quite verbose but it may help someone more knowledgable than I.

    1)

    Code:
    There is no update candidate for kernel-default-3.15.rc5-7.1.g8ba853c.i586
    2)

    Code:
    This update is needed to fix a security vulnerability with this package.
    
    The Linux Kernel was updated to fix various security issues and bugs.
    
    Main security issues fixed:
    
    A security issue in the tty layer that was fixed that could be used
    by local attackers for code execution (CVE-2014-0196).
    
    Two security issues in the floppy driver were fixed that could be
    used by local attackers on machines with the floppy to crash the kernel
    or potentially execute code in the kernel (CVE-2014-1737 CVE-2014-1738).
    
    Other security issues and bugs that were fixed:
    - netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
      (bnc#860835 CVE-2014-1690).
    
    - net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH
      (bnc#866102, CVE-2014-0101).
    
    - n_tty: Fix a n_tty_write crash and code execution when echoing in raw
      mode (bnc#871252 bnc#875690 CVE-2014-0196).
    
    - netfilter: nf_ct_sip: support Cisco 7941/7945 IP phones (bnc#873717).
    
    - Update config files: re-enable twofish crypto support
      Software twofish crypto support was disabled in several architectures
      since openSUSE 10.3. For i386 and x86_64 it was on purpose, because
      hardware-accelerated alternatives exist. However for all other
      architectures it was by accident.
      Re-enable software twofish crypto support in arm, ia64 and ppc
      configuration files, to guarantee that at least one implementation is
      always available (bnc#871325).
    
    - Update config files: disable CONFIG_TOUCHSCREEN_W90X900
      The w90p910_ts driver only makes sense on the W90x900 architecture,
      which we do not support.
    
    - ath9k: protect tid->sched check (bnc#871148,CVE-2014-2672).
    
    - Fix dst_neigh_lookup/dst_neigh_lookup_skb return value handling
      bug (bnc#869898).
    
    - SELinux:  Fix kernel BUG on empty security contexts
      (bnc#863335,CVE-2014-1874).
    
    - hamradio/yam: fix info leak in ioctl (bnc#858872, CVE-2014-1446).
    
    - wanxl: fix info leak in ioctl (bnc#858870, CVE-2014-1445).
    
    - farsync: fix info leak in ioctl (bnc#858869, CVE-2014-1444).
    
    - ARM: 7809/1: perf: fix event validation for software group
      leaders (CVE-2013-4254, bnc#837111).
    
    - netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages
      (bnc#868653, CVE-2014-2523).
    
    - ath9k_htc: properly set MAC address and BSSID mask
      (bnc#851426, CVE-2013-4579).
    
    - drm/ttm: don't oops if no invalidate_caches() (bnc#869414).
    
    - Apply missing patches.fixes/drm-nouveau-hwmon-rename-fan0-to-fan1.patch
    
    - xfs: growfs: use uncached buffers for new headers (bnc#858233).
    
    - xfs: use btree block initialisation functions in growfs
      (bnc#858233).
    
    - Revert "Delete patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end." (bnc#858233)
      Put back again the patch
      patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end back
      as there is a better fix than reverting the affecting patch.
    
    - Delete patches.fixes/xfs-fix-xfs_buf_find-oops-on-blocks-beyond-the-filesystem-end.
      It turned out that this patch causes regressions (bnc#858233)
      The upstream 3.7.x also reverted it in the end (commit c3793e0d94af2).
    
    - tcp: syncookies: reduce cookie lifetime to 128 seconds
      (bnc#833968).
    - tcp: syncookies: reduce mss table to four values (bnc#833968).
    
    - x86, cpu, amd: Add workaround for family 16h, erratum 793
      (bnc#852967 CVE-2013-6885).
    
    - cifs: ensure that uncached writes handle unmapped areas
      correctly (bnc#864025 CVE-2014-0691).
    
    - x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (bnc#858638 CVE-2014-1438).
    
    - xencons: generalize use of add_preferred_console() (bnc#733022,
      bnc#852652).
    - balloon: don't crash in HVM-with-PoD guests.
    - hwmon: (coretemp) Fix truncated name of alarm attributes.
    
    - NFS: Avoid PUTROOTFH when managing leases (bnc#811746).
    
    - cifs: delay super block destruction until all cifsFileInfo
      objects are gone (bnc#862145).
    
