diff --git a/kernel.spec b/kernel.spec index af21b9766..e659998c4 100644 --- a/kernel.spec +++ b/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.10.1.el8_10 +%define pkgrelease 553.11.1.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.10.1%{?dist} +%define specrelease 553.11.1%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2696,6 +2696,101 @@ fi # # %changelog +* Wed Jul 03 2024 Denys Vlasenko [4.18.0-553.11.1.el8_10] +- x86/bugs: Reverse instruction order of CLEAR_CPU_BUFFERS (Waiman Long) [RHEL-42121] +- Revert "x86/bugs: Use fixed addressing for VERW operand" (Waiman Long) [RHEL-42121] +- KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests (Waiman Long) [RHEL-42121] +- x86/rfds: Mitigate Register File Data Sampling (RFDS) (Waiman Long) [RHEL-42121] +- Documentation/hw-vuln: Add documentation for RFDS (Waiman Long) [RHEL-42121] +- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (Waiman Long) [RHEL-42121] +- x86/bugs: Use fixed addressing for VERW operand (Waiman Long) [RHEL-42121] +- KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (Waiman Long) [RHEL-42121] +- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (Waiman Long) [RHEL-42121] +- x86/entry_32: Add VERW just before userspace transition (Waiman Long) [RHEL-42121] +- x86/entry_64: Add VERW just before userspace transition (Waiman Long) [RHEL-42121] +- x86/bugs: Add asm helpers for executing VERW (Waiman Long) [RHEL-42121] +- x86/cpu: Fix Gracemont uarch (Waiman Long) [RHEL-42121] +- Documentation/hw-vuln: Unify filename specification in index (Waiman Long) [RHEL-42121] +- KVM: VMX: Access @flags as a 32-bit value in __vmx_vcpu_run() (Waiman Long) [RHEL-42121] +- x86/asm: Add _ASM_RIP() macro for x86-64 (%%rip) suffix (Waiman Long) [RHEL-42121] +- x86/asm: Have the __ASM_FORM macros handle commas in arguments (Waiman Long) [RHEL-42121] +- x86/asm: Allow to pass macros to __ASM_FORM() (Waiman Long) [RHEL-42121] +- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (Jose Ignacio Tornos Martinez) [RHEL-39801] {CVE-2024-36921} +- ipv6: Fix potential uninit-value access in __ip6_make_skb() (Antoine Tenart) [RHEL-39784] +- ipv4: Fix uninit-value access in __ip_make_skb() (Antoine Tenart) [RHEL-39784] {CVE-2024-36927} +- perf mmap: Lazily initialize zstd streams to save memory when not using it (Michael Petlan) [RHEL-34876] +- perf tools: Fix spelling mistake "commpressor" -> "compressor" (Michael Petlan) [RHEL-34876] +- perf record: Introduce data transferred and compressed stats (Michael Petlan) [RHEL-34876] +- perf record: Introduce compressor at mmap buffer object (Michael Petlan) [RHEL-34876] +- perf record: Introduce bytes written stats (Michael Petlan) [RHEL-34876] +- perf record: Introduce data file at mmap buffer object (Michael Petlan) [RHEL-34876] +- perf record: Start threads in the beginning of trace streaming (Alexey Bayduraev) [RHEL-34876] +- perf record: Stop threads in the end of trace streaming (Michael Petlan) [RHEL-34876] +- perf record: Introduce thread local variable (Michael Petlan) [RHEL-34876] +- perf record: Introduce function to propagate control commands (Michael Petlan) [RHEL-34876] +- perf record: Introduce thread specific data array (Michael Petlan) [RHEL-34876] +- tools lib: Introduce fdarray duplicate function (Michael Petlan) [RHEL-34876] +- perf record: Introduce thread affinity and mmap masks (Michael Petlan) [RHEL-34876] +- gfs2: Be more careful with the quota sync generation (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Get rid of some unnecessary quota locking (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Add some missing quota locking (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Fold qd_fish into gfs2_quota_sync (Andreas Gruenbacher) [RHEL-40901] +- gfs2: quota need_sync cleanup (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Fix and clean up function do_qc (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Revert "Add quota_change type" (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Revert "ignore negated quota changes" (Andreas Gruenbacher) [RHEL-40901] +- gfs2: qd_check_sync cleanups (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Check quota consistency on mount (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Minor gfs2_quota_init error path cleanup (Andreas Gruenbacher) [RHEL-40901] +- gfs2: fix kernel BUG in gfs2_quota_cleanup (Edward Adam Davis) [RHEL-40901] +- gfs2: Clean up quota.c:print_message (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Clean up gfs2_alloc_parms initializers (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Two quota=account mode fixes (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Remove