kernel-5.14.0-478.el9
* Tue Jul 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-478.el9]
- netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816]
- sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816]
- stm class: Fix a double free in stm_register_device() (David Arcari) [RHEL-44520] {CVE-2024-38627}
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44261] {CVE-2024-38543}
- netfilter: complete validation of user input (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
- netfilter: validate user input for expected length (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
- xfs: fix reloading entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
- xfs: make inode unlinked bucket recovery work with quotacheck (Pavel Reichl) [RHEL-7990]
- xfs: reload entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
- xfs: use i_prev_unlinked to distinguish inodes that are not on the unlinked list (Pavel Reichl) [RHEL-7990]
- xfs: load uncached unlinked inodes into memory on demand (Pavel Reichl) [RHEL-7990]
- netfilter: nf_tables: Implement table adoption support (Phil Sutter) [RHEL-32120]
- netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST (Phil Sutter) [RHEL-32120]
- netfilter: uapi: Document NFT_TABLE_F_OWNER flag (Phil Sutter) [RHEL-32120]
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39781] {CVE-2024-36929}
- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39833]
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39833] {CVE-2024-36905}
- ppdev: Add an error check in register_device (Steve Best) [RHEL-39127] {CVE-2024-36015}
- ppdev: Remove usage of the deprecated ida_simple_xx() API (Steve Best) [RHEL-39127] {CVE-2024-36015}
- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37725] {CVE-2021-47384}
- of: module: prevent NULL pointer dereference in vsnprintf() (Steve Best) [RHEL-37254] {CVE-2024-35878}
Resolves: RHEL-28816, RHEL-32120, RHEL-37212, RHEL-37254, RHEL-37725, RHEL-39127, RHEL-39781, RHEL-39833, RHEL-44261, RHEL-44520, RHEL-7990
Signed-off-by: Lucas Zampieri <lzampier@redhat.com>
This commit is contained in:
Lucas Zampieri
parent
922a69fe49
commit
83c0ae3a04
@ -12,7 +12,7 @@ RHEL_MINOR = 5
|
||||
#
|
||||
# Use this spot to avoid future merge conflicts.
|
||||
# Do not trim this comment.
|
||||
RHEL_RELEASE = 477
|
||||
RHEL_RELEASE = 478
|
||||
|
||||
#
|
||||
# ZSTREAM
|
||||
|
||||
@ -1,3 +1,27 @@
|
||||
* Tue Jul 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-478.el9]
|
||||
- netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816]
|
||||
- sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816]
|
||||
- stm class: Fix a double free in stm_register_device() (David Arcari) [RHEL-44520] {CVE-2024-38627}
|
||||
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44261] {CVE-2024-38543}
|
||||
- netfilter: complete validation of user input (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
|
||||
- netfilter: validate user input for expected length (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
|
||||
- xfs: fix reloading entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: make inode unlinked bucket recovery work with quotacheck (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: reload entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: use i_prev_unlinked to distinguish inodes that are not on the unlinked list (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: load uncached unlinked inodes into memory on demand (Pavel Reichl) [RHEL-7990]
|
||||
- netfilter: nf_tables: Implement table adoption support (Phil Sutter) [RHEL-32120]
|
||||
- netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST (Phil Sutter) [RHEL-32120]
|
||||
- netfilter: uapi: Document NFT_TABLE_F_OWNER flag (Phil Sutter) [RHEL-32120]
|
||||
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39781] {CVE-2024-36929}
|
||||
- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39833]
|
||||
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39833] {CVE-2024-36905}
|
||||
- ppdev: Add an error check in register_device (Steve Best) [RHEL-39127] {CVE-2024-36015}
|
||||
- ppdev: Remove usage of the deprecated ida_simple_xx() API (Steve Best) [RHEL-39127] {CVE-2024-36015}
|
||||
- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37725] {CVE-2021-47384}
|
||||
- of: module: prevent NULL pointer dereference in vsnprintf() (Steve Best) [RHEL-37254] {CVE-2024-35878}
|
||||
Resolves: RHEL-28816, RHEL-32120, RHEL-37212, RHEL-37254, RHEL-37725, RHEL-39127, RHEL-39781, RHEL-39833, RHEL-44261, RHEL-44520, RHEL-7990
|
||||
|
||||
* Mon Jul 08 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-477.el9]
|
||||
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (CKI Backport Bot) [RHEL-41151] {CVE-2024-36967}
|
||||
- mm/zswap: invalidate duplicate entry when !zswap_enabled (Rafael Aquini) [RHEL-40684]
|
||||
|
||||
31
kernel.spec
31
kernel.spec
@ -165,15 +165,15 @@ Summary: The Linux kernel
|
||||
# define buildid .local
|
||||
%define specversion 5.14.0
|
||||
%define patchversion 5.14
|
||||
%define pkgrelease 477
|
||||
%define pkgrelease 478
|
||||
%define kversion 5
|
||||
%define tarfile_release 5.14.0-477.el9
|
||||
%define tarfile_release 5.14.0-478.el9
|
||||
# This is needed to do merge window version magic
|
||||
%define patchlevel 14
|
||||
# This allows pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 477%{?buildid}%{?dist}
|
||||
%define specrelease 478%{?buildid}%{?dist}
|
||||
# This defines the kabi tarball version
|
||||
%define kabiversion 5.14.0-477.el9
|
||||
%define kabiversion 5.14.0-478.el9
|
||||
|
||||
#
|
||||
# End of genspec.sh variables
|
||||
@ -3747,6 +3747,29 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Tue Jul 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-478.el9]
|
||||
- netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816]
|
||||
- sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816]
|
||||
- stm class: Fix a double free in stm_register_device() (David Arcari) [RHEL-44520] {CVE-2024-38627}
|
||||
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44261] {CVE-2024-38543}
|
||||
- netfilter: complete validation of user input (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
|
||||
- netfilter: validate user input for expected length (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
|
||||
- xfs: fix reloading entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: make inode unlinked bucket recovery work with quotacheck (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: reload entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: use i_prev_unlinked to distinguish inodes that are not on the unlinked list (Pavel Reichl) [RHEL-7990]
|
||||
- xfs: load uncached unlinked inodes into memory on demand (Pavel Reichl) [RHEL-7990]
|
||||
- netfilter: nf_tables: Implement table adoption support (Phil Sutter) [RHEL-32120]
|
||||
- netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST (Phil Sutter) [RHEL-32120]
|
||||
- netfilter: uapi: Document NFT_TABLE_F_OWNER flag (Phil Sutter) [RHEL-32120]
|
||||
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39781] {CVE-2024-36929}
|
||||
- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39833]
|
||||
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39833] {CVE-2024-36905}
|
||||
- ppdev: Add an error check in register_device (Steve Best) [RHEL-39127] {CVE-2024-36015}
|
||||
- ppdev: Remove usage of the deprecated ida_simple_xx() API (Steve Best) [RHEL-39127] {CVE-2024-36015}
|
||||
- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37725] {CVE-2021-47384}
|
||||
- of: module: prevent NULL pointer dereference in vsnprintf() (Steve Best) [RHEL-37254] {CVE-2024-35878}
|
||||
|
||||
* Mon Jul 08 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-477.el9]
|
||||
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (CKI Backport Bot) [RHEL-41151] {CVE-2024-36967}
|
||||
- mm/zswap: invalidate duplicate entry when !zswap_enabled (Rafael Aquini) [RHEL-40684]
|
||||
|
||||
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (linux-5.14.0-477.el9.tar.xz) = 76f1083226ea75edf2c60400f468d95f1d5679bbe1fc917ecca682980e78d48d0dc8806667e0bb6840594a9bad74f20feee5e61c0af6003b752912a0bcd33f7c
|
||||
SHA512 (kernel-abi-stablelists-5.14.0-477.el9.tar.bz2) = 304d7e9b419025d4559c413989ecca6c47467e646750b889cf8681e9f9d372e6ce0aeadc2ea7c9b304016280ee776c77d8550e34b4c8262be2bc178fe807fa26
|
||||
SHA512 (kernel-kabi-dw-5.14.0-477.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963
|
||||
SHA512 (linux-5.14.0-478.el9.tar.xz) = 9de8e409352536d1850a0fe9255e43e0b84f2edb119efe2900057c4031cf7657463305d0a3aae54c3be4c9d24c7548b657a9267b01f14957f85d26509011c005
|
||||
SHA512 (kernel-abi-stablelists-5.14.0-478.el9.tar.bz2) = 3fd4bafee9611aa41f3804ee5526a67937531082240c7358a608c748e1699b0ae1042f691076c1b307caf2562b14c630340bf0f396d1abe9457904f600717286
|
||||
SHA512 (kernel-kabi-dw-5.14.0-478.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963
|
||||
|
||||
Loading…
Reference in New Issue
Block a user