From 3b441dd051d2fba9d0f26d17586b480906d9a806 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Wed, 27 Dec 2023 15:34:37 +0300 Subject: [PATCH] import kernel-rt-4.18.0-513.9.1.rt7.311.el8_9 --- .gitignore | 2 +- .kernel-rt.metadata | 2 +- SPECS/kernel.spec | 65 ++++++++++++++++++++++++++++++++++++++++++--- 3 files changed, 64 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 9ecc8fa..ac83997 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ SOURCES/centossecureboot201.cer SOURCES/centossecurebootca2.cer -SOURCES/linux-4.18.0-513.5.1.rt7.307.el8_9.tar.xz +SOURCES/linux-4.18.0-513.9.1.rt7.311.el8_9.tar.xz SOURCES/redhatsecureboot302.cer SOURCES/redhatsecureboot303.cer SOURCES/redhatsecureboot501.cer diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata index ebebf0d..22607c1 100644 --- a/.kernel-rt.metadata +++ b/.kernel-rt.metadata @@ -1,6 +1,6 @@ 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer -7e335d5d5c36a025d9d447c6daaa7d69e8df0329 SOURCES/linux-4.18.0-513.5.1.rt7.307.el8_9.tar.xz +63fee4786dfbb1b2d2108aff3d6e685049304787 SOURCES/linux-4.18.0-513.9.1.rt7.311.el8_9.tar.xz 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index e1f21f0..cd59ffb 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define rpmversion 4.18.0 -%define pkgrelease 513.5.1.rt7.307.el8_9 +%define pkgrelease 513.9.1.rt7.311.el8_9 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 513.5.1.rt7.307%{?dist} +%define specrelease 513.9.1.rt7.311%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -148,7 +148,7 @@ # The preempt RT patch level %global rttag .rt7 # realtimeN -%global rtbuild .307 +%global rtbuild .311 %define with_doc 0 %define with_headers 0 %define with_cross_headers 0 @@ -2699,6 +2699,65 @@ fi # # %changelog +* Thu Nov 16 2023 Patrick Talbert [4.18.0-513.9.1.rt7.311.el8_9] +- [rt] build kernel-rt-4.18.0-513.9.1.rt7.311.el8_9 [RHEL-14973] +- ice: reset first in crash dump kernels (Petr Oros) [2244625 2139761] +- nvmet-tcp: Fix a possible UAF in queue intialization setup (John Meneghini) [RHEL-11525 RHEL-11527] {CVE-2023-5178} +- block: check_events: don't bother with events if unsupported (Ming Lei) [RHEL-15052 RHEL-2407] +- Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (Ming Lei) [RHEL-15052 RHEL-2407] +- Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (Ming Lei) [RHEL-15052 RHEL-2407] +- block: disk_events: introduce event flags (Ming Lei) [RHEL-15052 RHEL-2407] +- block: genhd: remove async_events field (Ming Lei) [RHEL-15052 RHEL-2407] +- net: virtio_net_hdr_to_skb: count transport header in UFO (Cindy Lu) [RHEL-16332 RHEL-6030] +- x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5764 RHEL-3656] + +* Thu Nov 09 2023 Patrick Talbert [4.18.0-513.8.1.rt7.310.el8_9] +- [rt] build kernel-rt-4.18.0-513.8.1.rt7.310.el8_9 [RHEL-14973] +- cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15165 RHEL-7930] {CVE-2023-1192} +- ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-12371 RHEL-5742] +- sched/rt: Fix bad task migration for rt tasks (Valentin Schneider) [RHEL-11682 RHEL-3872] +- bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-13050 RHEL-7534] {CVE-2023-2163} + +* Thu Nov 02 2023 Patrick Talbert [4.18.0-513.7.1.rt7.309.el8_9] +- [rt] build kernel-rt-4.18.0-513.7.1.rt7.309.el8_9 [RHEL-14973] +- redhat: add missing jira references to changelog for CVE-2022-45886 (Patrick Talbert) +- sched/fair: Block nohz tick_stop when cfs bandwidth in use (Phil Auld) [RHEL-12723 RHEL-2527] +- sched, cgroup: Restore meaning to hierarchical_quota (Phil Auld) [RHEL-12723 RHEL-2527] +- sched/fair: Hide unused init_cfs_bandwidth() stub (Phil Auld) [RHEL-12723 RHEL-2527] + +* Tue Oct 31 2023 Patrick Talbert [4.18.0-513.6.1.rt7.308.el8_9] +- [rt] build kernel-rt-4.18.0-513.6.1.rt7.308.el8_9 [RHEL-14973] +- redhat: fix bug/zjira sort in the changelog (Patrick Talbert) +- CI: Remove unused kpet_tree_family (Nikolai Kondrashov) +- redhat: set default zstream brew target for 8.9 (Patrick Talbert) +- rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12689 RHEL-11241] +- rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12689 RHEL-11241] +- rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12689 RHEL-11241] +- rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12689 RHEL-11241] +- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Dean Nelson) [RHEL-15082 RHEL-1786] {CVE-2022-45919} +- media: dvb_ca_en50221: fix a size write bug (Dean Nelson) [RHEL-15082 RHEL-1786] {CVE-2022-45919} +- media: dvb_ca_en50221: avoid speculation from CA slot (Dean Nelson) [RHEL-15082 RHEL-1786] {CVE-2022-45919} +- media: dvb-core: fix epoll() by calling poll_wait first (Dean Nelson) [RHEL-15082 RHEL-1786] {CVE-2022-45919} +- media: dvb_ca_en50221: off by one in dvb_ca_en50221_io_do_ioctl() (Dean Nelson) [RHEL-15082 RHEL-1786] {CVE-2022-45919} +- iavf: schedule a request immediately after add/delete vlan (Petr Oros) [2240750 2231174] +- iavf: add iavf_schedule_aq_request() helper (Petr Oros) [2240750 2231174] +- bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) [RHEL-6123 2229965] +- media: dvb-core: Fix use-after-free due on race condition at dvb_net (Dean Nelson) [RHEL-11248 RHEL-2296] {CVE-2022-45886} +- media: dvb_net: avoid speculation from net slot (Dean Nelson) [RHEL-11248 RHEL-2296] {CVE-2022-45886} +- mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() (Rafael Aquini) [RHEL-11588 RHEL-3652] +- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10393 RHEL-3379] +- net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-12294 RHEL-7267] {CVE-2023-3812} +- ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-11331 RHEL-10997] +- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- media: dvbdev: fix refcnt bug (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- media: dvbdev: adopts refcnt to avoid UAF (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- media: dvbdev: fix error logic at dvb_register_device() (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- media: dvbdev: Fix memleak in dvb_register_device (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- media: media/dvb: Use kmemdup rather than duplicating its implementation (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- media: dvbdev: remove double-unlock (Dean Nelson) [RHEL-11292 RHEL-2297] {CVE-2022-45884} +- bpf: Adjust insufficient default bpf_jit_limit (Viktor Malik) [2243011 2219567] +- bpf: Prevent increasing bpf_jit_limit above max (Viktor Malik) [2243011 2219567] + * Fri Sep 29 2023 Patrick Talbert [4.18.0-513.5.1.rt7.307.el8_9] - [rt] build kernel-rt-4.18.0-513.5.1.rt7.307.el8_9 [2180997] - redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski)