import EuroLinux kernel-5.14.0-427.35.1.el9_4
This commit is contained in:
parent
52e35782ae
commit
0f5d43ec2f
8
.gitignore
vendored
8
.gitignore
vendored
@ -1,9 +1,7 @@
|
|||||||
SOURCES/kernel-abi-stablelists-5.14.0-427.33.1.el9_4.tar.bz2
|
SOURCES/kernel-abi-stablelists-5.14.0-427.35.1.el9_4.tar.bz2
|
||||||
SOURCES/kernel-kabi-dw-5.14.0-427.33.1.el9_4.tar.bz2
|
SOURCES/kernel-kabi-dw-5.14.0-427.35.1.el9_4.tar.bz2
|
||||||
SOURCES/linux-5.14.0-427.33.1.el9_4.tar.xz
|
SOURCES/linux-5.14.0-427.35.1.el9_4.tar.xz
|
||||||
SOURCES/nvidiagpuoot001.x509
|
SOURCES/nvidiagpuoot001.x509
|
||||||
SOURCES/olima1.x509
|
|
||||||
SOURCES/olimaca1.x509
|
|
||||||
SOURCES/rheldup3.x509
|
SOURCES/rheldup3.x509
|
||||||
SOURCES/rhelima.x509
|
SOURCES/rhelima.x509
|
||||||
SOURCES/rhelima_centos.x509
|
SOURCES/rhelima_centos.x509
|
||||||
|
@ -1,9 +1,7 @@
|
|||||||
68bf97bf6568121d55c8dc33ed7b072b43560ddf SOURCES/kernel-abi-stablelists-5.14.0-427.33.1.el9_4.tar.bz2
|
a9b3a7fe48a9cd65e5c222310c6be4de7fed2fb2 SOURCES/kernel-abi-stablelists-5.14.0-427.35.1.el9_4.tar.bz2
|
||||||
eb5e4688ec329e5f7272a7160a534a27c3462b18 SOURCES/kernel-kabi-dw-5.14.0-427.33.1.el9_4.tar.bz2
|
6959196dd6f1c6e3efce688521d81fa71ecde373 SOURCES/kernel-kabi-dw-5.14.0-427.35.1.el9_4.tar.bz2
|
||||||
85c884a438f0466bf166e150b6d5484f4cb97068 SOURCES/linux-5.14.0-427.33.1.el9_4.tar.xz
|
7d681318edce705b8d77430ddc548bfc0c05f4bd SOURCES/linux-5.14.0-427.35.1.el9_4.tar.xz
|
||||||
4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
|
4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
|
||||||
706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
|
|
||||||
6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509
|
|
||||||
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
|
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
|
||||||
99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509
|
99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509
|
||||||
61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509
|
61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509
|
||||||
|
@ -12,7 +12,7 @@ RHEL_MINOR = 4
|
|||||||
#
|
#
|
||||||
# Use this spot to avoid future merge conflicts.
|
# Use this spot to avoid future merge conflicts.
|
||||||
# Do not trim this comment.
|
# Do not trim this comment.
|
||||||
RHEL_RELEASE = 427.33.1
|
RHEL_RELEASE = 427.35.1
|
||||||
|
|
||||||
#
|
#
|
||||||
# ZSTREAM
|
# ZSTREAM
|
||||||
|
@ -165,15 +165,15 @@ Summary: The Linux kernel
|
|||||||
# define buildid .local
|
# define buildid .local
|
||||||
%define specversion 5.14.0
|
%define specversion 5.14.0
|
||||||
%define patchversion 5.14
|
%define patchversion 5.14
|
||||||
%define pkgrelease 427.33.1
|
%define pkgrelease 427.35.1
|
||||||
%define kversion 5
|
%define kversion 5
|
||||||
%define tarfile_release 5.14.0-427.33.1.el9_4
|
%define tarfile_release 5.14.0-427.35.1.el9_4
|
||||||
# This is needed to do merge window version magic
|
# This is needed to do merge window version magic
|
||||||
%define patchlevel 14
|
%define patchlevel 14
|
||||||
# This allows pkg_release to have configurable %%{?dist} tag
|
# This allows pkg_release to have configurable %%{?dist} tag
|
||||||
%define specrelease 427.33.1%{?buildid}%{?dist}
|
%define specrelease 427.35.1%{?buildid}%{?dist}
|
||||||
# This defines the kabi tarball version
|
# This defines the kabi tarball version
|
||||||
%define kabiversion 5.14.0-427.33.1.el9_4
|
%define kabiversion 5.14.0-427.35.1.el9_4
|
||||||
|
|
||||||
#
|
#
|
||||||
# End of genspec.sh variables
|
# End of genspec.sh variables
|
||||||
@ -624,6 +624,15 @@ Summary: The Linux kernel
|
|||||||
%define kernel_prereq coreutils, systemd >= 203-2, /usr/bin/kernel-install
|
%define kernel_prereq coreutils, systemd >= 203-2, /usr/bin/kernel-install
|
||||||
%define initrd_prereq dracut >= 027
|
%define initrd_prereq dracut >= 027
|
||||||
|
|
||||||
|
# EuroLinux override
|
||||||
|
# Normaly this should be done in rpmmacros, but because the packages must be rebuildable with beast
|
||||||
|
# we have to change this here
|
||||||
|
|
||||||
|
%define with_doc 1
|
||||||
|
%global signkernel 0
|
||||||
|
%global signmodules 0
|
||||||
|
|
||||||
|
# End of EuroLinux override
|
||||||
|
|
||||||
Name: kernel
|
Name: kernel
|
||||||
License: ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-3-Clause-Clear AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib
|
License: ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-3-Clause-Clear AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib
|
||||||
@ -789,12 +798,14 @@ BuildRequires: tpm2-tools
|
|||||||
# For Azure CVM specific udev rules
|
# For Azure CVM specific udev rules
|
||||||
BuildRequires: WALinuxAgent-cvm
|
BuildRequires: WALinuxAgent-cvm
|
||||||
# For UKI sb cert
|
# For UKI sb cert
|
||||||
|
%if %{signkernel}
|
||||||
%if 0%{?centos}
|
%if 0%{?centos}
|
||||||
BuildRequires: centos-sb-certs >= 9.0-23
|
BuildRequires: centos-sb-certs >= 9.0-23
|
||||||
%else
|
%else
|
||||||
BuildRequires: redhat-sb-certs >= 9.4-0.1
|
BuildRequires: redhat-sb-certs >= 9.4-0.1
|
||||||
%endif
|
%endif
|
||||||
%endif
|
%endif
|
||||||
|
%endif
|
||||||
|
|
||||||
# Because this is the kernel, it's hard to get a single upstream URL
|
# Because this is the kernel, it's hard to get a single upstream URL
|
||||||
# to represent the base without needing to do a bunch of patching. This
|
# to represent the base without needing to do a bunch of patching. This
|
||||||
@ -1242,11 +1253,11 @@ Summary: gcov graph and source files for coverage data collection.\
|
|||||||
%{nil}
|
%{nil}
|
||||||
|
|
||||||
%package -n kernel-abi-stablelists
|
%package -n kernel-abi-stablelists
|
||||||
Summary: The Red Hat Enterprise Linux kernel ABI symbol stablelists
|
Summary: The EuroLinux kernel ABI symbol stablelists
|
||||||
AutoReqProv: no
|
AutoReqProv: no
|
||||||
%description -n kernel-abi-stablelists
|
%description -n kernel-abi-stablelists
|
||||||
The kABI package contains information pertaining to the Red Hat Enterprise
|
The kABI package contains information pertaining to the EuroLinux
|
||||||
Linux kernel ABI, including lists of kernel symbols that are needed by
|
kernel ABI, including lists of kernel symbols that are needed by
|
||||||
external Linux kernel modules, and a yum plugin to aid enforcement.
|
external Linux kernel modules, and a yum plugin to aid enforcement.
|
||||||
|
|
||||||
%if %{with_kabidw_base}
|
%if %{with_kabidw_base}
|
||||||
@ -1255,8 +1266,8 @@ Summary: The baseline dataset for kABI verification using DWARF data
|
|||||||
Group: System Environment/Kernel
|
Group: System Environment/Kernel
|
||||||
AutoReqProv: no
|
AutoReqProv: no
|
||||||
%description kernel-kabidw-base-internal
|
%description kernel-kabidw-base-internal
|
||||||
The package contains data describing the current ABI of the Red Hat Enterprise
|
The package contains data describing the current ABI of the EuroLinux
|
||||||
Linux kernel, suitable for the kabi-dw tool.
|
kernel, suitable for the kabi-dw tool.
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -1790,7 +1801,7 @@ done
|
|||||||
# Adjust FIPS module name for RHEL
|
# Adjust FIPS module name for RHEL
|
||||||
%if 0%{?rhel}
|
%if 0%{?rhel}
|
||||||
for i in *.config; do
|
for i in *.config; do
|
||||||
sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux %{rhel} - Kernel Cryptographic API"/' $i
|
sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME="EuroLinux %{rhel} - Kernel Cryptographic API"/' $i
|
||||||
done
|
done
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@ -3732,6 +3743,57 @@ fi
|
|||||||
#
|
#
|
||||||
#
|
#
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Sep 11 2024 EuroLinux Autopatch <devel@euro-linux.com>
|
||||||
|
|
||||||
|
* Fri Aug 30 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.35.1.el9_4]
|
||||||
|
- usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716] {CVE-2024-38619}
|
||||||
|
- ceph: force sending a cap update msg back to MDS for revoke op (Xiubo Li) [RHEL-55437]
|
||||||
|
- ceph: periodically flush the cap releases (Xiubo Li) [RHEL-55437]
|
||||||
|
- mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
|
||||||
|
- Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jay Shin) [RHEL-51701 RHEL-50004] {CVE-2024-42102}
|
||||||
|
- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619] {CVE-2024-26720}
|
||||||
|
- net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
|
||||||
|
- nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
|
||||||
|
- kernfs: change kernfs_rename_lock into a read-write lock (Jay Shin) [RHEL-55253 RHEL-52956]
|
||||||
|
- kernfs: Separate kernfs_pr_cont_buf and rename_lock (Jay Shin) [RHEL-55253 RHEL-52956]
|
||||||
|
- kernfs: fix missing kernfs_iattr_rwsem locking (Jay Shin) [RHEL-55253 RHEL-52956]
|
||||||
|
- kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info (Jay Shin) [RHEL-55253 RHEL-52956]
|
||||||
|
- kernfs: Introduce separate rwsem to protect inode attributes (Jay Shin) [RHEL-55253 RHEL-52956]
|
||||||
|
- xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892] {CVE-2024-40927}
|
||||||
|
- Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
|
||||||
|
- xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
|
||||||
|
- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (Benjamin Coddington) [RHEL-42578 RHEL-34875]
|
||||||
|
- nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
|
||||||
|
- net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
|
||||||
|
- net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
|
||||||
|
- net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
|
||||||
|
- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343 RHEL-26588] {CVE-2023-52463}
|
||||||
|
- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (Charles Mirabile) [RHEL-34234 RHEL-1697]
|
||||||
|
- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (Charles Mirabile) [RHEL-34234 RHEL-1697]
|
||||||
|
- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (Scott Weaver) [RHEL-34234 RHEL-1697]
|
||||||
|
|
||||||
|
* Thu Aug 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.34.1.el9_4]
|
||||||
|
- mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
|
||||||
|
- mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
|
||||||
|
- ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059] {CVE-2024-41044}
|
||||||
|
- x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
|
||||||
|
- PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
|
||||||
|
- iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518 RHEL-28780] {CVE-2023-52801}
|
||||||
|
- mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619] {CVE-2024-26630}
|
||||||
|
- regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706] {CVE-2024-36019}
|
||||||
|
- mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
|
||||||
|
- kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778 RHEL-34985] {CVE-2024-26946}
|
||||||
|
- mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467] {CVE-2024-36000}
|
||||||
|
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
|
||||||
|
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
|
||||||
|
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52675 RHEL-50366]
|
||||||
|
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (Charles Mirabile) [RHEL-49347 RHEL-32452]
|
||||||
|
- net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
|
||||||
|
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky) [RHEL-41462 RHEL-32430] {CVE-2024-35791}
|
||||||
|
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582] {CVE-2024-40936}
|
||||||
|
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269] {CVE-2024-35875}
|
||||||
|
- scsi: qedf: Ensure the copied buf is NUL terminated (cki-backport-bot) [RHEL-44203] {CVE-2024-38559}
|
||||||
|
|
||||||
* Fri Aug 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.33.1.el9_4]
|
* Fri Aug 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.33.1.el9_4]
|
||||||
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44287] {CVE-2024-38540}
|
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44287] {CVE-2024-38540}
|
||||||
- netfilter: flowtable: validate pppoe header (Florian Westphal) [RHEL-44430 RHEL-33469] {CVE-2024-27016}
|
- netfilter: flowtable: validate pppoe header (Florian Westphal) [RHEL-44430 RHEL-33469] {CVE-2024-27016}
|
||||||
|
Loading…
Reference in New Issue
Block a user