import CS git kernel-rt-4.18.0-553.136.1.rt7.477.el8_10

2026-06-19 13:43:49 -04:00 · 2026-06-19 13:43:49 -04:00 · 55f324b8aa
commit 55f324b8aa
parent 35acd03736
3 changed files with 22 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,6 +1,6 @@
 SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
-SOURCES/linux-4.18.0-553.134.1.rt7.475.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.136.1.rt7.477.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@ -1,6 +1,6 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-3a8e561f114357abb10b351a5ca206e12831fcd4 SOURCES/linux-4.18.0-553.134.1.rt7.475.el8_10.tar.xz
+c8be70777398cdad66a6e44efe31a3b0bac574e7 SOURCES/linux-4.18.0-553.136.1.rt7.477.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@ -38,10 +38,10 @@
 # define buildid .local

 %define specversion 4.18.0
-%define pkgrelease 553.134.1.rt7.475.el8_10
+%define pkgrelease 553.136.1.rt7.477.el8_10

 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.134.1.rt7.475%{?dist}
+%define specrelease 553.136.1.rt7.477%{?dist}

 %define pkg_release %{specrelease}%{?buildid}

@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .475
+%global rtbuild .477
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@ -2710,6 +2710,23 @@ fi
 #
 #
 %changelog
+* Thu Jun 18 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.136.1.rt7.477.el8_10]
+- net/sched: fix pedit partial COW leading to page cache corruption (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}
+- net/sched: act_pedit: free pedit keys on bail from offset check (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}
+- net/sched: act_pedit: rate limit datapath messages (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}
+- net/sched: act_pedit: remove extra check for key type (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}
+- net/sched: act_pedit: check static offsets a priori (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}
+- nvmet-tcp: fix race between ICReq handling and queue teardown (Chris Leech) [RHEL-180103] {CVE-2026-46135}
+- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172764] {CVE-2026-43056}
+
+* Wed Jun 17 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.135.1.rt7.476.el8_10]
+- drm/amd/display: Do not skip unrelated mode changes in DSC validation (José Expósito) [RHEL-178825] {CVE-2026-31488}
+- sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting (Juri Lelli) [RHEL-178520]
+- RDMA/mana_ib: Validate rx_hash_key_len to prevent buffer overflow (Gaurav Goklani) [RHEL-180089] {CVE-2026-46145}
+- ALSA: aloop: Fix peer runtime UAF during format-change stop (Jaroslav Kysela) [RHEL-179304] {CVE-2026-46090}
+- ALSA: usb-audio: Add sanity check for OOB writes at silencing (CKI Backport Bot) [RHEL-173939] {CVE-2026-43279}
+- net: bonding: fix use-after-free in bond_xmit_broadcast() (Xin Long) [RHEL-168063] {CVE-2026-31419}
+
 * Fri Jun 12 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.134.1.rt7.475.el8_10]
 - wifi: mac80211: remove station if connection prep fails (Jose Ignacio Tornos Martinez) [RHEL-180120] {CVE-2026-46125}
 - wifi: mac80211: drop stray 'static' from fast-RX rx_result (CKI Backport Bot) [RHEL-180058] {CVE-2026-46152}