diff --git a/.gitignore b/.gitignore index f04f5b5..5db69f3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ -SOURCES/kernel-abi-stablelists-5.14.0-427.16.1.el9_4.tar.bz2 -SOURCES/kernel-kabi-dw-5.14.0-427.16.1.el9_4.tar.bz2 -SOURCES/linux-5.14.0-427.16.1.el9_4.tar.xz +SOURCES/kernel-abi-stablelists-5.14.0-427.18.1.el9_4.tar.bz2 +SOURCES/kernel-kabi-dw-5.14.0-427.18.1.el9_4.tar.bz2 +SOURCES/linux-5.14.0-427.18.1.el9_4.tar.xz SOURCES/nvidiagpuoot001.x509 SOURCES/rheldup3.x509 SOURCES/rhelima.x509 diff --git a/.kernel.metadata b/.kernel.metadata index 63e4a09..9269acc 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,6 +1,6 @@ -75b0d1a633575203c3179350777d088a080ee26d SOURCES/kernel-abi-stablelists-5.14.0-427.16.1.el9_4.tar.bz2 -eed554d0a49661e07d58107856af08cbe6f4bc78 SOURCES/kernel-kabi-dw-5.14.0-427.16.1.el9_4.tar.bz2 -b3800f43be4cd149b6090a87be85916185c81e37 SOURCES/linux-5.14.0-427.16.1.el9_4.tar.xz +8382e26a9856bb84bbd878e390c09378c985b08b SOURCES/kernel-abi-stablelists-5.14.0-427.18.1.el9_4.tar.bz2 +bcf9efe4b0d6bb58ccefdf74b45ad736a1fef354 SOURCES/kernel-kabi-dw-5.14.0-427.18.1.el9_4.tar.bz2 +9b76986cc4f145f8e6829dc9799c91a6778e868e SOURCES/linux-5.14.0-427.18.1.el9_4.tar.xz 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509 diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver index 42270b6..603e47d 100644 --- a/SOURCES/Makefile.rhelver +++ b/SOURCES/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 4 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 427.16.1 +RHEL_RELEASE = 427.18.1 # # ZSTREAM diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 592b39d..352bdf3 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 427.16.1 +%define pkgrelease 427.18.1 %define kversion 5 -%define tarfile_release 5.14.0-427.16.1.el9_4 +%define tarfile_release 5.14.0-427.18.1.el9_4 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 427.16.1%{?buildid}%{?dist} +%define specrelease 427.18.1%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-427.16.1.el9_4 +%define kabiversion 5.14.0-427.18.1.el9_4 # # End of genspec.sh variables @@ -3728,6 +3728,55 @@ fi # # %changelog +* Mon May 13 2024 Scott Weaver [5.14.0-427.18.1.el9_4] +- netfilter: nf_tables: disallow anonymous set with timeout flag (Phil Sutter) [RHEL-32971 RHEL-30082] {CVE-2024-26642} +- netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (Phil Sutter) [RHEL-33070 RHEL-30078] {CVE-2024-26643} +- netfilter: nft_ct: fix l3num expectations with inet pseudo family (Phil Sutter) [RHEL-32963 RHEL-31345] {CVE-2024-26673} +- netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (Phil Sutter) [RHEL-32963 RHEL-31345] {CVE-2024-26673} +- arm64: tlb: Fix TLBI RANGE operand (Shaoqin Huang) [RHEL-33412 RHEL-26259] +- arm64/mm: Modify range-based tlbi to decrement scale (Shaoqin Huang) [RHEL-33412 RHEL-26259] +- rh_messages.h: mark mlx5 on Bluefield-3 as unmaintained (Scott Weaver) [RHEL-35878 RHEL-33061] +- net: ip_tunnel: prevent perpetual headroom growth (Guillaume Nault) [RHEL-33934 RHEL-31816] {CVE-2024-26804} +- gitlab-ci: use zstream builder container image (Michael Hofmann) +- selftests: net: gro fwd: update vxlan GRO test expectations (Antoine Tenart) [RHEL-30910 RHEL-19729] +- udp: prevent local UDP tunnel packets from being GROed (Antoine Tenart) [RHEL-30910 RHEL-19729] +- udp: do not transition UDP GRO fraglist partial checksums to unnecessary (Antoine Tenart) [RHEL-30910 RHEL-19729] +- gro: fix ownership transfer (Antoine Tenart) [RHEL-30910 RHEL-19729] +- udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [RHEL-30910 RHEL-19729] +- bpf, tcx: Get rid of tcx_link_const (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Add additional mprog query test coverage (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Make seen_tc* variable tests more robust (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Test query on empty mprog and pass revision into attach (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Adapt assert_mprog_count to always expect 0 count (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Test bpf_mprog query API via libbpf and raw syscall (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftest/bpf: Add various selftests for program limits (Felix Maurer) [RHEL-33062 RHEL-28590] +- bpf: Refuse unused attributes in bpf_prog_{attach,detach} (Felix Maurer) [RHEL-33062 RHEL-28590] +- bpf: Handle bpf_mprog_query with NULL entry (Felix Maurer) [RHEL-33062 RHEL-28590] +- net: Fix skb consume leak in sch_handle_egress (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Add various more tcx test cases (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Add test for detachment on empty mprog entry (Felix Maurer) [RHEL-33062 RHEL-28590] +- tcx: Fix splat during dev unregister (Felix Maurer) [RHEL-33062 RHEL-28590] +- tcx: Fix splat in ingress_destroy upon tcx_entry_free (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Add mprog API tests for BPF tcx links (Felix Maurer) [RHEL-33062 RHEL-28590] +- selftests/bpf: Add mprog API tests for BPF tcx opts (Felix Maurer) [RHEL-33062 RHEL-28590] +- bpf: Add fd-based tcx multi-prog infra with link support (Felix Maurer) [RHEL-33062 RHEL-28590] +- bpftool: Implement link show support for tcx (Artem Savkov) [RHEL-33062 RHEL-23643] +- bpftool: Extend net dump with tcx progs (Artem Savkov) [RHEL-33062 RHEL-23643] +- bpf: fix precision backtracking instruction iteration (Jay Shin) [RHEL-35230 RHEL-23643] + +* Tue May 07 2024 Scott Weaver [5.14.0-427.17.1.el9_4] +- ceph: switch to use cap_delay_lock for the unlink delay list (Jay Shin) [RHEL-33003 RHEL-32997] +- ceph: remove useless session parameter for check_caps() (Xiubo Li) [RHEL-33003 RHEL-19813] +- ceph: flush the dirty caps immediatelly when quota is approaching (Xiubo Li) [RHEL-33003 RHEL-19813] +- vhost: Add smp_rmb() in vhost_enable_notify() (Gavin Shan) [RHEL-31839 RHEL-26104] +- vhost: Add smp_rmb() in vhost_vq_avail_empty() (Gavin Shan) [RHEL-31839 RHEL-26104] +- iommu/vt-d: Support enforce_cache_coherency only for empty domains (Jerry Snitselaar) [RHEL-32793 RHEL-31083] +- iommu/vt-d: Add MTL to quirk list to skip TE disabling (Jerry Snitselaar) [RHEL-32793 RHEL-31083] +- iommu/vt-d: Make context clearing consistent with context mapping (Jerry Snitselaar) [RHEL-32793 RHEL-31083] +- iommu/vt-d: Disable PCI ATS in legacy passthrough mode (Jerry Snitselaar) [RHEL-32793 RHEL-31083] +- iommu/vt-d: Omit devTLB invalidation requests when TES=0 (Jerry Snitselaar) [RHEL-32793 RHEL-31083] +- PCI/MSI: Prevent MSI hardware interrupt number truncation (Myron Stowe) [RHEL-33656 RHEL-21453] + * Fri Apr 26 2024 Scott Weaver [5.14.0-427.16.1.el9_4] - memory: tegra: Skip SID programming if SID registers aren't set (Robert Foss) [RHEL-32675 RHEL-23656] - memory: tegra: Add SID override programming for MC clients (Robert Foss) [RHEL-32675 RHEL-23656]