Import from CS git

2025-09-30 08:55:22 +00:00 · 2025-09-30 08:55:22 +00:00 · 88a205a922
commit 88a205a922
parent 22d2e5ff6a
3 changed files with 13 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,6 +1,6 @@
 SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
-SOURCES/linux-4.18.0-553.76.1.rt7.417.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.77.1.rt7.418.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@ -1,6 +1,6 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-ec2d09779f73e26f68aae89d1677d0137ec27cc5 SOURCES/linux-4.18.0-553.76.1.rt7.417.el8_10.tar.xz
+069085ad2b561ccdf19cfbc38ce655909b8c2187 SOURCES/linux-4.18.0-553.77.1.rt7.418.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@ -38,10 +38,10 @@
 # define buildid .local

 %define specversion 4.18.0
-%define pkgrelease 553.76.1.rt7.417.el8_10
+%define pkgrelease 553.77.1.rt7.418.el8_10

 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.76.1.rt7.417%{?dist}
+%define specrelease 553.77.1.rt7.418%{?dist}

 %define pkg_release %{specrelease}%{?buildid}

@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .417
+%global rtbuild .418
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@ -2708,6 +2708,14 @@ fi
 #
 #
 %changelog
+* Thu Sep 18 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.77.1.rt7.418.el8_10]
+- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
+- net_sched: hfsc: Fix a UAF vulnerability in class handling (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
+- net: openvswitch: Fix the dead loop of MPLS parse (Aaron Conole) [RHEL-95609]
+- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113329] {CVE-2025-38718}
+- firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (Charles Mirabile) [RHEL-109394] {CVE-2022-50087}
+- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-111639] {CVE-2025-22026}
+
 * Mon Sep 15 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.76.1.rt7.417.el8_10]
 - HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
 - HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}