83c0ae3a04
* Tue Jul 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-478.el9]
- netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816]
- sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816]
- stm class: Fix a double free in stm_register_device() (David Arcari) [RHEL-44520] {CVE-2024-38627}
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44261] {CVE-2024-38543}
- netfilter: complete validation of user input (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
- netfilter: validate user input for expected length (Phil Sutter) [RHEL-37212] {CVE-2024-35896}
- xfs: fix reloading entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
- xfs: make inode unlinked bucket recovery work with quotacheck (Pavel Reichl) [RHEL-7990]
- xfs: reload entire unlinked bucket lists (Pavel Reichl) [RHEL-7990]
- xfs: use i_prev_unlinked to distinguish inodes that are not on the unlinked list (Pavel Reichl) [RHEL-7990]
- xfs: load uncached unlinked inodes into memory on demand (Pavel Reichl) [RHEL-7990]
- netfilter: nf_tables: Implement table adoption support (Phil Sutter) [RHEL-32120]
- netfilter: nf_tables: Introduce NFT_TABLE_F_PERSIST (Phil Sutter) [RHEL-32120]
- netfilter: uapi: Document NFT_TABLE_F_OWNER flag (Phil Sutter) [RHEL-32120]
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39781] {CVE-2024-36929}
- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39833]
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39833] {CVE-2024-36905}
- ppdev: Add an error check in register_device (Steve Best) [RHEL-39127] {CVE-2024-36015}
- ppdev: Remove usage of the deprecated ida_simple_xx() API (Steve Best) [RHEL-39127] {CVE-2024-36015}
- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37725] {CVE-2021-47384}
- of: module: prevent NULL pointer dereference in vsnprintf() (Steve Best) [RHEL-37254] {CVE-2024-35878}
Resolves: RHEL-28816, RHEL-32120, RHEL-37212, RHEL-37254, RHEL-37725, RHEL-39127, RHEL-39781, RHEL-39833, RHEL-44261, RHEL-44520, RHEL-7990
Signed-off-by: Lucas Zampieri <lzampier@redhat.com>
68 lines
2.3 KiB
Makefile
68 lines
2.3 KiB
Makefile
RHEL_MAJOR = 9
|
|
RHEL_MINOR = 5
|
|
|
|
#
|
|
# RHEL_RELEASE
|
|
# -------------
|
|
#
|
|
# Represents build number in 'release' part of RPM's name-version-release.
|
|
# name is <package_name>, e.g. kernel
|
|
# version is upstream kernel version this kernel is based on, e.g. 4.18.0
|
|
# release is <RHEL_RELEASE>.<dist_tag>[<buildid>], e.g. 100.el8
|
|
#
|
|
# Use this spot to avoid future merge conflicts.
|
|
# Do not trim this comment.
|
|
RHEL_RELEASE = 478
|
|
|
|
#
|
|
# ZSTREAM
|
|
# -------
|
|
#
|
|
# This variable controls whether we use zstream numbering or not for the
|
|
# package release. The zstream release keeps the build number of the last
|
|
# build done for ystream for the Beta milestone, and increments a second
|
|
# number for each build. The third number is used for branched builds
|
|
# (eg.: for builds with security fixes or hot fixes done outside of the
|
|
# batch release process).
|
|
#
|
|
# For example, with ZSTREAM unset or set to "no", all builds will contain
|
|
# a release with only the build number, eg.: kernel-<kernel version>-X.el*,
|
|
# where X is the build number. With ZSTREAM set to "yes", we will have
|
|
# builds with kernel-<kernel version>-X.Y.Z.el*, where X is the last
|
|
# RHEL_RELEASE number before ZSTREAM flag was set to yes, Y will now be the
|
|
# build number and Z will always be 1 except if you're doing a branched build
|
|
# (when you give RHDISTGIT_BRANCH on the command line, in which case the Z
|
|
# number will be incremented instead of the Y).
|
|
#
|
|
ZSTREAM ?= no
|
|
|
|
#
|
|
# Early y+1 numbering
|
|
# --------------------
|
|
#
|
|
# In early y+1 process, RHEL_RELEASE consists of 2 numbers: x.y
|
|
# First is RHEL_RELEASE inherited/merged from y as-is, second number
|
|
# is incremented with each build starting from 1. After merge from y,
|
|
# it resets back to 1. This way y+1 nvr reflects status of last merge.
|
|
#
|
|
# Example:
|
|
#
|
|
# rhel8.0 rhel-8.1
|
|
# kernel-4.18.0-58.el8 --> kernel-4.18.0-58.1.el8
|
|
# kernel-4.18.0-58.2.el8
|
|
# kernel-4.18.0-59.el8 kernel-4.18.0-59.1.el8
|
|
# kernel-4.18.0-60.el8
|
|
# kernel-4.18.0-61.el8 --> kernel-4.18.0-61.1.el8
|
|
#
|
|
#
|
|
# Use this spot to avoid future merge conflicts.
|
|
# Do not trim this comment.
|
|
EARLY_YSTREAM ?= no
|
|
EARLY_YBUILD:=
|
|
EARLY_YRELEASE:=
|
|
ifneq ("$(ZSTREAM)", "yes")
|
|
ifeq ("$(EARLY_YSTREAM)","yes")
|
|
RHEL_RELEASE:=$(RHEL_RELEASE).$(EARLY_YRELEASE)
|
|
endif
|
|
endif
|