kernel-4.18.0-553.6.1.el8_10

* Wed May 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.6.1.el8_10]
- powerpc/powernv: Add a null pointer check in opal_event_init() (Mamatha Inamdar) [RHEL-37058] {CVE-2023-52686}
- crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-35361]
- crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-35361]
- KEYS: use kfree_sensitive with key (Vladis Dronov) [RHEL-35361]
- lib/mpi: Extend the MPI library (only mpi_*_bit() part) (Vladis Dronov) [RHEL-35361]
- net: ip_tunnel: prevent perpetual headroom growth (Felix Maurer) [RHEL-31814] {CVE-2024-26804}
- s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-36048]
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (Kamal Heib) [RHEL-33162] {CVE-2024-26907}
- ovl: fix leaked dentry (Miklos Szeredi) [RHEL-27306] {CVE-2021-46972}
- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm/vsyscall: Consider vsyscall page part of user address space (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Add vsyscall address helper (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- mm/swap: fix race when skipping swapcache (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- swap: fix do_swap_page() race with swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/swapfile: use percpu_ref to serialize against concurrent swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() (Rafael Aquini) [RHEL-29294] {CVE-2023-52560}
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-29783]
- block: null_blk: Fix handling of fake timeout request (Ming Lei) [RHEL-8130]
- null_blk: fix poll request timeout handling (Ming Lei) [RHEL-8130]
- block: null_blk: end timed out poll request (Ming Lei) [RHEL-8130]
- block: null_blk: only set set->nr_maps as 3 if active poll_queues is > 0 (Ming Lei) [RHEL-8130]
- null_blk: allow zero poll queues (Ming Lei) [RHEL-8130]
- null_blk: Fix handling of submit_queues and poll_queues attributes (Ming Lei) [RHEL-8130]
- null_blk: poll queue support (Ming Lei) [RHEL-8130]
- null_blk: fix command timeout completion handling (Ming Lei) [RHEL-8130]
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Prarit Bhargava) [RHEL-27790] {CVE-2021-47073}
- Bluetooth: avoid memcmp() out of bounds warning (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix coding style (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix using memcmp when comparing keys (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: Reject connection with the device which has same BD_ADDR (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Ignore NULL link key (David Marlin) [RHEL-3017] {CVE-2020-26555}
- ppp_async: limit MRU to 64K (Guillaume Nault) [RHEL-31353] {CVE-2024-26675}
- powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (Mamatha Inamdar) [RHEL-37078] {CVE-2023-52675}
- tcp: do not accept ACK of bytes we never sent (Xin Long) [RHEL-21952]
Resolves: RHEL-21952, RHEL-27306, RHEL-27790, RHEL-29294, RHEL-29783, RHEL-3017, RHEL-31353, RHEL-31644, RHEL-31814, RHEL-33162, RHEL-33166, RHEL-35361, RHEL-36048, RHEL-37058, RHEL-37078, RHEL-8130

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This commit is contained in:
Denys Vlasenko 2024-05-29 22:37:37 +02:00
parent e84ea13bd0
commit a46af5247a
2 changed files with 41 additions and 4 deletions

View File

@ -38,10 +38,10 @@
# define buildid .local # define buildid .local
%define specversion 4.18.0 %define specversion 4.18.0
%define pkgrelease 553.5.1.el8_10 %define pkgrelease 553.6.1.el8_10
# allow pkg_release to have configurable %%{?dist} tag # allow pkg_release to have configurable %%{?dist} tag
%define specrelease 553.5.1%{?dist} %define specrelease 553.6.1%{?dist}
%define pkg_release %{specrelease}%{?buildid} %define pkg_release %{specrelease}%{?buildid}
@ -2696,6 +2696,43 @@ fi
# #
# #
%changelog %changelog
* Wed May 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.6.1.el8_10]
- powerpc/powernv: Add a null pointer check in opal_event_init() (Mamatha Inamdar) [RHEL-37058] {CVE-2023-52686}
- crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-35361]
- crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-35361]
- KEYS: use kfree_sensitive with key (Vladis Dronov) [RHEL-35361]
- lib/mpi: Extend the MPI library (only mpi_*_bit() part) (Vladis Dronov) [RHEL-35361]
- net: ip_tunnel: prevent perpetual headroom growth (Felix Maurer) [RHEL-31814] {CVE-2024-26804}
- s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-36048]
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (Kamal Heib) [RHEL-33162] {CVE-2024-26907}
- ovl: fix leaked dentry (Miklos Szeredi) [RHEL-27306] {CVE-2021-46972}
- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm/vsyscall: Consider vsyscall page part of user address space (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Add vsyscall address helper (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- mm/swap: fix race when skipping swapcache (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- swap: fix do_swap_page() race with swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/swapfile: use percpu_ref to serialize against concurrent swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() (Rafael Aquini) [RHEL-29294] {CVE-2023-52560}
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-29783]
- block: null_blk: Fix handling of fake timeout request (Ming Lei) [RHEL-8130]
- null_blk: fix poll request timeout handling (Ming Lei) [RHEL-8130]
- block: null_blk: end timed out poll request (Ming Lei) [RHEL-8130]
- block: null_blk: only set set->nr_maps as 3 if active poll_queues is > 0 (Ming Lei) [RHEL-8130]
- null_blk: allow zero poll queues (Ming Lei) [RHEL-8130]
- null_blk: Fix handling of submit_queues and poll_queues attributes (Ming Lei) [RHEL-8130]
- null_blk: poll queue support (Ming Lei) [RHEL-8130]
- null_blk: fix command timeout completion handling (Ming Lei) [RHEL-8130]
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Prarit Bhargava) [RHEL-27790] {CVE-2021-47073}
- Bluetooth: avoid memcmp() out of bounds warning (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix coding style (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix using memcmp when comparing keys (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: Reject connection with the device which has same BD_ADDR (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Ignore NULL link key (David Marlin) [RHEL-3017] {CVE-2020-26555}
- ppp_async: limit MRU to 64K (Guillaume Nault) [RHEL-31353] {CVE-2024-26675}
- powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (Mamatha Inamdar) [RHEL-37078] {CVE-2023-52675}
- tcp: do not accept ACK of bytes we never sent (Xin Long) [RHEL-21952]
* Mon May 20 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.5.1.el8_10] * Mon May 20 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.5.1.el8_10]
- tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-29238] - tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-29238]
- tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-29238] - tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-29238]

View File

@ -1,3 +1,3 @@
SHA512 (linux-4.18.0-553.5.1.el8_10.tar.xz) = 2a117fc1f444c51e45871df95a40ad6db04c70505c6e483ef2f7bc76c376fa8e47f6a597119564e50e1149c06bd3437a481baf0fb1b5d91f215bb7135987f1a5 SHA512 (linux-4.18.0-553.6.1.el8_10.tar.xz) = e1d8fe9f7b91d7db41708bcc54a13232509e143798d1c036d26d69ae18f54ef5f49b7fb25fc0bece6fcaa09abb38b881e33a47c3834b4d34ef05b30b47dd3536
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 9ba75e6231c2d95cb9c086faab46a4c1bb0a206180e5d501e14d3705e027d6d888272334dfbbe096f5ce318de50528540b30b44f328a511edc6a14072992a823 SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 5a764018932c1dacc5d5922de457ca5a1c50b5132caf5a863cd2562ab14086e57238191877377f2646f4044f65d6d3731f4d6b51436d386b4f8ebabd128f1dc9
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf