5328e81ba0
* Mon Jun 08 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-714.el9]
- netfilter: nft_inner: Fix IPv6 inner_thoff desync (CKI Backport Bot) [RHEL-181932] {CVE-2026-46244}
- selinux: fix overlayfs mmap() and mprotect() access checks (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- lsm: add backing_file LSM hooks (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: prepare for adding LSM blob to backing_file (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- perf/core: Fix MMAP event path names with backing files (Ondrej Mosnacek) [RHEL-179443]
- ovl: remove redundant IOCB_DIO_CALLER_COMP clearing (Ondrej Mosnacek) [RHEL-179443]
- ovl: remove unneeded non-const conversion (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: constify file ptr in backing_file accessor helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- ovl: Fix nested backing file paths (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- lsm: add helper for blob allocations (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: factor out backing_file_mmap() helper (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: factor out backing_file_splice_{read,write}() helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: factor out backing_file_{read,write}_iter() helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: prepare for stackable filesystems backing file helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: store real path instead of fake path in backing file f_path (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: create helper file_user_path() for user displayed mapped file path (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: get mnt_writers count for an open backing file's real path (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: rename __mnt_{want,drop}_write*() helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: Fix kernel-doc warnings (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- cachefiles: use kiocb_{start,end}_write() helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- lsm: constify the 'file' parameter in security_binder_transfer_file() (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: move cleanup from init_file() into its callers (Ondrej Mosnacek) [RHEL-179443]
- ovl: enable fsnotify events on underlying real files (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: use backing_file container for internal files with "fake" f_path (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: move kmem_cache_zalloc() into alloc_empty_file*() helpers (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- fs: use a helper for opening kernel internal files (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- locks: fix TOCTOU race when granting write lease (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- binder: use cred instead of task for selinux checks (Ondrej Mosnacek) [RHEL-179443] {CVE-2026-46054}
- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178945] {CVE-2026-46243}
- x86/mce, EDAC/mce_amd: Add new SMCA bank types (David Arcari) [RHEL-100952]
- x86/mce, EDAC/mce_amd: Update CS bank type naming (David Arcari) [RHEL-100952]
- x86/mce, EDAC/mce_amd: Reorder SMCA bank type enums (David Arcari) [RHEL-100952]
- x86/mce/amd: Filter bogus hardware errors on Zen3 clients (David Arcari) [RHEL-100952]
- tracing: Make trace_define_field_ext() static (Gregory Bell) [RHEL-180602]
- tracing: Have type enum modifications copy the strings (Gregory Bell) [RHEL-180602]
- tracing: Fix TASK_COMM_LEN in trace event format file (Gregory Bell) [RHEL-180602]
- tracing: Have TRACE_DEFINE_ENUM affect trace event types as well (Gregory Bell) [RHEL-180602]
- ice: fix stats array overflow when VF requests more queues (Michal Schmidt) [RHEL-177522]
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173996] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173996] {CVE-2026-43125}
- i2c: tegra: Add support for Tegra410 (Mark Salter) [RHEL-143332]
- i2c: tegra: Add logic to support different register offsets (Mark Salter) [RHEL-143332]
- i2c: tegra: Introduce tegra_i2c_variant to identify DVC and VI (Mark Salter) [RHEL-143332]
- i2c: tegra: Don't mark devices with pins as IRQ safe (Mark Salter) [RHEL-143332]
- i2c: tegra: remove unused rst (Mark Salter) [RHEL-143332]
- i2c: tegra: Add Tegra264 support (Mark Salter) [RHEL-143332]
- i2c: tegra: Add support for SW mutex register (Mark Salter) [RHEL-143332]
- i2c: tegra: Add HS mode support (Mark Salter) [RHEL-143332]
- i2c: tegra: Update Tegra256 timing parameters (Mark Salter) [RHEL-143332]
- i2c: tegra: Use separate variables for fast and fastplus (Mark Salter) [RHEL-143332]
- i2c: tegra: Do not configure DMA if not supported (Mark Salter) [RHEL-143332]
- i2c: tegra: Add Tegra256 support (Mark Salter) [RHEL-143332]
- i2c: tegra: Remove dma_sync_*() calls (Mark Salter) [RHEL-143332]
- i2c: tegra: Add missing kernel-doc for dma_dev member (Mark Salter) [RHEL-143332]
- iavf: add VIRTCHNL_OP_ADD_VLAN to success completion handler (CKI Backport Bot) [RHEL-144630]
- iavf: wait for PF confirmation before removing VLAN filters (CKI Backport Bot) [RHEL-144630]
- iavf: stop removing VLAN filters from PF on interface down (CKI Backport Bot) [RHEL-144630]
- iavf: rename IAVF_VLAN_IS_NEW to IAVF_VLAN_ADDING (CKI Backport Bot) [RHEL-144630]
- iavf: fix VLAN filter lost on add/delete race (CKI Backport Bot) [RHEL-144630]
- ALSA: 6fire: fix use-after-free on disconnect (CKI Backport Bot) [RHEL-172970] {CVE-2026-31581}
- net: mana: fix use-after-free in add_adev() error path (CKI Backport Bot) [RHEL-172769] {CVE-2026-43056}
Resolves: RHEL-100952, RHEL-143332, RHEL-144630, RHEL-172769, RHEL-172970, RHEL-173996, RHEL-177522, RHEL-178945, RHEL-179443, RHEL-180602, RHEL-181932
Signed-off-by: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>
38 lines
1.4 KiB
Makefile
38 lines
1.4 KiB
Makefile
RHEL_MAJOR = 9
|
|
RHEL_MINOR = 9
|
|
|
|
#
|
|
# RHEL_RELEASE
|
|
# -------------
|
|
#
|
|
# Represents build number in 'release' part of RPM's name-version-release.
|
|
# name is <package_name>, e.g. kernel
|
|
# version is upstream kernel version this kernel is based on, e.g. 4.18.0
|
|
# release is <RHEL_RELEASE>.<dist_tag>[<buildid>], e.g. 100.el8
|
|
#
|
|
# Use this spot to avoid future merge conflicts.
|
|
# Do not trim this comment.
|
|
RHEL_RELEASE = 714
|
|
|
|
#
|
|
# ZSTREAM
|
|
# -------
|
|
#
|
|
# This variable controls whether we use zstream numbering or not for the
|
|
# package release. The zstream release keeps the build number of the last
|
|
# build done for ystream for the Beta milestone, and increments a second
|
|
# number for each build. The third number is used for branched builds
|
|
# (eg.: for builds with security fixes or hot fixes done outside of the
|
|
# batch release process).
|
|
#
|
|
# For example, with ZSTREAM unset or set to "no", all builds will contain
|
|
# a release with only the build number, eg.: kernel-<kernel version>-X.el*,
|
|
# where X is the build number. With ZSTREAM set to "yes", we will have
|
|
# builds with kernel-<kernel version>-X.Y.Z.el*, where X is the last
|
|
# RHEL_RELEASE number before ZSTREAM flag was set to yes, Y will now be the
|
|
# build number and Z will always be 1 except if you're doing a branched build
|
|
# (when you give RHDISTGIT_BRANCH on the command line, in which case the Z
|
|
# number will be incremented instead of the Y).
|
|
#
|
|
ZSTREAM ?= no
|