diff --git a/.gitignore b/.gitignore
index 050bc0519..82bdc01e5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,7 +1,9 @@
-SOURCES/kernel-abi-stablelists-5.14.0-503.11.1.el9_5.tar.bz2
-SOURCES/kernel-kabi-dw-5.14.0-503.11.1.el9_5.tar.bz2
-SOURCES/linux-5.14.0-503.11.1.el9_5.tar.xz
+SOURCES/kernel-abi-stablelists-5.14.0-503.14.1.el9_5.tar.bz2
+SOURCES/kernel-kabi-dw-5.14.0-503.14.1.el9_5.tar.bz2
+SOURCES/linux-5.14.0-503.14.1.el9_5.tar.xz
 SOURCES/nvidiagpuoot001.x509
+SOURCES/olima1.x509
+SOURCES/olimaca1.x509
 SOURCES/rheldup3.x509
 SOURCES/rhelima.x509
 SOURCES/rhelima_centos.x509
diff --git a/.kernel.metadata b/.kernel.metadata
index c513336a8..92bb936db 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,7 +1,9 @@
-698c7316cba7a757d7e9388067de6a473d60b30d SOURCES/kernel-abi-stablelists-5.14.0-503.11.1.el9_5.tar.bz2
-fce46b31961fd6ae1d1455ea6fcd390ac488544a SOURCES/kernel-kabi-dw-5.14.0-503.11.1.el9_5.tar.bz2
-d398fe8d92b217b2717301e60754fbcdabf421a1 SOURCES/linux-5.14.0-503.11.1.el9_5.tar.xz
+540a1ffaf8cf2db9c8ea53b37750f63303a5bbb7 SOURCES/kernel-abi-stablelists-5.14.0-503.14.1.el9_5.tar.bz2
+6a94c9e2209f272b809bbc3c396ce4faf4006126 SOURCES/kernel-kabi-dw-5.14.0-503.14.1.el9_5.tar.bz2
+e33f827fbee2a7809a5eb6b6561f2cf46c262179 SOURCES/linux-5.14.0-503.14.1.el9_5.tar.xz
 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
+706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
+6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509
 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
 99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509
 61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509
diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver
index 7b96099ea..e354c82c5 100644
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 5
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 503.11.1
+RHEL_RELEASE = 503.14.1
 
 #
 # ZSTREAM
diff --git a/SOURCES/kernel.changelog b/SOURCES/kernel.changelog
index 3b42a74d2..3bf617614 100644
--- a/SOURCES/kernel.changelog
+++ b/SOURCES/kernel.changelog
@@ -1,3 +1,37 @@
+* Thu Nov 07 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.14.1.el9_5]
+- ext4: fix off by one issue in alloc_flex_gd() (Pavel Reichl) [RHEL-65318]
+- ping: fix address binding wrt vrf (Antoine Tenart) [RHEL-57564 RHEL-50920]
+- smb: client: stop flooding dmesg in smb2_calc_signature() (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: print failed session logoffs with FYI (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: propagate error from cifs_construct_tcon() (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: fix DFS failover in multiuser mounts (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: fix DFS interlink failover (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: improve purging of cached referrals (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: avoid unnecessary reconnects when refreshing referrals (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (Paulo Alcantara) [RHEL-36346 RHEL-57983]
+- smb: client: fix deadlock in smb2_find_smb_tcon() (Paulo Alcantara) [RHEL-36346 RHEL-57983]
+- cifs: Fix reacquisition of volume cookie on still-live connection (Paulo Alcantara) [RHEL-36346 RHEL-57983]
+Resolves: RHEL-36346, RHEL-57564, RHEL-65318
+
+* Fri Nov 01 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.13.1.el9_5]
+- efi: libstub: Move screen_info handling to common code (Maxim Levitsky) [RHEL-65344]
+- mpls: Reduce skb re-allocations due to skb_cow() (Guillaume Nault) [RHEL-61697]
+- mptcp: pm: Fix uaf in __timer_delete_sync (CKI Backport Bot) [RHEL-64678 RHEL-60737] {CVE-2024-46858}
+- ceph: fix cap ref leak via netfs init_request (Patrick Donnelly) [RHEL-62667 RHEL-61459]
+- gitlab-ci: provide consistent kcidb_tree_name (Michael Hofmann)
+Resolves: RHEL-61697, RHEL-62667, RHEL-64678, RHEL-65344
+
+* Thu Oct 24 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.12.1.el9_5]
+- net: nexthop: Initialize all fields in dumped nexthops (Antoine Tenart) [RHEL-55080] {CVE-2024-42283}
+- tracing/osnoise: Fix build when timerlat is not enabled (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- tracing/timerlat: Only clear timer if a kthread exists (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- tracing/osnoise: Use a cpumask to know what threads are kthreads (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- iommufd: Require drivers to supply the cache_invalidate_user ops (CKI Backport Bot) [RHEL-60681 RHEL-60761] {CVE-2024-46824}
+- Revert "fw loader: Remove the now superfluous sentinel element from ctl_table array" (Eric Chanudet) [RHEL-62925 RHEL-50129]
+- smb: client: fix hang in wait_for_response() for negproto (Jay Shin) [RHEL-61607 RHEL-57983]
+Resolves: RHEL-55080, RHEL-60681, RHEL-61607, RHEL-61870, RHEL-62925
+
 * Mon Sep 30 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.11.1.el9_5]
 - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56254] {CVE-2024-43892}
 - bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Michal Schmidt) [RHEL-57259] {CVE-2024-44984}
diff --git a/SOURCES/uki_addons.json b/SOURCES/uki_addons.json
index aaf8402bc..d82dc87d6 100644
--- a/SOURCES/uki_addons.json
+++ b/SOURCES/uki_addons.json
@@ -1,11 +1,11 @@
 {
     "virt": {
         "common": {
-            "fips-enable.addon": [
-                "fips=1\n"
-            ],
             "fips-disable.addon": [
                 "fips=0\n"
+            ],
+            "fips-enable.addon": [
+                "fips=1\n"
             ]
         }
     }
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index 41782b1af..24a99e2d5 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 503.11.1
+%define pkgrelease 503.14.1
 %define kversion 5
-%define tarfile_release 5.14.0-503.11.1.el9_5
+%define tarfile_release 5.14.0-503.14.1.el9_5
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 503.11.1%{?buildid}%{?dist}
+%define specrelease 503.14.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-503.11.1.el9_5
+%define kabiversion 5.14.0-503.14.1.el9_5
 
