diff --git a/kernel.spec b/kernel.spec index 2db7d1509..85dba6dbe 100644 --- a/kernel.spec +++ b/kernel.spec @@ -12,7 +12,7 @@ # change below to w4T.xzdio): %define _binary_payload w3T.xzdio -%global distro_build 493 +%global distro_build 494 # Sign the x86_64 kernel for secure boot authentication %ifarch x86_64 aarch64 s390x ppc64le @@ -38,10 +38,10 @@ # define buildid .local %define rpmversion 4.18.0 -%define pkgrelease 493.el8 +%define pkgrelease 494.el8 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 493%{?dist} +%define specrelease 494%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2695,6 +2695,72 @@ fi # # %changelog +* Mon May 22 2023 Denys Vlasenko [4.18.0-494.el8] +- net/sched: sch_fq: fix integer overflow of "credit" (Davide Caratti) [2187718] +- net: sched: gred: prevent races when adding offloads to stats (Davide Caratti) [2187718] +- sch_htb: Avoid grafting on htb_destroy_class_offload when destroying htb (Davide Caratti) [2187718] +- net/sched: act_mpls: Fix warning during failed attribute validation (Davide Caratti) [2187718] +- net: sched: fix memory leak in tcindex_set_parms (Davide Caratti) [2187718] +- net_sched: reject TCF_EM_SIMPLE case for complex ematch module (Davide Caratti) [2187718] +- net: sched: Fix use after free in red_enqueue() (Davide Caratti) [2187718] +- net: sched: fix race condition in qdisc_graft() (Davide Caratti) [2187718] +- net: sched: sfb: fix null pointer access issue when sfb_init() fails (Davide Caratti) [2187718] +- net/sched: cls_api: Fix flow action initialization (Davide Caratti) [2187718] +- scsi: lpfc: Update inbox lpfc driver for RHEL 8.9 to 14.0.0.21. (Paul Ely) [2165048] +- scsi: lpfc: Copyright updates for 14.2.0.11 patches (Paul Ely) [2165048] +- scsi: lpfc: Copyright updates for 14.2.0.10 patches (Paul Ely) [2165048] +- scsi: lpfc: Defer issuing new PLOGI if received RSCN before completing REG_LOGIN (Paul Ely) [2165048] +- scsi: lpfc: Record LOGO state with discovery engine even if aborted (Paul Ely) [2165048] +- scsi: lpfc: Fix lockdep warning for rx_monitor lock when unloading driver (Paul Ely) [2165048] +- scsi: lpfc: Reorder freeing of various DMA buffers and their list removal (Paul Ely) [2165048] +- scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (Paul Ely) [2165048] +- scsi: lpfc: Introduce new attention types for lpfc_sli4_async_fc_evt() handler (Paul Ely) [2165048] +- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write (Paul Ely) [2165048] +- scsi: lpfc: Exit PRLI completion handling early if ndlp not in PRLI_ISSUE state (Paul Ely) [2165048] +- scsi: lpfc: Remove duplicate ndlp kref decrement in lpfc_cleanup_rpis() (Paul Ely) [2165048] +- scsi: lpfc: Remove redundant clean up code in disable_vport() (Paul Ely) [2165048] +- scsi: lpfc: Fix crash involving race between FLOGI timeout and devloss handler (Paul Ely) [2165048] +- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (Ricardo Robaina) [2192680] {CVE-2023-2248 CVE-2023-31436} +- vfio/ccw: remove old IDA format restrictions (Tobias Huschle) [2187662] +- vfio/ccw: handle a guest Format-1 IDAL (Tobias Huschle) [2187662] +- vfio/ccw: allocate/populate the guest idal (Tobias Huschle) [2187662] +- vfio/ccw: calculate number of IDAWs regardless of format (Tobias Huschle) [2187662] +- vfio/ccw: read only one Format-1 IDAW (Tobias Huschle) [2187662] +- vfio/ccw: refactor the idaw counter (Tobias Huschle) [2187662] +- vfio/ccw: populate page_array struct inline (Tobias Huschle) [2187662] +- vfio/ccw: record the page offset in struct pfn_array (Tobias Huschle) [2187662] +- vfio/ccw: pass page count to page_array struct (Tobias Huschle) [2187662] +- vfio/ccw: simplify CCW chain fetch routines (Tobias Huschle) [2187662] +- vfio/ccw: move where IDA flag is set in ORB (Tobias Huschle) [2187662] +- vfio/ccw: allow non-zero storage keys (Tobias Huschle) [2187662] +- iavf: remove active_cvlans and active_svlans bitmaps (Stefan Assmann) [2153349] +- iavf: refactor VLAN filter states (Stefan Assmann) [2153349] +- iavf: do not track VLAN 0 filters (Stefan Assmann) [2153349] +- iavf: fix non-tunneled IPv6 UDP packet type and hashing (Stefan Assmann) [2153349] +- iavf: fix inverted Rx hash condition leading to disabled hash (Stefan Assmann) [2153349] +- net/sched: move struct tc_mqprio_qopt_offload from pkt_cls.h to pkt_sched.h (Stefan Assmann) [2153349] +- iavf/iavf_main: actually log ->src mask when talking about it (Stefan Assmann) [2153349] +- iavf: Fix VF driver counting VLAN 0 filters (Stefan Assmann) [2153349] +- iavf: Change information about device removal in dmesg (Stefan Assmann) [2153349] +- iavf: Replace __FUNCTION__ with __func__ (Stefan Assmann) [2153349] +- net: Remove the obsolte u64_stats_fetch_*_irq() users (drivers). (Stefan Assmann) [2153349] +- ipv4: prevent potential spectre v1 gadget in fib_metrics_match() (Guillaume Nault) [2188040] +- ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() (Guillaume Nault) [2188040] +- ipv4: Fix error return code in fib_table_insert() (Guillaume Nault) [2188040] +- ipv4: drop dst in multicast routing path (Guillaume Nault) [2188040] +- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() (Guillaume Nault) [2188040] +- xfrm: Zero padding when dumping algos and encap (Sabrina Dubroca) [2189212] +- xfrm: redact SA secret with lockdown confidentiality (Sabrina Dubroca) [2189212] +- xfrm: fix bug with DSCP copy to v6 from v4 tunnel (Sabrina Dubroca) [2189212] +- xfrm: enforce validity of offload input flags (Sabrina Dubroca) [2189212] +- ice: Remove LAG+SRIOV mutual exclusion (Michal Schmidt) [2120585] +- ext4: correct the misjudgment in ext4_iget_extra_inode (Carlos Maiolino) [2193101] +- ext4: correct max_inline_xattr_value_size computing (Carlos Maiolino) [2193101] +- ext4: fix use-after-free in ext4_xattr_set_entry (Carlos Maiolino) [2193101] {CVE-2023-2513} +- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (Carlos Maiolino) [2193101] +- ixgbevf: Fix resource leak in ixgbevf_init_module() (Ken Cox) [2153374] +- ixgbevf: Add error messages on vlan error (Ken Cox) [2153374] + * Tue May 16 2023 Denys Vlasenko [4.18.0-493.el8] - kunit: make kunit_test_timeout compatible with comment (Nico Pache) [2168375] - kunit: fix assert_type for comparison macros (Nico Pache) [2168375] diff --git a/sources b/sources index b33b1f10f..32d824749 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-493.el8.tar.xz) = 24426fe9420a059c22e24aab87d2cbb2bdcad23e274d1c1a8d452ec37254e72e260b92a9ca7cd042b341a19160c206127bcd1b637ae6a1d342666bd047e528cc -SHA512 (kernel-abi-stablelists-4.18.0-493.tar.bz2) = 403eed67ec0207cd3d204db91e7354c73a28e680522b7f6d2b108ffcd867aac45792d837160647fdb0380b706e6826537eac62da7d43d1c639ff56838bc0601b -SHA512 (kernel-kabi-dw-4.18.0-493.tar.bz2) = 526cbd9b8931723a1ade3be739f2d086403966c7d5863fcfb243da0424adbf6a156facdeaa4bbefd16a1743259f5c45a95238708260229b36f9d3694471a24d0 +SHA512 (linux-4.18.0-494.el8.tar.xz) = f2418883518df149763eb4d0ab38f1063fb1b94633e8012567f095a458687968faef8a52ec1ecafd7af9028b5a4216e8bbe6426c83939458c62eddd5878e2be2 +SHA512 (kernel-abi-stablelists-4.18.0-494.tar.bz2) = 2be4e970bfdb79ee423456dcd2eee39ff46d0fcef7b5f66b72b9d642c7ae671b39eec7fa547dbb0fb418c7114d5fa6bb0445aed2b02e474604136060e30bd077 +SHA512 (kernel-kabi-dw-4.18.0-494.tar.bz2) = 526cbd9b8931723a1ade3be739f2d086403966c7d5863fcfb243da0424adbf6a156facdeaa4bbefd16a1743259f5c45a95238708260229b36f9d3694471a24d0