kernel-4.18.0-534.el8
* Sat Jan 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-534.el8] - nfsd: lock_rename() needs both directories to live on the same fs (Jeffrey Layton) [RHEL-19591] - HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19237 RHEL-19260] {CVE-2023-1073} - ceph: do not print the whole xattr value if it's too long (Xiubo Li) [RHEL-16411] - libceph: fix potential use-after-free on linger ping and resends (Jay Shin) [RHEL-20390] - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (Xiubo Li) [RHEL-8003] - ceph: silence smatch warning in reconnect_caps_cb() (Xiubo Li) [RHEL-16410] - ceph: fix potential use-after-free bug when trimming caps (Xiubo Li) [RHEL-16410] - ceph: don't let check_caps skip sending responses for revoke msgs (Xiubo Li) [RHEL-16412] - ceph: issue a cap release immediately if no cap exists (Xiubo Li) [RHEL-16412] - ceph: trigger to flush the buffer when making snapshot (Xiubo Li) [RHEL-16412] - ceph: force updating the msg pointer in non-split case (Xiubo Li) [RHEL-16412] - ceph: flush cap releases when the session is flushed (Xiubo Li) [RHEL-16412] - ceph: reorder fields in 'struct ceph_snapid_map' (Xiubo Li) [RHEL-16412] - ceph: voluntarily drop Xx caps for requests those touch parent mtime (Xiubo Li) [RHEL-16412] - redhat/configs: Remove multi-buffer SHA configs (Štěpán Horáček) [RHEL-14477] - crypto: tcrypt - remove all multibuffer ahash tests (Štěpán Horáček) [RHEL-14477] - crypto: hash - Remove unused async iterators (Štěpán Horáček) [RHEL-14477] - crypto: x86 - remove SHA multibuffer routines and mcryptd (Štěpán Horáček) [RHEL-14477] - fs: group frequently accessed fields of struct super_block together (Miklos Szeredi) [RHEL-12504] - fanotify: add API to attach/detach super block mark (Miklos Szeredi) [RHEL-12504] - fsnotify: send path type events to group with super block marks (Miklos Szeredi) [RHEL-12504] - fsnotify: add super block object type (Miklos Szeredi) [RHEL-12504] - netfilter: nf_tables: set backend .flush always succeeds (Florian Westphal) [RHEL-1722] - netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix memleak when more than 255 elements expired (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: disable toggling dormant table state more than once (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix table flag updates (Florian Westphal) [RHEL-1722] - netfilter: nftables: update table flags from the commit phase (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: disallow element removal on anonymous sets (Florian Westphal) [RHEL-1722] - netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (Florian Westphal) [RHEL-1722] - netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix nft_trans type confusion (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: defer gc run if previous batch is still pending (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix out of memory error handling (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: use correct lock to protect gc_list (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: GC transaction race with abort path (Florian Westphal) [RHEL-1722] - netfilter: nft_dynset: disallow object maps (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: GC transaction race with netns dismantle (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: don't fail inserts if duplicate has expired (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix kdoc warnings after gc rework (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix false-positive lockdep splat (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: remove busy mark and gc batch API (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: adapt set backend to use GC transaction API (Florian Westphal) [RHEL-1722] {CVE-2023-4244} - netfilter: nf_tables: GC transaction API to avoid race with control plane (Florian Westphal) [RHEL-1722] {CVE-2023-4244} - netfilter: nftables: rename set element data activation/deactivation functions (Florian Westphal) [RHEL-1722] - netfilter: nft_set_rbtree: skip elements in transaction from garbage collection (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: don't skip expired elements during walk (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: fix spurious set element insertion failure (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: report use refcount overflow (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: add nft_chain_add() (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: disallow timeout for anonymous sets (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: disallow updates of anonymous sets (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: disallow element updates of bound anonymous sets (Florian Westphal) [RHEL-1722] - netfilter: nft_set_pipapo: .walk does not deal with generations (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: integrate pipapo into commit protocol (Florian Westphal) [RHEL-1722] - netfilter: nf_tables: honor NLM_F_CREATE and NLM_F_EXCL in event notification (Florian Westphal) [RHEL-1722] - netfilter: nftables: add catch-all set element support (Florian Westphal) [RHEL-1722] Resolves: RHEL-12504, RHEL-14477, RHEL-16410, RHEL-16411, RHEL-16412, RHEL-1722, RHEL-19237, RHEL-19260, RHEL-19591, RHEL-20390, RHEL-8003 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This commit is contained in:
parent
d2a1611c65
commit
0b61259a24
@ -309,6 +309,7 @@
|
||||
# CONFIG_CRYPTO_LZ4 is not set
|
||||
# CONFIG_CRYPTO_LZ4HC is not set
|
||||
# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
|
||||
# CONFIG_CRYPTO_MCRYPTD is not set
|
||||
# CONFIG_CRYPTO_MORUS1280 is not set
|
||||
# CONFIG_CRYPTO_MORUS1280_AVX2 is not set
|
||||
# CONFIG_CRYPTO_MORUS1280_SSE2 is not set
|
||||
@ -2688,7 +2689,6 @@ CONFIG_CRYPTO_HW=y
|
||||
CONFIG_CRYPTO_KHAZAD=m
|
||||
CONFIG_CRYPTO_LRW=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
CONFIG_CRYPTO_MCRYPTD=m
|
||||
CONFIG_CRYPTO_MD4=m
|
||||
CONFIG_CRYPTO_MICHAEL_MIC=m
|
||||
CONFIG_CRYPTO_PCBC=m
|
||||
@ -2706,14 +2706,11 @@ CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m
|
||||
CONFIG_CRYPTO_SERPENT_AVX_X86_64=m
|
||||
CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m
|
||||
CONFIG_CRYPTO_SHA1=y
|
||||
CONFIG_CRYPTO_SHA1_MB=m
|
||||
CONFIG_CRYPTO_SHA1_SSSE3=y
|
||||
CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA256_MB=m
|
||||
CONFIG_CRYPTO_SHA256_SSSE3=y
|
||||
CONFIG_CRYPTO_SHA3=m
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
CONFIG_CRYPTO_SHA512_MB=m
|
||||
CONFIG_CRYPTO_SHA512_SSSE3=y
|
||||
CONFIG_CRYPTO_TEA=m
|
||||
CONFIG_CRYPTO_TEST=m
|
||||
|
@ -325,6 +325,7 @@
|
||||
# CONFIG_CRYPTO_LZ4 is not set
|
||||
# CONFIG_CRYPTO_LZ4HC is not set
|
||||
# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
|
||||
# CONFIG_CRYPTO_MCRYPTD is not set
|
||||
# CONFIG_CRYPTO_MORUS1280 is not set
|
||||
# CONFIG_CRYPTO_MORUS1280_AVX2 is not set
|
||||
# CONFIG_CRYPTO_MORUS1280_SSE2 is not set
|
||||
@ -2750,7 +2751,6 @@ CONFIG_CRYPTO_HW=y
|
||||
CONFIG_CRYPTO_KHAZAD=m
|
||||
CONFIG_CRYPTO_LRW=m
|
||||
CONFIG_CRYPTO_MANAGER=y
|
||||
CONFIG_CRYPTO_MCRYPTD=m
|
||||
CONFIG_CRYPTO_MD4=m
|
||||
CONFIG_CRYPTO_MICHAEL_MIC=m
|
||||
CONFIG_CRYPTO_PCBC=m
|
||||
@ -2768,14 +2768,11 @@ CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m
|
||||
CONFIG_CRYPTO_SERPENT_AVX_X86_64=m
|
||||
CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m
|
||||
CONFIG_CRYPTO_SHA1=y
|
||||
CONFIG_CRYPTO_SHA1_MB=m
|
||||
CONFIG_CRYPTO_SHA1_SSSE3=y
|
||||
CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA256_MB=m
|
||||
CONFIG_CRYPTO_SHA256_SSSE3=y