 #
 # End of genspec.sh variables
@@ -185,6 +185,7 @@ Summary: The Linux kernel
 # should not be exported to RPM provides
 %global __provides_exclude_from ^%{_libexecdir}/kselftests
 
+%define _with_kabidupchk 1
 %define _with_kabidupchk 1
 # The following build options are enabled by default, but may become disabled
 # by later architecture-specific checks. These can also be disabled by using
@@ -3790,20 +3791,36 @@ fi
 #
 #
 %changelog
-* Tue Nov 12 2024 Andrew Lukoshko <alukoshko@almalinux.org> [5.14.0-503.11.1.el9_5]
-- Import sources from CS9 (Andrew Lukoshko)
-- Merge: Add symbols to stablelist and enable check-kabi (Lucas Zampieri) [RHEL-56065]
-- Merge tag 'kernel-5.14.0-503.11.1.el9_5' into merge-up-9.5- (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.10.1.el9_5' into merge-up-9.5- (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.9.1.el9_5' into merge-up-9.5- (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.8.1.el9_5' into merge-up-9.5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.7.1.el9_5' into merge-up-9.5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.6.1.el9_5' into merge-up-9.5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.5.1.el9_5' into merge-up-9.5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.4.1.el9_5' into merge-up-9.5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.3.1.el9_5' into merge-up-kernel-5.14.0-503.3.1.el9_5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.2.1.el9_5' into merge-up-kernel-5.14.0-503.2.1.el9_5 (Lucas Zampieri)
-- Merge tag 'kernel-5.14.0-503.1.1.el9_5' from 9.5 (Lucas Zampieri)
+* Thu Nov 07 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.14.1.el9_5]
+- ext4: fix off by one issue in alloc_flex_gd() (Pavel Reichl) [RHEL-65318]
+- ping: fix address binding wrt vrf (Antoine Tenart) [RHEL-57564 RHEL-50920]
+- smb: client: stop flooding dmesg in smb2_calc_signature() (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: print failed session logoffs with FYI (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: propagate error from cifs_construct_tcon() (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: fix DFS failover in multiuser mounts (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: fix DFS interlink failover (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: improve purging of cached referrals (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: avoid unnecessary reconnects when refreshing referrals (Paulo Alcantara) [RHEL-36346 RHEL-61193]
+- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (Paulo Alcantara) [RHEL-36346 RHEL-57983]
+- smb: client: fix deadlock in smb2_find_smb_tcon() (Paulo Alcantara) [RHEL-36346 RHEL-57983]
+- cifs: Fix reacquisition of volume cookie on still-live connection (Paulo Alcantara) [RHEL-36346 RHEL-57983]
+
+* Fri Nov 01 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.13.1.el9_5]
+- efi: libstub: Move screen_info handling to common code (Maxim Levitsky) [RHEL-65344]
+- mpls: Reduce skb re-allocations due to skb_cow() (Guillaume Nault) [RHEL-61697]
+- mptcp: pm: Fix uaf in __timer_delete_sync (CKI Backport Bot) [RHEL-64678 RHEL-60737] {CVE-2024-46858}
+- ceph: fix cap ref leak via netfs init_request (Patrick Donnelly) [RHEL-62667 RHEL-61459]
+- gitlab-ci: provide consistent kcidb_tree_name (Michael Hofmann)
+
+* Thu Oct 24 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.12.1.el9_5]
+- net: nexthop: Initialize all fields in dumped nexthops (Antoine Tenart) [RHEL-55080] {CVE-2024-42283}
+- tracing/osnoise: Fix build when timerlat is not enabled (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- tracing/timerlat: Only clear timer if a kthread exists (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- tracing/osnoise: Use a cpumask to know what threads are kthreads (Tomas Glozar) [RHEL-61870 RHEL-39968]
+- iommufd: Require drivers to supply the cache_invalidate_user ops (CKI Backport Bot) [RHEL-60681 RHEL-60761] {CVE-2024-46824}
+- Revert "fw loader: Remove the now superfluous sentinel element from ctl_table array" (Eric Chanudet) [RHEL-62925 RHEL-50129]
+- smb: client: fix hang in wait_for_response() for negproto (Jay Shin) [RHEL-61607 RHEL-57983]
 
 * Mon Sep 30 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-503.11.1.el9_5]
 - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56254] {CVE-2024-43892}