rpms/kernel
8
2
Fork 6
Code Issues Pull Requests Releases Activity

hpsa: bring back deprecated PCI ids #CFHack #CFHack2024

Browse Source 
mptsas: bring back deprecated PCI ids #CFHack #CFHack2024

megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024

qla2xxx: bring back deprecated PCI ids #CFHack #CFHack2024

qla4xxx: bring back deprecated PCI ids

lpfc: bring back deprecated PCI ids

be2iscsi: bring back deprecated PCI ids

kernel/rh_messages.h: enable all disabled pci devices by moving to unmaintained

Use AlmaLinux OS secure boot cert

Debrand for AlmaLinux OS

Add KVM support for ppc64le
This commit is contained in:
Andrew Lukoshko 2026-01-14 10:24:55 +00:00 committed by root
commit 0ce892aff2
5 changed files with 71 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.gitignore vendored
View File

@ -1,6 +1,6 @@
SOURCES/kernel-abi-stablelists-5.14.0-611.16.1.el9_7.tar.bz2
SOURCES/kernel-kabi-dw-5.14.0-611.16.1.el9_7.tar.bz2
SOURCES/linux-5.14.0-611.16.1.el9_7.tar.xz
SOURCES/kernel-abi-stablelists-5.14.0-611.20.1.el9_7.tar.bz2
SOURCES/kernel-kabi-dw-5.14.0-611.20.1.el9_7.tar.bz2
SOURCES/linux-5.14.0-611.20.1.el9_7.tar.xz
SOURCES/nvidiagpuoot001.x509
SOURCES/olima1.x509
SOURCES/olimaca1.x509

6
.kernel.metadata
View File

@ -1,6 +1,6 @@
31e7f4937937748cabdb75462568d316ce8865af SOURCES/kernel-abi-stablelists-5.14.0-611.16.1.el9_7.tar.bz2
3c2b435e3a907e78a8bd4ed79c8e00db196365b3 SOURCES/kernel-kabi-dw-5.14.0-611.16.1.el9_7.tar.bz2
33089a9379d98a1f2d067344a45048ea32cb4939 SOURCES/linux-5.14.0-611.16.1.el9_7.tar.xz
1e30289092b81ba717ae5e7f571e1e45bf6c9fe8 SOURCES/kernel-abi-stablelists-5.14.0-611.20.1.el9_7.tar.bz2
070fdef7e39adf3321eb25910d3da5b3eccb36ec SOURCES/kernel-kabi-dw-5.14.0-611.20.1.el9_7.tar.bz2
650b2127d6afd5fbed75f4c69c1dff313a99e32f SOURCES/linux-5.14.0-611.20.1.el9_7.tar.xz
4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509

2
SOURCES/Makefile.rhelver
View File

@ -12,7 +12,7 @@ RHEL_MINOR = 7
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 611.16.1
RHEL_RELEASE = 611.20.1
#
# ZSTREAM

31
SOURCES/kernel.changelog
View File

@ -1,3 +1,34 @@
* Sat Dec 20 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.20.1.el9_7]
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (CKI Backport Bot) [RHEL-124607] {CVE-2025-39806}
- sctp: avoid NULL dereference when chunk data buffer is missing (CKI Backport Bot) [RHEL-134001] {CVE-2025-40240}
- selftests/landlock: Add a new test for setuid() (Štěpán Horáček) [RHEL-132712]
- selftests/landlock: Split signal_scoping_threads tests (Štěpán Horáček) [RHEL-132712]
- landlock: Always allow signals between threads of the same process (Štěpán Horáček) [RHEL-132712]
- landlock: Prepare to add second errata (Štěpán Horáček) [RHEL-132712]
- landlock: Add the errata interface (Štěpán Horáček) [RHEL-132712]
- selftests/landlock: Test signal scoping for threads (Štěpán Horáček) [RHEL-132712]
- selftests/landlock: Test signal scoping (Štěpán Horáček) [RHEL-132712]
- landlock: Add signal scoping (Štěpán Horáček) [RHEL-132712]
Resolves: RHEL-124607, RHEL-132712, RHEL-134001
* Thu Dec 18 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.19.1.el9_7]
- scsi: st: Skip buffer flush for information ioctls (John Meneghini) [RHEL-133543]
- scsi: st: Separate st-unique ioctl handling from SCSI common ioctl handling (John Meneghini) [RHEL-133543]
- audit: fix out-of-bounds read in audit_compare_dname_path() (Richard Guy Briggs) [RHEL-119176] {CVE-2025-39840}
Resolves: RHEL-119176, RHEL-133543
* Sat Dec 13 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.18.1.el9_7]
- NFS: remove revoked delegation from server's delegation list (Benjamin Coddington) [RHEL-134237]
- redhat: use RELEASE_LOCALVERSION also for dist-get-tag (Jan Stancek)
- redhat: introduce RELEASE_LOCALVERSION variable (Jan Stancek)
Resolves: RHEL-134237
* Thu Dec 11 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.17.1.el9_7]
- smb: client: handle lack of IPC in dfs_cache_refresh() (Paulo Alcantara) [RHEL-126165]
- smb: client: get rid of d_drop() in cifs_do_rename() (Paulo Alcantara) [RHEL-124917]
- mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory (CKI Backport Bot) [RHEL-119150] {CVE-2025-39883}
Resolves: RHEL-119150, RHEL-124917, RHEL-126165
* Sun Dec 07 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.16.1.el9_7]
- CVE-2025-38499 kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (Abhi Das) [RHEL-129261] {CVE-2025-38499}
- tls: wait for pending async decryptions if tls_strp_msg_hold fails (CKI Backport Bot) [RHEL-128860] {CVE-2025-40176}

39
SPECS/kernel.spec
View File

@ -165,15 +165,15 @@ Summary: The Linux kernel
# define buildid .local
%define specversion 5.14.0
%define patchversion 5.14
%define pkgrelease 611.16.1
%define pkgrelease 611.20.1
%define kversion 5
%define tarfile_release 5.14.0-611.16.1.el9_7
%define tarfile_release 5.14.0-611.20.1.el9_7
# This is needed to do merge window version magic
%define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 611.16.1%{?buildid}%{?dist}
%define specrelease 611.20.1%{?buildid}%{?dist}
# This defines the kabi tarball version
%define kabiversion 5.14.0-611.16.1.el9_7
%define kabiversion 5.14.0-611.20.1.el9_7
#
# End of genspec.sh variables
@ -3768,7 +3768,7 @@ fi
#
#
%changelog
* Mon Dec 22 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 5.14.0-611.16.1
* Wed Jan 14 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 5.14.0-611.20.1
- hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
- mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
- megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
@ -3779,11 +3779,38 @@ fi
- kernel/rh_messages.h: enable all disabled pci devices by moving to
unmaintained
* Mon Dec 22 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-611.16.1
* Wed Jan 14 2026 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-611.20.1
- Use AlmaLinux OS secure boot cert
- Debrand for AlmaLinux OS
- Add KVM support for ppc64le
* Sat Dec 20 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.20.1.el9_7]
- HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (CKI Backport Bot) [RHEL-124607] {CVE-2025-39806}
- sctp: avoid NULL dereference when chunk data buffer is missing (CKI Backport Bot) [RHEL-134001] {CVE-2025-40240}
- selftests/landlock: Add a new test for setuid() (Štěpán Horáček) [RHEL-132712]
- selftests/landlock: Split signal_scoping_threads tests (Štěpán Horáček) [RHEL-132712]
- landlock: Always allow signals between threads of the same process (Štěpán Horáček) [RHEL-132712]
- landlock: Prepare to add second errata (Štěpán Horáček) [RHEL-132712]
- landlock: Add the errata interface (Štěpán Horáček) [RHEL-132712]
- selftests/landlock: Test signal scoping for threads (Štěpán Horáček) [RHEL-132712]
- selftests/landlock: Test signal scoping (Štěpán Horáček) [RHEL-132712]
- landlock: Add signal scoping (Štěpán Horáček) [RHEL-132712]
* Thu Dec 18 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.19.1.el9_7]
- scsi: st: Skip buffer flush for information ioctls (John Meneghini) [RHEL-133543]
- scsi: st: Separate st-unique ioctl handling from SCSI common ioctl handling (John Meneghini) [RHEL-133543]
- audit: fix out-of-bounds read in audit_compare_dname_path() (Richard Guy Briggs) [RHEL-119176] {CVE-2025-39840}
* Sat Dec 13 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.18.1.el9_7]
- NFS: remove revoked delegation from server's delegation list (Benjamin Coddington) [RHEL-134237]
- redhat: use RELEASE_LOCALVERSION also for dist-get-tag (Jan Stancek)
- redhat: introduce RELEASE_LOCALVERSION variable (Jan Stancek)
* Thu Dec 11 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.17.1.el9_7]
- smb: client: handle lack of IPC in dfs_cache_refresh() (Paulo Alcantara) [RHEL-126165]
- smb: client: get rid of d_drop() in cifs_do_rename() (Paulo Alcantara) [RHEL-124917]
- mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory (CKI Backport Bot) [RHEL-119150] {CVE-2025-39883}
* Sun Dec 07 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.16.1.el9_7]
- CVE-2025-38499 kernel: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (Abhi Das) [RHEL-129261] {CVE-2025-38499}
- tls: wait for pending async decryptions if tls_strp_msg_hold fails (CKI Backport Bot) [RHEL-128860] {CVE-2025-40176}