    For more information about bugs fixed by this update please visit these websites:
    • https://bugzilla.novell.com/show_bug.cgi?id=869414
    • https://bugzilla.novell.com/show_bug.cgi?id=875798
    • https://bugzilla.novell.com/show_bug.cgi?id=858869
    • https://bugzilla.novell.com/show_bug.cgi?id=852652
    • https://bugzilla.novell.com/show_bug.cgi?id=875690
    • https://bugzilla.novell.com/show_bug.cgi?id=851426
    • https://bugzilla.novell.com/show_bug.cgi?id=837111
    • https://bugzilla.novell.com/show_bug.cgi?id=869898
    • https://bugzilla.novell.com/show_bug.cgi?id=864025
    • https://bugzilla.novell.com/show_bug.cgi?id=871252
    • https://bugzilla.novell.com/show_bug.cgi?id=863335
    • https://bugzilla.novell.com/show_bug.cgi?id=858638
    • https://bugzilla.novell.com/show_bug.cgi?id=858233
    • https://bugzilla.novell.com/show_bug.cgi?id=862145
    • https://bugzilla.novell.com/show_bug.cgi?id=833968
    • https://bugzilla.novell.com/show_bug.cgi?id=858872
    • https://bugzilla.novell.com/show_bug.cgi?id=811746
    • https://bugzilla.novell.com/show_bug.cgi?id=858870
    • https://bugzilla.novell.com/show_bug.cgi?id=860835
    • https://bugzilla.novell.com/show_bug.cgi?id=873717
    • https://bugzilla.novell.com/show_bug.cgi?id=733022
    • https://bugzilla.novell.com/show_bug.cgi?id=852967
    • https://bugzilla.novell.com/show_bug.cgi?id=871325
    • https://bugzilla.novell.com/show_bug.cgi?id=866102
    • https://bugzilla.novell.com/show_bug.cgi?id=868653
    • https://bugzilla.novell.com/show_bug.cgi?id=871148
    For more information about this security update please visit these websites:
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4579
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1446
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1445
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0691
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4254
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1690
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1438
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1444
    The computer will have to be restarted after the update for the changes to take effect.
    Obsoletes:
    • kernel-default - 3.7.10-1.32.1
    /• kernel-default - 3.7.10-1.4.1
    /• kernel-default - 3.7.10-1.1.1
    /• kernel-default - 3.7.10-1.28.1
    /• kernel-default - 3.15.rc5-7.1.g8ba853c
    /• kernel-default - 3.7.10-1.11.1
    /• kernel-default - 3.7.10-1.1.1
    /• kernel-default - 3.7.10-1.16.1
    /• kernel-default - 3.7.10-1.24.1
    /• kernel-default - 3.7.10-1.28.1
    Repository: repo-update

    Further info,

    After a restart with this update I get a very colourful sceen consisting of vertical multicoloured lines of varying widths (so it may very well affect the (intel) video).
    Next I get the OpenSuse splash screen.
    Then Black screen.

    Hope this is of some help.

    Cheers

  9. #9
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not workingfor 12.3 (i586)

    On 2014-05-21 16:36, Greybeard wrote:

    > Here is the repo list:
    >
    >
    > Code:
    > --------------------
    > spryte@linux-2hff:~> zypper lr -d
    > # | Alias | Name | Enabled | Refresh | Priority | Type | URI | Service
    > ---+-----------------------------------+------------------------------------+---------+---------+----------+--------+----------------------------------------------------------------------------------------------------+--------
    > 2 | Kernel:HEAD | Kernel:HEAD | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/reposit...HEAD/standard/ |
    > spryte@linux-2hff:~>
    > --------------------


    That one is the cause of your problems. Do you have an specific reason
    to use it?


    --
    Cheers / Saludos,

    Carlos E. R.

    (from 13.1 x86_64 "Bottle" (Minas Tirith))

  10. #10

    Default Re: OpenSuse 2014-376 - kernel: security and bugfix update not workingfor 12.3 (i586)

    Quote Originally Posted by robin_listas View Post
    On 2014-05-21 16:36, Greybeard wrote:

    > Here is the repo list:
    >
    >
    > Code:
    > --------------------
    > spryte@linux-2hff:~> zypper lr -d
    > # | Alias | Name | Enabled | Refresh | Priority | Type | URI | Service
    > ---+-----------------------------------+------------------------------------+---------+---------+----------+--------+----------------------------------------------------------------------------------------------------+--------
    > 2 | Kernel:HEAD | Kernel:HEAD | Yes | Yes | 99 | rpm-md | http://download.opensuse.org/reposit...HEAD/standard/ |
    > spryte@linux-2hff:~>
    > --------------------


    That one is the cause of your problems. Do you have an specific reason
    to use it?


    --
    Cheers / Saludos,

    Carlos E. R.

    (from 13.1 x86_64 "Bottle" (Minas Tirith))


    No... that is just what I get when I accept the update.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •