From 294cc354a936376eef7893b0015224066e385d68 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sun, 5 Nov 2023 10:46:44 +0100 Subject: [PATCH] kernel-4.18.0-522.el8 * Sun Nov 05 2023 Denys Vlasenko [4.18.0-522.el8] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Florian Westphal) [RHEL-8444] {CVE-2023-42753} - cxgb4: fix use after free bugs caused by circular dependency problem (Ricardo Robaina) [RHEL-6261 RHEL-7058] {CVE-2023-4133} - ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-5742] - bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-7534 RHEL-7535] {CVE-2023-2163} - mm/memcontrol.c: remove the redundant updating of stats_flush_threshold (Waiman Long) [2238379] - virtio_balloon: Fix endless deflation and inflation on arm64 (Gavin Shan) [RHEL-1672] - i40e: Fix VF VLAN offloading when port VLAN is configured (Ivan Vecera) [RHEL-6384] - libfs: take cursors out of list when moving past the end of directory (Jeffrey Layton) [RHEL-15148] - net/core: Fix ETH_P_1588 flow dissector (Paolo Abeni) [RHEL-14379] - skbuff: skb_segment, Call zero copy functions before using skbuff frags (Paolo Abeni) [RHEL-14379] - net: prevent skb corruption on frag list segmentation (Paolo Abeni) [RHEL-14379] - udp6: Fix race condition in udp6_sendmsg & connect (Paolo Abeni) [RHEL-14379] - scsi: megaraid_sas: Driver version update to 07.727.03.00-rc1 (Tomas Henzl) [RHEL-8244] - scsi: megaraid_sas: Log message when controller reset is requested but not issued (Tomas Henzl) [RHEL-8244] - scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (Tomas Henzl) [RHEL-8244] - scsi: megaraid_sas: Fix deadlock on firmware crashdump (Tomas Henzl) [RHEL-8244] - scsi: megaraid_sas: Use pci_dev_id() to simplify the code (Tomas Henzl) [RHEL-8244] - scsi: megaraid_sas: Convert union megasas_sgl to flex-arrays (Tomas Henzl) [RHEL-8244] - scsi: smartpqi: Change driver version to 2.1.24-046 (Don Brace) [RHEL-1728] - scsi: smartpqi: Enhance error messages (Don Brace) [RHEL-1728] - scsi: smartpqi: Enhance controller offline notification (Don Brace) [RHEL-1728] - scsi: smartpqi: Enhance shutdown notification (Don Brace) [RHEL-1728] - scsi: smartpqi: Simplify lun_number assignment (Don Brace) [RHEL-1728] - scsi: smartpqi: Rename pciinfo to pci_info (Don Brace) [RHEL-1728] - scsi: smartpqi: Rename MACRO to clarify purpose (Don Brace) [RHEL-1728] - scsi: smartpqi: Add abort handler (Don Brace) [RHEL-1728] - x86/sgx: mark as supported (Vladis Dronov) [2041881] - x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race (Vladis Dronov) [2041881] - x86/sgx: Break up long non-preemptible delays in sgx_vepc_release() (Vladis Dronov) [2041881] - Documentation: Fix typos (only the SGX part) (Vladis Dronov) [2041881] - x86/sgx: Avoid using iterator after loop in sgx_mmu_notifier_release() (Vladis Dronov) [2041881] - selftests/sgx: Add "test_encl.elf" to TEST_FILES (Vladis Dronov) [2041881] - convert sgx_set_attribute() to fdget()/fdput() (Vladis Dronov) [2041881] - x86/sgx: use VM_ACCESS_FLAGS (Vladis Dronov) [2041881] - x86/sgx: Replace kmap/kunmap_atomic() calls (Vladis Dronov) [2041881] - x86/sgx: Allow enclaves to use Asynchrounous Exit Notification (Vladis Dronov) [2041881] - x86/sgx: Reduce delay and interference of enclave release (Vladis Dronov) [2041881] - x86/vdso: Conditionally export __vdso_sgx_enter_enclave() (Vladis Dronov) [2041881] - x86/sgx: Add overflow check in sgx_validate_offset_length() (Vladis Dronov) [2041881] Resolves: rhbz#2041881, rhbz#2238379, RHEL-14379, RHEL-15148, RHEL-1672, RHEL-1728, RHEL-5742, RHEL-6261, RHEL-6384, RHEL-7058, RHEL-7534, RHEL-7535, RHEL-8244, RHEL-8444 Signed-off-by: Denys Vlasenko --- kernel.spec | 47 ++++++++++++++++++++++++++++++++++++++++++++--- sources | 6 +++--- 2 files changed, 47 insertions(+), 6 deletions(-) diff --git a/kernel.spec b/kernel.spec index f7894e82a..75bf653b7 100644 --- a/kernel.spec +++ b/kernel.spec @@ -12,7 +12,7 @@ # change below to w4T.xzdio): %define _binary_payload w3T.xzdio -%global distro_build 521 +%global distro_build 522 # Sign the x86_64 kernel for secure boot authentication %ifarch x86_64 aarch64 s390x ppc64le @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 521.el8 +%define pkgrelease 522.el8 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 521%{?dist} +%define specrelease 522%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2695,6 +2695,47 @@ fi # # %changelog +* Sun Nov 05 2023 Denys Vlasenko [4.18.0-522.el8] +- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Florian Westphal) [RHEL-8444] {CVE-2023-42753} +- cxgb4: fix use after free bugs caused by circular dependency problem (Ricardo Robaina) [RHEL-6261 RHEL-7058] {CVE-2023-4133} +- ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-5742] +- bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-7534 RHEL-7535] {CVE-2023-2163} +- mm/memcontrol.c: remove the redundant updating of stats_flush_threshold (Waiman Long) [2238379] +- virtio_balloon: Fix endless deflation and inflation on arm64 (Gavin Shan) [RHEL-1672] +- i40e: Fix VF VLAN offloading when port VLAN is configured (Ivan Vecera) [RHEL-6384] +- libfs: take cursors out of list when moving past the end of directory (Jeffrey Layton) [RHEL-15148] +- net/core: Fix ETH_P_1588 flow dissector (Paolo Abeni) [RHEL-14379] +- skbuff: skb_segment, Call zero copy functions before using skbuff frags (Paolo Abeni) [RHEL-14379] +- net: prevent skb corruption on frag list segmentation (Paolo Abeni) [RHEL-14379] +- udp6: Fix race condition in udp6_sendmsg & connect (Paolo Abeni) [RHEL-14379] +- scsi: megaraid_sas: Driver version update to 07.727.03.00-rc1 (Tomas Henzl) [RHEL-8244] +- scsi: megaraid_sas: Log message when controller reset is requested but not issued (Tomas Henzl) [RHEL-8244] +- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (Tomas Henzl) [RHEL-8244] +- scsi: megaraid_sas: Fix deadlock on firmware crashdump (Tomas Henzl) [RHEL-8244] +- scsi: megaraid_sas: Use pci_dev_id() to simplify the code (Tomas Henzl) [RHEL-8244] +- scsi: megaraid_sas: Convert union megasas_sgl to flex-arrays (Tomas Henzl) [RHEL-8244] +- scsi: smartpqi: Change driver version to 2.1.24-046 (Don Brace) [RHEL-1728] +- scsi: smartpqi: Enhance error messages (Don Brace) [RHEL-1728] +- scsi: smartpqi: Enhance controller offline notification (Don Brace) [RHEL-1728] +- scsi: smartpqi: Enhance shutdown notification (Don Brace) [RHEL-1728] +- scsi: smartpqi: Simplify lun_number assignment (Don Brace) [RHEL-1728] +- scsi: smartpqi: Rename pciinfo to pci_info (Don Brace) [RHEL-1728] +- scsi: smartpqi: Rename MACRO to clarify purpose (Don Brace) [RHEL-1728] +- scsi: smartpqi: Add abort handler (Don Brace) [RHEL-1728] +- x86/sgx: mark as supported (Vladis Dronov) [2041881] +- x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race (Vladis Dronov) [2041881] +- x86/sgx: Break up long non-preemptible delays in sgx_vepc_release() (Vladis Dronov) [2041881] +- Documentation: Fix typos (only the SGX part) (Vladis Dronov) [2041881] +- x86/sgx: Avoid using iterator after loop in sgx_mmu_notifier_release() (Vladis Dronov) [2041881] +- selftests/sgx: Add "test_encl.elf" to TEST_FILES (Vladis Dronov) [2041881] +- convert sgx_set_attribute() to fdget()/fdput() (Vladis Dronov) [2041881] +- x86/sgx: use VM_ACCESS_FLAGS (Vladis Dronov) [2041881] +- x86/sgx: Replace kmap/kunmap_atomic() calls (Vladis Dronov) [2041881] +- x86/sgx: Allow enclaves to use Asynchrounous Exit Notification (Vladis Dronov) [2041881] +- x86/sgx: Reduce delay and interference of enclave release (Vladis Dronov) [2041881] +- x86/vdso: Conditionally export __vdso_sgx_enter_enclave() (Vladis Dronov) [2041881] +- x86/sgx: Add overflow check in sgx_validate_offset_length() (Vladis Dronov) [2041881] + * Mon Oct 30 2023 Denys Vlasenko [4.18.0-521.el8] - team: fix null-ptr-deref when team device type is changed (Hangbin Liu) [RHEL-13961] - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Hangbin Liu) [RHEL-13961] diff --git a/sources b/sources index 2d2e8df71..0cd2f7e41 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-521.el8.tar.xz) = 7d23ce88ebc67bfc764f5c64dde26c0054b311715f042cb2c7b4d78584e423e8e4e69b087551b807294a7c610af5238cfb216a98083af70a23e96a2b41336f56 -SHA512 (kernel-abi-stablelists-4.18.0-521.tar.bz2) = 7c8f94d710b6a4c6327111140c6afad07092e138bbafb57b47af72ffd9a4fae6c437949a04e5cb7bcb1abd58789f1612be587be425f50123ba54f526caf47b7a -SHA512 (kernel-kabi-dw-4.18.0-521.tar.bz2) = f7bbf94096acc33486535d9eece268c543c6a05d93ee262d64dc22b220f1cb3ff49b4cf091a5c748811c4229fdf674be4c816174575161b0ca5e457726595b32 +SHA512 (linux-4.18.0-522.el8.tar.xz) = 703aa76ae20ac9072127f7236acbc6be7a38a02ad268e09349f5afb68fcc3ac9ae68462af8a30699c6f297d8ea605a6f1c4f7fa52b464aab7660c00dd1ac4534 +SHA512 (kernel-abi-stablelists-4.18.0-522.tar.bz2) = 86cae5cca443ee9944696fcc3630db78962a25614924ee2133b79e4d62e2fc0e98647270c69d9792667642ffb425e5acd8abee1420c5da0df7d3fa746e39c9f9 +SHA512 (kernel-kabi-dw-4.18.0-522.tar.bz2) = f7bbf94096acc33486535d9eece268c543c6a05d93ee262d64dc22b220f1cb3ff49b4cf091a5c748811c4229fdf674be4c816174575161b0ca5e457726595b32