Hide Forgot
Description of problem: * Stack overflow problems causing occasional hangs on some platforms. * Security vulnerabilities From http://hg.code.sf.net/p/tboot/code/code?cmd=changeset;node=0efdaf7c5348 "current versions of TBOOT used on systems loading an ELF kernel have a vulnerability that allows the first argument to any GRUB module to go unmeasured, which may result in undetected system compromise." * Some platforms experienced delays of a minute or more when returning from S3 Version-Release number of selected component (if applicable): If upstream releases tboot 1.9.0 in time for RHEL-7.3 release, it will only be necessary to rebase the RHEL7 tboot to 1.9.0. If it is not released in time, then a patched 1.8.3 must be packaged for RHEL-7.3. Z-stream take notice, as this update/rebase should be backported to the z-stream.
rpms available for test: http://people.redhat.com/tcamuso/tboot/tboot-1.8.3-2.el7.x86_64.rpm http://people.redhat.com/tcamuso/tboot/tboot-debuginfo-1.8.3-2.el7.x86_64.rpm http://people.redhat.com/tcamuso/tboot/tboot-1.8.3-2.el7.src.rpm
Bumping to tboot-1.9.4, as it contains Perley support as well as additional bug fixes. http://people.redhat.com/tcamuso/tboot/tboot-1.9.4-1.el7.x86_64.rpm
Package tboot-1.9.4-1.el7.x86_64 $ rhpkg push tcamuso.redhat.com's password: Counting objects: 9, done. Delta compression using up to 32 threads. Compressing objects: 100% (5/5), done. Writing objects: 100% (5/5), 1014 bytes | 0 bytes/s, done. Total 5 (delta 2), reused 0 (delta 0) remote: *** Checking commit 4184b51fe51cf54cc25088db026250cf037f000c remote: *** Resolves: remote: *** Approved: remote: *** rhbz#1307176 (rhel-7.3.0+, pm_ack+) remote: *** rhbz#1332691 (rhel-7.3.0+, pm_ack+) remote: *** rhbz#1313876 (rhel-7.3.0+, pm_ack+) remote: *** rhbz#1293526 (rhel-7.3.0+, pm_ack+) remote: *** rhbz#1275031 (pm_ack+, rhel-7.3.0+) remote: *** Commit 4184b51fe51cf54cc25088db026250cf037f000c allowed To ssh://tcamuso.redhat.com/rpms/tboot 6e194bd..4184b51 rhel-7.3 -> rhel-7.3 $ rhpkg scratch-build Building tboot-1.9.4-1.el7 for rhel-7.3-candidate Created task: 11084352 Task info: http://brewweb.devel.redhat.com/brew/taskinfo?taskID=11084352 Watching tasks (this may be safely interrupted)... 11084352 build (rhel-7.3-candidate, /rpms/tboot:4184b51fe51cf54cc25088db026250cf037f000c): free 11084352 build (rhel-7.3-candidate, /rpms/tboot:4184b51fe51cf54cc25088db026250cf037f000c): free -> open (x86-034.build.eng.bos.redhat.com) 11084353 buildSRPMFromSCM (/rpms/tboot:4184b51fe51cf54cc25088db026250cf037f000c): open (x86-034.build.eng.bos.redhat.com) 11084353 buildSRPMFromSCM (/rpms/tboot:4184b51fe51cf54cc25088db026250cf037f000c): open (x86-034.build.eng.bos.redhat.com) -> closed 0 free 1 open 1 done 0 failed 11084358 buildArch (tboot-1.9.4-1.el7.src.rpm, x86_64): open (x86-034.build.eng.bos.redhat.com) 11084358 buildArch (tboot-1.9.4-1.el7.src.rpm, x86_64): open (x86-034.build.eng.bos.redhat.com) -> closed 0 free 1 open 2 done 0 failed 11084352 build (rhel-7.3-candidate, /rpms/tboot:4184b51fe51cf54cc25088db026250cf037f000c): open (x86-034.build.eng.bos.redhat.com) -> closed 0 free 0 open 3 done 0 failed 11084352 build (rhel-7.3-candidate, /rpms/tboot:4184b51fe51cf54cc25088db026250cf037f000c) completed successfully
tboot-1.9.4-2.el7 is present in RHEL-7.3 Beta, so moving to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2412.html