From e03146b602702db5e2d25ff6ab90cb346c861393 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Tue, 1 Jul 2025 19:39:33 +0000
Subject: [PATCH] import OL libblockdev-2.28-7.0.1.el8_10

---
 ...-allow-suid-and-dev-set-on-fs-resize.patch | 26 +++++++++++++++++++
 SPECS/libblockdev.spec                        | 16 +++++++++---
 2 files changed, 38 insertions(+), 4 deletions(-)
 create mode 100644 SOURCES/0006-Don-t-allow-suid-and-dev-set-on-fs-resize.patch

diff --git a/SOURCES/0006-Don-t-allow-suid-and-dev-set-on-fs-resize.patch b/SOURCES/0006-Don-t-allow-suid-and-dev-set-on-fs-resize.patch
new file mode 100644
index 0000000..7c87b5c
--- /dev/null
+++ b/SOURCES/0006-Don-t-allow-suid-and-dev-set-on-fs-resize.patch
@@ -0,0 +1,26 @@
+From 2508f4842482b87d26f81afecc7d0b584d6a6fa8 Mon Sep 17 00:00:00 2001
+From: Thomas Blume <Thomas.Blume@suse.com>
+Date: Fri, 16 May 2025 14:27:10 +0200
+Subject: [PATCH] Don't allow suid and dev set on fs resize
+
+Fixes: CVE-2025-6019
+---
+ src/plugins/fs/generic.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/plugins/fs/generic.c b/src/plugins/fs/generic.c
+index ca08d19a..15b55271 100644
+--- a/src/plugins/fs/generic.c
++++ b/src/plugins/fs/generic.c
+@@ -409,7 +409,7 @@ static gboolean xfs_resize_device (const gchar *device, guint64 new_size, const
+                              "before resizing it.", device);
+                 return FALSE;
+             }
+-            ret = bd_fs_mount (device, mountpoint, "xfs", NULL, NULL, error);
++            ret = bd_fs_mount (device, mountpoint, "xfs", "nosuid,nodev", NULL, error);
+             if (!ret) {
+                 g_prefix_error (error, "Failed to mount '%s' before resizing it: ", device);
+                 return FALSE;
+-- 
+2.49.0
+
diff --git a/SPECS/libblockdev.spec b/SPECS/libblockdev.spec
index 8143b0e..53336d1 100644
--- a/SPECS/libblockdev.spec
+++ b/SPECS/libblockdev.spec
@@ -53,8 +53,8 @@
 %endif
 %endif
 
-# btrfs is not available on RHEL > 7
-%if 0%{?rhel} > 7 || %{with_btrfs} == 0
+# disable BTRFS only if with_btrfs is 0
+%if %{with_btrfs} == 0
 %define with_btrfs 0
 %define btrfs_copts --without-btrfs
 %endif
@@ -125,7 +125,7 @@
 
 Name:        libblockdev
 Version:     2.28
-Release:     6%{?dist}
+Release:     7.0.1%{?dist}
 Summary:     A library for low-level manipulation with block devices
 License:     LGPLv2+
 URL:         https://github.com/storaged-project/libblockdev
@@ -135,6 +135,7 @@ Patch1:      0002-tests-Fix-test_swapon_pagesize-on-systems-with-64k-p.patch
 Patch2:      0003-part-Fix-segfault-when-adding-a-partition-too-big-fo.patch
 Patch3:      0004-lvm-Add-a-function-to-activate-LVs-in-shared-mode.patch
 Patch4:      0005-lvm-Add-support-for-starting-and-stopping-VG-locking.patch
+Patch5:      0006-Don-t-allow-suid-and-dev-set-on-fs-resize.patch
 
 BuildRequires: make
 BuildRequires: glib2-devel
@@ -991,7 +992,14 @@ find %{buildroot} -type f -name "*.la" | xargs %{__rm}
 %files plugins-all
 
 %changelog
-* Wed Nov 08 2023 Vojtech Trefny <vtrefny@redhat.com> - 2.28-10
+* Sun Jun 29 2025 EL Errata <el-errata_ww@oracle.com> - 2.28-7.0.1
+- enable btrfs support [Orabug: 30792917]
+
+* Mon Jun 16 2025 Vojtech Trefny <vtrefny@redhat.com> - 2.28-7
+- Don't allow suid and dev set on fs resize (CVE-2025-6019)
+  Resolves: RHEL-96034
+
+* Wed Nov 08 2023 Vojtech Trefny <vtrefny@redhat.com> - 2.28-6
 - lvm: Add support for starting and stopping VG locking
   Resolves: RHEL-15923