diff --git a/kernel.spec b/kernel.spec index 774c4e8..d78c340 100644 --- a/kernel.spec +++ b/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.11.1.rt7.352.el8_10 +%define pkgrelease 553.12.1.rt7.353.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.11.1.rt7.352%{?dist} +%define specrelease 553.12.1.rt7.353%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -148,7 +148,7 @@ # The preempt RT patch level %global rttag .rt7 # realtimeN -%global rtbuild .352 +%global rtbuild .353 %define with_doc 0 %define with_headers 0 %define with_cross_headers 0 @@ -2699,6 +2699,45 @@ fi # # %changelog +* Thu Jul 11 2024 Denys Vlasenko [4.18.0-553.12.1.rt7.353.el8_10] +- [rt] build kernel-rt-4.18.0-553.12.1.rt7.353.el8_10 [RHEL-44553] +- net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44291] {CVE-2024-38538} +- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (Michel Dänzer) [RHEL-26893] {CVE-2023-52469} +- SUNRPC: Fix a suspicious RCU usage warning (Scott Mayhew) [RHEL-30503] {CVE-2023-52623} +- ice: Fix some null pointer dereference issues in ice_ptp.c (Petr Oros) [RHEL-26901] {CVE-2023-52471} +- xfs: fix internal error from AGFL exhaustion (Pavel Reichl) [RHEL-45581] +- sched/psi: Fix use-after-free in ep_remove_wait_queue() (Phil Auld) [RHEL-38117] {CVE-2023-52707} +- wait: add wake_up_pollfree() (Phil Auld) [RHEL-38117] +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-33269] {CVE-2024-26852} +- net: bridge: switchdev: Skip MDB replays of deferred events on offload (Ivan Vecera) [RHEL-33117] {CVE-2024-26837} +- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Pavel Reichl) [RHEL-31700] {CVE-2024-26772} +- ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-31688] {CVE-2024-26773} +- ext4: fix double-free of blocks due to wrong extents moved_len (Pavel Reichl) [RHEL-31612] {CVE-2024-26704} +- vxlan: Pull inner IP header in vxlan_xmit_one(). (Guillaume Nault) [RHEL-31389] +- geneve: Fix incorrect inner network header offset when innerprotoinherit is set (Guillaume Nault) [RHEL-31389] +- vxlan: Pull inner IP header in vxlan_rcv(). (Guillaume Nault) [RHEL-31389] +- geneve: fix header validation in geneve[6]_xmit_skb (Guillaume Nault) [RHEL-31389] +- geneve: make sure to pull inner header in geneve_rx() (Guillaume Nault) [RHEL-31389] +- net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Guillaume Nault) [RHEL-31389] +- net: geneve: check skb is large enough for IPv4/IPv6 header (Guillaume Nault) [RHEL-31389] +- net/smc: fix neighbour and rtable leak in smc_ib_find_route() (Tobias Huschle) [RHEL-39744] {CVE-2024-36945} +- igb: Fix string truncation warnings in igb_set_fw_version (Corinna Vinschen) [RHEL-38452] {CVE-2024-36010} +- bonding: stop the device in bond_setup_by_slave() (Hangbin Liu) [RHEL-38327] {CVE-2023-52784} +- i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-39702] {CVE-2024-36020} +- powerpc/64: Fix the definition of the fixmap area (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018} +- powerpc/mm/hash64: Add a variable to track the end of IO mapping (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018} +- nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). (Xin Long) [RHEL-39770] {CVE-2024-36933} +- net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (Xin Long) [RHEL-39770] +- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39779] {CVE-2024-36929} +- tcp: properly terminate timers for kernel sockets (Guillaume Nault) [RHEL-37171] {CVE-2024-35910} +- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39831] +- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39831] {CVE-2024-36905} +- tcp: remove redundant check on tskb (Florian Westphal) [RHEL-39831] +- drm/ast: Fix soft lockup (cki-backport-bot) [RHEL-37438] {CVE-2024-35952} +- null_blk: Fix return value of nullb_device_power_store() (Ming Lei) [RHEL-39341] +- null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (Ming Lei) [RHEL-39341] +- null_blk: fix return value from null_add_dev() (Ming Lei) [RHEL-39341] + * Thu Jul 04 2024 Denys Vlasenko [4.18.0-553.11.1.rt7.352.el8_10] - [rt] build kernel-rt-4.18.0-553.11.1.rt7.352.el8_10 [RHEL-44553] - x86/bugs: Reverse instruction order of CLEAR_CPU_BUFFERS (Waiman Long) [RHEL-42121] diff --git a/sources b/sources index bd93aeb..6ced5a8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (linux-4.18.0-553.11.1.rt7.352.el8_10.tar.xz) = 83e9e47a8b0e66b50b39a90b791b8d834ae25d93b79a936ff9240828b5064e292fc04a7918e5f159ec52331672ef94b51cb1f976d36798945b3fa72c34420523 +SHA512 (linux-4.18.0-553.12.1.rt7.353.el8_10.tar.xz) = 36011d27ae036dfa02d28773be0c681daf0ddf00509965a0aa05a4b416b1ee8977be0b3add6121e69d497178a55b8b8b118105f690d5466dadddd9a546ce669e