import CS git kernel-rt-4.18.0-553.137.1.rt7.478.el8_10

2026-06-22 06:39:20 -04:00 · 2026-06-22 06:39:20 -04:00 · a680b9d85e
commit a680b9d85e
parent 55f324b8aa
3 changed files with 21 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,6 +1,6 @@
 SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
-SOURCES/linux-4.18.0-553.136.1.rt7.477.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.137.1.rt7.478.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@ -1,6 +1,6 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-c8be70777398cdad66a6e44efe31a3b0bac574e7 SOURCES/linux-4.18.0-553.136.1.rt7.477.el8_10.tar.xz
+bf882f308d5f8c8fcddcade1759acff853db2aa7 SOURCES/linux-4.18.0-553.137.1.rt7.478.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@ -38,10 +38,10 @@
 # define buildid .local

 %define specversion 4.18.0
-%define pkgrelease 553.136.1.rt7.477.el8_10
+%define pkgrelease 553.137.1.rt7.478.el8_10

 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.136.1.rt7.477%{?dist}
+%define specrelease 553.137.1.rt7.478%{?dist}

 %define pkg_release %{specrelease}%{?buildid}

@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .477
+%global rtbuild .478
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@ -2710,6 +2710,22 @@ fi
 #
 #
 %changelog
+* Fri Jun 19 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.137.1.rt7.478.el8_10]
+- selinux: RHEL-only hotfix for execmem regression (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054}
+- selinux: fix overlayfs mmap() and mprotect() access checks (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054}
+- lsm: add backing_file LSM hooks (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054}
+- fs: prepare for adding LSM blob to backing_file (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054}
+- perf/core: Fix MMAP event path names with backing files (Ondrej Mosnacek) [RHEL-179435]
+- fs: constify file ptr in backing_file accessor helpers (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054}
+- ovl: Fix nested backing file paths (Ondrej Mosnacek) [RHEL-179435]
+- fs: store real path instead of fake path in backing file f_path (Ondrej Mosnacek) [RHEL-179435]
+- fs: create helper file_user_path() for user displayed mapped file path (Ondrej Mosnacek) [RHEL-179435]
+- fs: get mnt_writers count for an open backing file's real path (Ondrej Mosnacek) [RHEL-179435]
+- fs: move cleanup from init_file() into its callers (Ondrej Mosnacek) [RHEL-179435]
+- fs: use backing_file container for internal files with "fake" f_path (Ondrej Mosnacek) [RHEL-179435]
+- fs: move kmem_cache_zalloc() into alloc_empty_file*() helpers (Ondrej Mosnacek) [RHEL-179435]
+- ovl: pass layer mnt to ovl_open_realfile() (Ondrej Mosnacek) [RHEL-179435]
+
 * Thu Jun 18 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.136.1.rt7.477.el8_10]
 - net/sched: fix pedit partial COW leading to page cache corruption (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}
 - net/sched: act_pedit: free pedit keys on bail from offset check (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}