hpsa: bring back deprecated PCI ids #CFHack #CFHack2024

mptsas: bring back deprecated PCI ids #CFHack #CFHack2024

megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024

qla2xxx: bring back deprecated PCI ids #CFHack #CFHack2024

qla4xxx: bring back deprecated PCI ids

lpfc: bring back deprecated PCI ids

be2iscsi: bring back deprecated PCI ids

kernel/rh_messages.h: enable all disabled pci devices by moving to unmaintained

Use AlmaLinux OS secure boot cert

Debrand for AlmaLinux OS

Add KVM support for ppc64le

.gitignore

@@ -1,6 +1,6 @@
-SOURCES/kernel-abi-stablelists-5.14.0-570.19.1.el9_6.tar.bz2
-SOURCES/kernel-kabi-dw-5.14.0-570.19.1.el9_6.tar.bz2
-SOURCES/linux-5.14.0-570.19.1.el9_6.tar.xz
+SOURCES/kernel-abi-stablelists-5.14.0-570.21.1.el9_6.tar.bz2
+SOURCES/kernel-kabi-dw-5.14.0-570.21.1.el9_6.tar.bz2
+SOURCES/linux-5.14.0-570.21.1.el9_6.tar.xz
 SOURCES/nvidiagpuoot001.x509
 SOURCES/olima1.x509
 SOURCES/olimaca1.x509

.kernel.metadata

@@ -1,6 +1,6 @@
-c9e154826ee4a13cf3671320a9811dd56be12cb3 SOURCES/kernel-abi-stablelists-5.14.0-570.19.1.el9_6.tar.bz2
-c27dfb1a6f17624fb9cca06b9f70aacb765cd95e SOURCES/kernel-kabi-dw-5.14.0-570.19.1.el9_6.tar.bz2
-606aa1aaa9d1defac76cbb47dfc1782c55998794 SOURCES/linux-5.14.0-570.19.1.el9_6.tar.xz
+51dad9e6359227ee71542273caf0e4a49d5bd1dc SOURCES/kernel-abi-stablelists-5.14.0-570.21.1.el9_6.tar.bz2
+6909c898143ff5188494043be7f22f98542b8d79 SOURCES/kernel-kabi-dw-5.14.0-570.21.1.el9_6.tar.bz2
+85597a937c7d26aa36d3aa1150c0afe01037114a SOURCES/linux-5.14.0-570.21.1.el9_6.tar.xz
 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
 706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
 6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509

SOURCES/Makefile.rhelver

@@ -12,7 +12,7 @@ RHEL_MINOR = 6
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 570.19.1
+RHEL_RELEASE = 570.21.1
 
 #
 # ZSTREAM

SOURCES/kernel.changelog

@@ -1,3 +1,15 @@
+* Tue Jun 03 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.21.1.el9_6]
+- xsk: fix an integer overflow in xp_create_and_assign_umem() (CKI Backport Bot) [RHEL-87911] {CVE-2025-21997}
+- vlan: enforce underlying device type (Guillaume Nault) [RHEL-87884] {CVE-2025-21920}
+- net: fix geneve_opt length integer overflow (Guillaume Nault) [RHEL-87974] {CVE-2025-22055}
+- net: gso: fix ownership in __udp_gso_segment (CKI Backport Bot) [RHEL-88333] {CVE-2025-21926}
+Resolves: RHEL-87884, RHEL-87911, RHEL-87974, RHEL-88333
+
+* Sun Jun 01 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.20.1.el9_6]
+- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (CKI Backport Bot) [RHEL-93253] {CVE-2025-37943}
+- ext4: fix OOB read when checking dotdot dir (CKI Backport Bot) [RHEL-87985] {CVE-2025-37785}
+Resolves: RHEL-87985, RHEL-93253
+
 * Sat May 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.19.1.el9_6]
 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os (David Arcari) [RHEL-87254] {CVE-2022-3424}
 - ndisc: use RCU protection in ndisc_alloc_skb() (Xin Long) [RHEL-89546] {CVE-2025-21764}

SPECS/kernel.spec

@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 570.19.1
+%define pkgrelease 570.21.1
 %define kversion 5
-%define tarfile_release 5.14.0-570.19.1.el9_6
+%define tarfile_release 5.14.0-570.21.1.el9_6
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 570.19.1%{?buildid}%{?dist}
+%define specrelease 570.21.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-570.19.1.el9_6
+%define kabiversion 5.14.0-570.21.1.el9_6
 
 #
 # End of genspec.sh variables
@@ -3863,7 +3863,7 @@ fi
 #
 #
 %changelog
-* Wed Jun 04 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 5.14.0-570.19.1
+* Wed Jun 11 2025 Andrei Lukoshko <alukoshko@almalinux.org> - 5.14.0-570.21.1
 - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
 - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
 - megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
@@ -3874,11 +3874,21 @@ fi
 - kernel/rh_messages.h: enable all disabled pci devices by moving to
   unmaintained
 
-* Wed Jun 04 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-570.19.1
+* Wed Jun 11 2025 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-570.21.1
 - Use AlmaLinux OS secure boot cert
 - Debrand for AlmaLinux OS
 - Add KVM support for ppc64le
 
+* Tue Jun 03 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.21.1.el9_6]
+- xsk: fix an integer overflow in xp_create_and_assign_umem() (CKI Backport Bot) [RHEL-87911] {CVE-2025-21997}
+- vlan: enforce underlying device type (Guillaume Nault) [RHEL-87884] {CVE-2025-21920}
+- net: fix geneve_opt length integer overflow (Guillaume Nault) [RHEL-87974] {CVE-2025-22055}
+- net: gso: fix ownership in __udp_gso_segment (CKI Backport Bot) [RHEL-88333] {CVE-2025-21926}
+
+* Sun Jun 01 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.20.1.el9_6]
+- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (CKI Backport Bot) [RHEL-93253] {CVE-2025-37943}
+- ext4: fix OOB read when checking dotdot dir (CKI Backport Bot) [RHEL-87985] {CVE-2025-37785}
+
 * Sat May 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.19.1.el9_6]
 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os (David Arcari) [RHEL-87254] {CVE-2022-3424}
 - ndisc: use RCU protection in ndisc_alloc_skb() (Xin Long) [RHEL-89546] {CVE-2025-21764}