From a4af3b086eeefc51b4f67f8ee3cfe6ca879c1d2d Mon Sep 17 00:00:00 2001 From: "Herton R. Krzesinski" Date: Wed, 1 Feb 2023 16:27:47 +0000 Subject: [PATCH] kernel-5.14.0-253.el9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Wed Feb 01 2023 Herton R. Krzesinski [5.14.0-253.el9] - crypto: testmgr - disallow certain DRBG hash functions in FIPS mode (Vladis Dronov) [2152131] - rtla: Fix exit status when returning from calls to usage() (John Kacur) [2160394] - nfsd: don't free files unconditionally in __nfsd_file_cache_purge (Jeffrey Layton) [2160443] - ice: use GNSS subsystem instead of TTY (Petr Oros) [2111048] - ice: Add check for kzalloc (Petr Oros) [2111048] - ice: Fix potential memory leak in ice_gnss_tty_write() (Petr Oros) [2111048] - ice: add write functionality for GNSS TTY (Petr Oros) [2111048] - net/ulp: use consistent error code when blocking ULP (Paolo Abeni) [2162758] - net/ulp: prevent ULP without clone op from entering the LISTEN status (Paolo Abeni) [2162758] - ipvlan: hold lower dev to avoid possible use-after-free (Davide Caratti) [2162698] - net: macvlan: Use built-in RCU list checking (Davide Caratti) [2162698] - net: macvlan: fix memory leaks of macvlan_common_newlink (Davide Caratti) [2162698] - dmaengine: Fix double increment of client_count in dma_chan_get() (Joel Savitz) [2095651] - ice: Fix configuring VIRTCHNL_OP_CONFIG_VSI_QUEUES with unbalanced queues (Petr Oros) [2162402] - ice: virtchnl rss hena support (Petr Oros) [2162402] - ice: Add additional CSR registers to ETHTOOL_GREGS (Petr Oros) [2162402] - ice: Add support Flex RXD (Petr Oros) [2162402] - netfilter: conntrack: reduce timeout when receiving out-of-window fin or rst (Florian Westphal) [2162440] - netfilter: conntrack: remove unneeded indent level (Florian Westphal) [2162440] - netfilter: conntrack: ignore overly delayed tcp packets (Florian Westphal) [2162440] - netfilter: conntrack: prepare tcp_in_window for ternary return value (Florian Westphal) [2162440] - netfilter: conntrack: work around exceeded receive window (Florian Westphal) [2162440] - l2tp: prevent lockdep issue in l2tp_tunnel_register() (Guillaume Nault) [2162322] - l2tp: close all race conditions in l2tp_tunnel_register() (Guillaume Nault) [2162322] - l2tp: convert l2tp_tunnel_list to idr (Guillaume Nault) [2162322] - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (Hangbin Liu) [2162122] {CVE-2023-0394} - ipv4: Fix incorrect route flushing when table ID 0 is used (Guillaume Nault) [2162116] - ipv4: Fix incorrect route flushing when source address is deleted (Guillaume Nault) [2162116] - inet: ping: use hlist_nulls rcu iterator during lookup (Guillaume Nault) [2162116] - ipv4: Fix route deletion when nexthop info is not specified (Guillaume Nault) [2162116] - ipv4: Fix error return code in fib_table_insert() (Guillaume Nault) [2162116] - net: use struct_group to copy ip/ipv6 header addresses (Guillaume Nault) [2162116] - netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces. (Guillaume Nault) [2162116] - iwlwifi: remove firmware version limit for AC9560 (Íñigo Huguet) [2129363] - wifi: iwlwifi: fw: skip PPAG for JF (Íñigo Huguet) [2129363] - mptcp: fix lockdep false positive (Davide Caratti) [2161699] - mptcp: fix deadlock in fastopen error path (Davide Caratti) [2161699] - mptcp: fix sleep in atomic at close time (Davide Caratti) [2161699] - mptcp: don't orphan ssk in mptcp_close() (Davide Caratti) [2161699] - mptcp: use proper req destructor for IPv6 (Davide Caratti) [2161699] - mptcp: dedicated request sock for subflow in v6 (Davide Caratti) [2161699] - mptcp: remove MPTCP 'ifdef' in TCP SYN cookies (Davide Caratti) [2161699] - mptcp: netlink: fix some error return code (Davide Caratti) [2161699] - ACPICA: Fix operand resolution (Mark Langsdorf) [2159836] - net: mana: Fix race on per-CQ variable napi work_done (Emanuele Giuseppe Esposito) [2153431] Resolves: rhbz#2152131, rhbz#2160394, rhbz#2160443, rhbz#2111048, rhbz#2162758, rhbz#2162698, rhbz#2095651, rhbz#2162402, rhbz#2162440, rhbz#2162322, rhbz#2162122, rhbz#2162116, rhbz#2129363, rhbz#2161699, rhbz#2159836, rhbz#2153431 Signed-off-by: Herton R. Krzesinski --- Makefile.rhelver | 2 +- kernel.spec | 55 ++++++++++++++++++++++++++++++++++++++++++++---- sources | 6 +++--- 3 files changed, 55 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index c357fc0..a6c3c94 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 2 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 252 +RHEL_RELEASE = 253 # # ZSTREAM diff --git a/kernel.spec b/kernel.spec index 79c2f93..10f5df6 100755 --- a/kernel.spec +++ b/kernel.spec @@ -119,15 +119,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 252 +%define pkgrelease 253 %define kversion 5 -%define tarfile_release 5.14.0-252.el9 +%define tarfile_release 5.14.0-253.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 252%{?buildid}%{?dist} +%define specrelease 253%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-252.el9 +%define kabiversion 5.14.0-253.el9 # # End of genspec.sh variables @@ -3116,6 +3116,53 @@ fi # # %changelog +* Wed Feb 01 2023 Herton R. Krzesinski [5.14.0-253.el9] +- crypto: testmgr - disallow certain DRBG hash functions in FIPS mode (Vladis Dronov) [2152131] +- rtla: Fix exit status when returning from calls to usage() (John Kacur) [2160394] +- nfsd: don't free files unconditionally in __nfsd_file_cache_purge (Jeffrey Layton) [2160443] +- ice: use GNSS subsystem instead of TTY (Petr Oros) [2111048] +- ice: Add check for kzalloc (Petr Oros) [2111048] +- ice: Fix potential memory leak in ice_gnss_tty_write() (Petr Oros) [2111048] +- ice: add write functionality for GNSS TTY (Petr Oros) [2111048] +- net/ulp: use consistent error code when blocking ULP (Paolo Abeni) [2162758] +- net/ulp: prevent ULP without clone op from entering the LISTEN status (Paolo Abeni) [2162758] +- ipvlan: hold lower dev to avoid possible use-after-free (Davide Caratti) [2162698] +- net: macvlan: Use built-in RCU list checking (Davide Caratti) [2162698] +- net: macvlan: fix memory leaks of macvlan_common_newlink (Davide Caratti) [2162698] +- dmaengine: Fix double increment of client_count in dma_chan_get() (Joel Savitz) [2095651] +- ice: Fix configuring VIRTCHNL_OP_CONFIG_VSI_QUEUES with unbalanced queues (Petr Oros) [2162402] +- ice: virtchnl rss hena support (Petr Oros) [2162402] +- ice: Add additional CSR registers to ETHTOOL_GREGS (Petr Oros) [2162402] +- ice: Add support Flex RXD (Petr Oros) [2162402] +- netfilter: conntrack: reduce timeout when receiving out-of-window fin or rst (Florian Westphal) [2162440] +- netfilter: conntrack: remove unneeded indent level (Florian Westphal) [2162440] +- netfilter: conntrack: ignore overly delayed tcp packets (Florian Westphal) [2162440] +- netfilter: conntrack: prepare tcp_in_window for ternary return value (Florian Westphal) [2162440] +- netfilter: conntrack: work around exceeded receive window (Florian Westphal) [2162440] +- l2tp: prevent lockdep issue in l2tp_tunnel_register() (Guillaume Nault) [2162322] +- l2tp: close all race conditions in l2tp_tunnel_register() (Guillaume Nault) [2162322] +- l2tp: convert l2tp_tunnel_list to idr (Guillaume Nault) [2162322] +- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (Hangbin Liu) [2162122] {CVE-2023-0394} +- ipv4: Fix incorrect route flushing when table ID 0 is used (Guillaume Nault) [2162116] +- ipv4: Fix incorrect route flushing when source address is deleted (Guillaume Nault) [2162116] +- inet: ping: use hlist_nulls rcu iterator during lookup (Guillaume Nault) [2162116] +- ipv4: Fix route deletion when nexthop info is not specified (Guillaume Nault) [2162116] +- ipv4: Fix error return code in fib_table_insert() (Guillaume Nault) [2162116] +- net: use struct_group to copy ip/ipv6 header addresses (Guillaume Nault) [2162116] +- netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces. (Guillaume Nault) [2162116] +- iwlwifi: remove firmware version limit for AC9560 (Íñigo Huguet) [2129363] +- wifi: iwlwifi: fw: skip PPAG for JF (Íñigo Huguet) [2129363] +- mptcp: fix lockdep false positive (Davide Caratti) [2161699] +- mptcp: fix deadlock in fastopen error path (Davide Caratti) [2161699] +- mptcp: fix sleep in atomic at close time (Davide Caratti) [2161699] +- mptcp: don't orphan ssk in mptcp_close() (Davide Caratti) [2161699] +- mptcp: use proper req destructor for IPv6 (Davide Caratti) [2161699] +- mptcp: dedicated request sock for subflow in v6 (Davide Caratti) [2161699] +- mptcp: remove MPTCP 'ifdef' in TCP SYN cookies (Davide Caratti) [2161699] +- mptcp: netlink: fix some error return code (Davide Caratti) [2161699] +- ACPICA: Fix operand resolution (Mark Langsdorf) [2159836] +- net: mana: Fix race on per-CQ variable napi work_done (Emanuele Giuseppe Esposito) [2153431] + * Wed Feb 01 2023 Herton R. Krzesinski [5.14.0-252.el9] - vdpa/ifcvf: fix the calculation of queuepair (Cindy Lu) [2158700] - vdpa_sim: use max_iotlb_entries as a limit in vhost_iotlb_init (Cindy Lu) [2158700] diff --git a/sources b/sources index c81b604..3d59bb7 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-252.el9.tar.xz) = 14f86d372bacba13f02b600affe306029447d855319a02e39f043c2fb1d926fbfe026b0a6fd11a0472af1717d5863b3c5ca91d6fef7d2c2780a5db37d73c2faa -SHA512 (kernel-abi-stablelists-5.14.0-252.el9.tar.bz2) = 1bf36c21eabd2fb1fb36ccc4fb37b786ae647224e4cdafe0f7de2eacec75163d7a6a33e5ecc4f2fffbe31ef664730875ea153917d55c8c73ba209a401b0ea11b -SHA512 (kernel-kabi-dw-5.14.0-252.el9.tar.bz2) = b46c7f1f7801c22b19a38bb86143e2bf6d0439d03f95805f5d8b5d5bcb7755fb2d51c7b72f7e89ccd212354ed78c9fd700dbde4ce65dc046222db79c7f801e9d +SHA512 (linux-5.14.0-253.el9.tar.xz) = b6bde76159f3fb6a489f513ea85d16a5d10067d6bd2e03627aea7f9312c77ba8c3cb14ba119db6fad739c3927834f1f0499fde7039fffa475280223e93badc1e +SHA512 (kernel-abi-stablelists-5.14.0-253.el9.tar.bz2) = a8aaff7e1357440cd80d4ffad9db1db07c7ffd1a43fab08ac2c909b290da089ac282d8f319344437f37060283bbb1527701adac79e25876419fa3cffcd85f031 +SHA512 (kernel-kabi-dw-5.14.0-253.el9.tar.bz2) = 5a14a9f92fc6643e12b759388bb61fb03473a900aab6b320f80b74e7ee02b5c4c213546ea7fecd7198b36894d2cfb32082e07325ccc4651fa0af92f947d50a59