|
||||
CONFIG_CRYPTO_SHA3=m
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
CONFIG_CRYPTO_SHA512_MB=m
|
||||
CONFIG_CRYPTO_SHA512_SSSE3=y
|
||||
CONFIG_CRYPTO_TEA=m
|
||||
CONFIG_CRYPTO_TEST=m
|
||||
|
66
kernel.spec
66
kernel.spec
@ -12,7 +12,7 @@
|
||||
# change below to w4T.xzdio):
|
||||
%define _binary_payload w3T.xzdio
|
||||
|
||||
%global distro_build 533
|
||||
%global distro_build 534
|
||||
|
||||
# Sign the x86_64 kernel for secure boot authentication
|
||||
%ifarch x86_64 aarch64 s390x ppc64le
|
||||
@ -38,10 +38,10 @@
|
||||
# define buildid .local
|
||||
|
||||
%define specversion 4.18.0
|
||||
%define pkgrelease 533.el8
|
||||
%define pkgrelease 534.el8
|
||||
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 533%{?dist}
|
||||
%define specrelease 534%{?dist}
|
||||
|
||||
%define pkg_release %{specrelease}%{?buildid}
|
||||
|
||||
@ -2695,6 +2695,66 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Sat Jan 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-534.el8]
|
||||
- nfsd: lock_rename() needs both directories to live on the same fs (Jeffrey Layton) [RHEL-19591]
|
||||
- HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19237 RHEL-19260] {CVE-2023-1073}
|
||||
- ceph: do not print the whole xattr value if it's too long (Xiubo Li) [RHEL-16411]
|
||||
- libceph: fix potential use-after-free on linger ping and resends (Jay Shin) [RHEL-20390]
|
||||
- ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (Xiubo Li) [RHEL-8003]
|
||||
- ceph: silence smatch warning in reconnect_caps_cb() (Xiubo Li) [RHEL-16410]
|
||||
- ceph: fix potential use-after-free bug when trimming caps (Xiubo Li) [RHEL-16410]
|
||||
- ceph: don't let check_caps skip sending responses for revoke msgs (Xiubo Li) [RHEL-16412]
|
||||
- ceph: issue a cap release immediately if no cap exists (Xiubo Li) [RHEL-16412]
|
||||
- ceph: trigger to flush the buffer when making snapshot (Xiubo Li) [RHEL-16412]
|
||||
- ceph: force updating the msg pointer in non-split case (Xiubo Li) [RHEL-16412]
|
||||
- ceph: flush cap releases when the session is flushed (Xiubo Li) [RHEL-16412]
|
||||
- ceph: reorder fields in 'struct ceph_snapid_map' (Xiubo Li) [RHEL-16412]
|
||||
- ceph: voluntarily drop Xx caps for requests those touch parent mtime (Xiubo Li) [RHEL-16412]
|
||||
- redhat/configs: Remove multi-buffer SHA configs (Štěpán Horáček) [RHEL-14477]
|
||||
- crypto: tcrypt - remove all multibuffer ahash tests (Štěpán Horáček) [RHEL-14477]
|
||||
- crypto: hash - Remove unused async iterators (Štěpán Horáček) [RHEL-14477]
|
||||
- crypto: x86 - remove SHA multibuffer routines and mcryptd (Štěpán Horáček) [RHEL-14477]
|
||||
- fs: group frequently accessed fields of struct super_block together (Miklos Szeredi) [RHEL-12504]
|
||||
- fanotify: add API to attach/detach super block mark (Miklos Szeredi) [RHEL-12504]
|
||||
- fsnotify: send path type events to group with super block marks (Miklos Szeredi) [RHEL-12504]
|
||||
- fsnotify: add super block object type (Miklos Szeredi) [RHEL-12504]
|
||||
- netfilter: nf_tables: set backend .flush always succeeds (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix memleak when more than 255 elements expired (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: disable toggling dormant table state more than once (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix table flag updates (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nftables: update table flags from the commit phase (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: disallow element removal on anonymous sets (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix nft_trans type confusion (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: defer gc run if previous batch is still pending (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix out of memory error handling (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: use correct lock to protect gc_list (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: GC transaction race with abort path (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nft_dynset: disallow object maps (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: GC transaction race with netns dismantle (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: don't fail inserts if duplicate has expired (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix kdoc warnings after gc rework (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix false-positive lockdep splat (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: remove busy mark and gc batch API (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: adapt set backend to use GC transaction API (Florian Westphal) [RHEL-1722] {CVE-2023-4244}
|
||||
- netfilter: nf_tables: GC transaction API to avoid race with control plane (Florian Westphal) [RHEL-1722] {CVE-2023-4244}
|
||||
- netfilter: nftables: rename set element data activation/deactivation functions (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nft_set_rbtree: skip elements in transaction from garbage collection (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: don't skip expired elements during walk (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: fix spurious set element insertion failure (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: report use refcount overflow (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: add nft_chain_add() (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: disallow timeout for anonymous sets (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: disallow updates of anonymous sets (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: disallow element updates of bound anonymous sets (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nft_set_pipapo: .walk does not deal with generations (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: integrate pipapo into commit protocol (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nf_tables: honor NLM_F_CREATE and NLM_F_EXCL in event notification (Florian Westphal) [RHEL-1722]
|
||||
- netfilter: nftables: add catch-all set element support (Florian Westphal) [RHEL-1722]
|
||||
|
||||
* Tue Jan 02 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-533.el8]
|
||||
- netlink: support extack in dump ->start() (Hangbin Liu) [RHEL-17272]
|
||||
- audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() (Artem Savkov) [RHEL-16009]
|
||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (linux-4.18.0-533.el8.tar.xz) = 969dd3ec2686994133a06dfdcbbf1ea9f873287a7a5b185b81ca8d15422ae842a0d179407d740e2dd2c9443c751f375be4c87502e797a4e8c57d46324e6c6626
|
||||
SHA512 (kernel-abi-stablelists-4.18.0-533.tar.bz2) = c89beeae5833e75e6f4a543ee8252de4fecbe98c7b27758823a3637d1521a7da408ae0e4d5acd25802c9ed01160b4711e595639b1b81da7ea33d4c3d68ebe073
|
||||
SHA512 (kernel-kabi-dw-4.18.0-533.tar.bz2) = a8b00c7ae3653dc7305ad2a7c14ebbdad9c0b90248b7c2e4b4f31f2a23a11dfe7a1931f8e676a7dcb11b06ff87a21838ae4ccf837549b73ff76bff397e758a9f
|
||||
SHA512 (linux-4.18.0-534.el8.tar.xz) = 4ec3a3291f8358f716227a9fb92299fcd0ee43cc1323b48556550620fdf615c91c0f4e0182eb3546dbe12794869df5b0cfb1750da4b8c5b684cc3757f6c561ff
|
||||
SHA512 (kernel-abi-stablelists-4.18.0-534.tar.bz2) = d49b70d776611c43486a3b47234013f24105ccd7add56c9db160054e62f8121f2dd5a0240b3f5873e30176c41ce4b55de81b3b817ccb4c9543f6840c55f5aaaf
|
||||
SHA512 (kernel-kabi-dw-4.18.0-534.tar.bz2) = a8b00c7ae3653dc7305ad2a7c14ebbdad9c0b90248b7c2e4b4f31f2a23a11dfe7a1931f8e676a7dcb11b06ff87a21838ae4ccf837549b73ff76bff397e758a9f
|
||||
|
Loading…
Reference in New Issue
Block a user