useless assignment (Bob Peterson) [RHEL-40901] +- gfs2: simplify slot_get (Bob Peterson) [RHEL-40901] +- gfs2: Simplify qd2offset (Bob Peterson) [RHEL-40901] +- gfs2: Remove quota allocation info from quota file (Bob Peterson) [RHEL-40901] +- gfs2: use constant for array size (Bob Peterson) [RHEL-40901] +- gfs2: Set qd_sync_gen in do_sync (Bob Peterson) [RHEL-40901] +- gfs2: Remove useless err set (Bob Peterson) [RHEL-40901] +- gfs2: Small gfs2_quota_lock cleanup (Bob Peterson) [RHEL-40901] +- gfs2: move qdsb_put and reduce redundancy (Bob Peterson) [RHEL-40901] +- gfs2: Don't try to sync non-changes (Bob Peterson) [RHEL-40901] +- gfs2: Simplify function need_sync (Bob Peterson) [RHEL-40901] +- gfs2: remove unneeded pg_oflow variable (Bob Peterson) [RHEL-40901] +- gfs2: remove unneeded variable done (Bob Peterson) [RHEL-40901] +- gfs2: pass sdp to gfs2_write_buf_to_page (Bob Peterson) [RHEL-40901] +- gfs2: pass sdp in to gfs2_write_disk_quota (Bob Peterson) [RHEL-40901] +- gfs2: Pass sdp to gfs2_adjust_quota (Bob Peterson) [RHEL-40901] +- gfs2: remove dead code for quota writes (Bob Peterson) [RHEL-40901] +- gfs2: Use qd_sbd more consequently (Bob Peterson) [RHEL-40901] +- gfs2: replace 'found' with dedicated list iterator variable (Jakob Koschel) [RHEL-40901] +- gfs2: Some whitespace cleanups (Andreas Gruenbacher) [RHEL-40901] +- gfs2: Fix gfs2_qa_get imbalance in gfs2_quota_hold (Bob Peterson) [RHEL-40901] +- af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (Guillaume Nault) [RHEL-43961] {CVE-2024-38596} +- af_unix: Fix data-races around sk->sk_shutdown. (Guillaume Nault) [RHEL-43961] {CVE-2024-38596} +- af_unix: Fix data races around sk->sk_shutdown. (Guillaume Nault) [RHEL-43961] {CVE-2024-38596} +- perf/core: Fix event sibling list locking (Daniel Vacek) [RHEL-31798] +- media: bttv: fix use after free error due to btv->timeout timer (Kate Hsuan) [RHEL-38256] {CVE-2023-52847} +- arp: Prevent overflow in arp_req_get(). (Antoine Tenart) [RHEL-31706] {CVE-2024-26733} +- Bluetooth: btusb: Add a new PID/VID 0489/e0c8 for MT7921 (David Marlin) [RHEL-10263] +- mm: swap: fix race between free_swap_and_cache() and swapoff() (Waiman Long) [RHEL-34971] {CVE-2024-26960} +- swap: comments get_swap_device() with usage rule (Waiman Long) [RHEL-34971] {CVE-2024-26960} +- mm/swapfile.c: __swap_entry_free() always free 1 entry (Waiman Long) [RHEL-34971] {CVE-2024-26960} +- mm/swapfile.c: call free_swap_slot() in __swap_entry_free() (Waiman Long) [RHEL-34971] {CVE-2024-26960} +- mm/swapfile.c: use __try_to_reclaim_swap() in free_swap_and_cache() (Waiman Long) [RHEL-34971] {CVE-2024-26960} +- net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43788] {CVE-2022-48743} +- ovl: fix warning in ovl_create_real() (cki-backport-bot) [RHEL-43652] {CVE-2021-47579} +- net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35056] +- net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35056] {CVE-2024-27010} +- ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (Pavel Reichl) [RHEL-45029] {CVE-2024-39276} +- ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Ken Cox) [RHEL-38713] {CVE-2021-47548} +- ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Hangbin Liu) [RHEL-44396] {CVE-2024-33621} +- mlxsw: spectrum_acl_tcam: Fix stack corruption (Ivan Vecera) [RHEL-26462] {CVE-2024-26586} +- inet: inet_defrag: prevent sk release while still in use (Antoine Tenart) [RHEL-33398] {CVE-2024-26921} +- skb_expand_head() adjust skb->truesize incorrectly (Antoine Tenart) [RHEL-33398] +- nvmet: fix ns enable/disable possible hang (Ming Lei) [RHEL-43547] + * Fri Jun 28 2024 Denys Vlasenko [4.18.0-553.10.1.el8_10] - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (Scott Mayhew) [RHEL-38264] {CVE-2023-52803} - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-39717] {CVE-2024-36025} diff --git a/sources b/sources index d6bafac0b..5861e7991 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-553.10.1.el8_10.tar.xz) = 6b12c5cb6e7ea2147023892e847c092b39800f15468b118641d34aed38b9e65284091d9938e5be37f25d71e1263026700970ceda06ebb10a48f4bfb1af4d0e6f -SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 864378ecd12e02c035b33241415b81584fcec9f692c5ca4ce5a07ad26b48c7225bd36d5585426113b9e11170722fcb3422a61240c204f423ff64235bfa9e9ac6 +SHA512 (linux-4.18.0-553.11.1.el8_10.tar.xz) = 30bb98192c1cd91d5a52b6255893b09c8d44abfe0970fcdf79ac6192aaad0b36db9bbac6be30075fcf04074a17bcd15165ab15c988892cceb563784808634851 +SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 0044a0cf192c8257a4724fe17a26f5e61c8fae8e4ef63bbfebb2e02b28db91e3c45f2332d4068226e09ba9cb75e47d5b9eb48e2628533f7f248adc7493bce1e4 SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf