Merge branch 'c8' into a8

This commit is contained in:
Andrew Lukoshko 2023-12-02 09:56:26 +00:00
commit e4139feded
3 changed files with 60 additions and 6 deletions

2
.gitignore vendored
View File

@ -2,7 +2,7 @@ SOURCES/centossecureboot201.cer
SOURCES/centossecurebootca2.cer
SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
SOURCES/linux-4.18.0-513.5.1.el8_9.tar.xz
SOURCES/linux-4.18.0-513.9.1.el8_9.tar.xz
SOURCES/redhatsecureboot302.cer
SOURCES/redhatsecureboot303.cer
SOURCES/redhatsecureboot501.cer

View File

@ -1,8 +1,8 @@
2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
1b80f3713df5b69a8f2db146d970264f3c0bd634 SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
d23322be97d0641ecaf432900ace3c5ee7987c5b SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
b24e12fe467bffa371c13a72fda5e583189a2616 SOURCES/linux-4.18.0-513.5.1.el8_9.tar.xz
b7c81f7a4572b627bf2df9213d715e3e74c1c394 SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
26df1b50927ada39cecb1b9e86331fcbd0c21c65 SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
b66c16f3dbd5a47089d5552283162e6b403b3919 SOURCES/linux-4.18.0-513.9.1.el8_9.tar.xz
13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer

View File

@ -38,10 +38,10 @@
# define buildid .local
%define rpmversion 4.18.0
%define pkgrelease 513.5.1.el8_9
%define pkgrelease 513.9.1.el8_9
# allow pkg_release to have configurable %%{?dist} tag
%define specrelease 513.5.1%{?dist}
%define specrelease 513.9.1%{?dist}
%define pkg_release %{specrelease}%{?buildid}
@ -2691,6 +2691,60 @@ fi
#
#
%changelog
* Thu Nov 16 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.9.1.el8_9]
- ice: reset first in crash dump kernels (Petr Oros) [2244625 2139761]
- nvmet-tcp: Fix a possible UAF in queue intialization setup (John Meneghini) [RHEL-11507 RHEL-11509] {CVE-2023-5178}
- block: check_events: don't bother with events if unsupported (Ming Lei) [RHEL-15052 RHEL-2407]
- Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (Ming Lei) [RHEL-15052 RHEL-2407]
- Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (Ming Lei) [RHEL-15052 RHEL-2407]
- block: disk_events: introduce event flags (Ming Lei) [RHEL-15052 RHEL-2407]
- block: genhd: remove async_events field (Ming Lei) [RHEL-15052 RHEL-2407]
- net: virtio_net_hdr_to_skb: count transport header in UFO (Cindy Lu) [RHEL-16332 RHEL-6030]
- x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5764 RHEL-3656]
* Thu Nov 09 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.8.1.el8_9]
- cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15159 RHEL-7930] {CVE-2023-1192}
- ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-12371 RHEL-5742]
- sched/rt: Fix bad task migration for rt tasks (Valentin Schneider) [RHEL-11682 RHEL-3872]
- bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-13049 RHEL-7534] {CVE-2023-2163}
* Thu Nov 02 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.7.1.el8_9]
- sched/fair: Block nohz tick_stop when cfs bandwidth in use (Phil Auld) [RHEL-12723 RHEL-2527]
- sched, cgroup: Restore meaning to hierarchical_quota (Phil Auld) [RHEL-12723 RHEL-2527]
- sched/fair: Hide unused init_cfs_bandwidth() stub (Phil Auld) [RHEL-12723 RHEL-2527]
* Thu Oct 26 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.6.1.el8_9]
- redhat: fix bug/zjira sort in the changelog (Patrick Talbert)
- CI: Remove unused kpet_tree_family (Nikolai Kondrashov)
- redhat: set default zstream brew target for 8.9 (Patrick Talbert)
- rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12689 RHEL-11241]
- rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12689 RHEL-11241]
- rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12689 RHEL-11241]
- rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12689 RHEL-11241]
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
- media: dvb_ca_en50221: fix a size write bug (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
- media: dvb_ca_en50221: avoid speculation from CA slot (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
- media: dvb-core: fix epoll() by calling poll_wait first (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
- media: dvb_ca_en50221: off by one in dvb_ca_en50221_io_do_ioctl() (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
- iavf: schedule a request immediately after add/delete vlan (Petr Oros) [2240750 2231174]
- iavf: add iavf_schedule_aq_request() helper (Petr Oros) [2240750 2231174]
- bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) [RHEL-6123 2229965]
- media: dvb-core: Fix use-after-free due on race condition at dvb_net (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886}
- media: dvb_net: avoid speculation from net slot (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886}
- mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() (Rafael Aquini) [RHEL-11588 RHEL-3652]
- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10393 RHEL-3379]
- net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-12295 RHEL-7185] {CVE-2023-3812}
- ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-11331 RHEL-10997]
- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- media: dvbdev: fix refcnt bug (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- media: dvbdev: adopts refcnt to avoid UAF (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- media: dvbdev: fix error logic at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- media: dvbdev: Fix memleak in dvb_register_device (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- media: media/dvb: Use kmemdup rather than duplicating its implementation (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- media: dvbdev: remove double-unlock (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
- bpf: Adjust insufficient default bpf_jit_limit (Viktor Malik) [2243011 2219567]
- bpf: Prevent increasing bpf_jit_limit above max (Viktor Malik) [2243011 2219567]
* Fri Sep 29 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.5.1.el8_9]
- redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski)
- Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539]