kernel-rt-4.18.0-553.31.1.rt7.372.el8_10
* Fri Nov 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.31.1.rt7.372.el8_10]
- [rt] build kernel-rt-4.18.0-553.31.1.rt7.372.el8_10 [RHEL-68615]
- xfrm: fix one more kernel-infoleak in algo dumping (Sabrina Dubroca) [RHEL-65955] {CVE-2024-50110}
- netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (Florian Westphal) [RHEL-66862] {CVE-2024-50256}
- netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n (Florian Westphal) [RHEL-66862]
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (Florian Westphal) [RHEL-66862]
- cifs: fix return of uninitialized rc in dfs_cache_update_tgthint() (Paulo Alcantara) [RHEL-7988]
- cifs: handle cache lookup errors different than -ENOENT (Paulo Alcantara) [RHEL-7988]
- cifs: don't take exclusive lock for updating target hints (Paulo Alcantara) [RHEL-7988]
- cifs: avoid re-lookups in dfs_cache_find() (Paulo Alcantara) [RHEL-7988]
- cifs: fix potential deadlock in cache_refresh_path() (Paulo Alcantara) [RHEL-7988]
- cifs: don't refresh cached referrals from unactive mounts (Paulo Alcantara) [RHEL-7988]
- cifs: return ENOENT for DFS lookup_cache_entry() (Paulo Alcantara) [RHEL-7988]
- selinux,smack: don't bypass permissions check in inode_setsecctx hook (Ondrej Mosnacek) [RHEL-66104] {CVE-2024-46695}
- gfs2: Prevent inode creation race (Andreas Gruenbacher) [RHEL-67823]
- gfs2: Only defer deletes when we have an iopen glock (Andreas Gruenbacher) [RHEL-67823]
- arm64: probes: Remove broken LDR (literal) uprobe support (Mark Salter) [RHEL-66042] {CVE-2024-50099}
- net: avoid potential underflow in qdisc_pkt_len_init() with UFO (Davide Caratti) [RHEL-65399] {CVE-2024-49949}
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset (Sabrina Dubroca) [RHEL-66457] {CVE-2024-50142}
Resolves: RHEL-68615
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This commit is contained in:
Denys Vlasenko
parent
cf38705883
commit
bd4bddfebd
26
kernel.spec
26
kernel.spec
@ -38,10 +38,10 @@
|
||||
# define buildid .local
|
||||
|
||||
%define specversion 4.18.0
|
||||
%define pkgrelease 553.30.1.rt7.371.el8_10
|
||||
%define pkgrelease 553.31.1.rt7.372.el8_10
|
||||
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 553.30.1.rt7.371%{?dist}
|
||||
%define specrelease 553.31.1.rt7.372%{?dist}
|
||||
|
||||
%define pkg_release %{specrelease}%{?buildid}
|
||||
|
||||
@ -148,7 +148,7 @@
|
||||
# The preempt RT patch level
|
||||
%global rttag .rt7
|
||||
# realtimeN
|
||||
%global rtbuild .371
|
||||
%global rtbuild .372
|
||||
%define with_doc 0
|
||||
%define with_headers 0
|
||||
%define with_cross_headers 0
|
||||
@ -2699,6 +2699,26 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Fri Nov 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.31.1.rt7.372.el8_10]
|
||||
- [rt] build kernel-rt-4.18.0-553.31.1.rt7.372.el8_10 [RHEL-68615]
|
||||
- xfrm: fix one more kernel-infoleak in algo dumping (Sabrina Dubroca) [RHEL-65955] {CVE-2024-50110}
|
||||
- netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (Florian Westphal) [RHEL-66862] {CVE-2024-50256}
|
||||
- netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n (Florian Westphal) [RHEL-66862]
|
||||
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (Florian Westphal) [RHEL-66862]
|
||||
- cifs: fix return of uninitialized rc in dfs_cache_update_tgthint() (Paulo Alcantara) [RHEL-7988]
|
||||
- cifs: handle cache lookup errors different than -ENOENT (Paulo Alcantara) [RHEL-7988]
|
||||
- cifs: don't take exclusive lock for updating target hints (Paulo Alcantara) [RHEL-7988]
|
||||
- cifs: avoid re-lookups in dfs_cache_find() (Paulo Alcantara) [RHEL-7988]
|
||||
- cifs: fix potential deadlock in cache_refresh_path() (Paulo Alcantara) [RHEL-7988]
|
||||
- cifs: don't refresh cached referrals from unactive mounts (Paulo Alcantara) [RHEL-7988]
|
||||
- cifs: return ENOENT for DFS lookup_cache_entry() (Paulo Alcantara) [RHEL-7988]
|
||||
- selinux,smack: don't bypass permissions check in inode_setsecctx hook (Ondrej Mosnacek) [RHEL-66104] {CVE-2024-46695}
|
||||
- gfs2: Prevent inode creation race (Andreas Gruenbacher) [RHEL-67823]
|
||||
- gfs2: Only defer deletes when we have an iopen glock (Andreas Gruenbacher) [RHEL-67823]
|
||||
- arm64: probes: Remove broken LDR (literal) uprobe support (Mark Salter) [RHEL-66042] {CVE-2024-50099}
|
||||
- net: avoid potential underflow in qdisc_pkt_len_init() with UFO (Davide Caratti) [RHEL-65399] {CVE-2024-49949}
|
||||
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset (Sabrina Dubroca) [RHEL-66457] {CVE-2024-50142}
|
||||
|
||||
* Fri Nov 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.30.1.rt7.371.el8_10]
|
||||
- [rt] build kernel-rt-4.18.0-553.30.1.rt7.371.el8_10 [RHEL-66248]
|
||||
- locking/rtmutex: Use rt_mutex specific scheduler helpers (Daniel Vacek) [RHEL-63166]
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (linux-4.18.0-553.30.1.rt7.371.el8_10.tar.xz) = e338edd6094cda9f67ca69234ac822eda17adba0d7d8baaab0aa5f9359877e55b7fc743181f9a28ebe4ae6c6b4a66fad96405a41fce6a26c2ed63ab8465ecd6a
|
||||
SHA512 (linux-4.18.0-553.31.1.rt7.372.el8_10.tar.xz) = 9f3528cb0afc0c5087268b46e251d0dd0f28c721dd842648935673c227815ab9abe8b4e3a2502061316b042193a8eb2e1fc413cd6e452598de9ec759f0dd46a7
|
||||
|
||||
Loading…
Reference in New Issue
Block a user