diff --git a/.gitignore b/.gitignore index d30278e..e57ca9f 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,7 @@ SOURCES/centossecureboot201.cer SOURCES/centossecurebootca2.cer SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2 -SOURCES/linux-4.18.0-553.52.1.el8_10.tar.xz +SOURCES/linux-4.18.0-553.53.1.el8_10.tar.xz SOURCES/redhatsecureboot302.cer SOURCES/redhatsecureboot303.cer SOURCES/redhatsecureboot501.cer diff --git a/.kernel.metadata b/.kernel.metadata index 6667888..9b4dc12 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,8 +1,8 @@ 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer -1a5c1deaa8c541984aef32b3554940292e99d268 SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2 +37d4b06f6d4afca4ff69d21ccab82f8a656a1f0d SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2 2318474e4033305aa0461e29d5962ca0a5dc24cb SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2 -2c957b7d8e363062cc6735acf36b62fad232d854 SOURCES/linux-4.18.0-553.52.1.el8_10.tar.xz +7dc3075935e000fffe9e1e0a8321721eaaf9d054 SOURCES/linux-4.18.0-553.53.1.el8_10.tar.xz 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 3a8e944..5575f7a 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.52.1.el8_10 +%define pkgrelease 553.53.1.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.52.1%{?dist} +%define specrelease 553.53.1%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2696,6 +2696,25 @@ fi # # %changelog +* Fri May 09 2025 Denys Vlasenko [4.18.0-553.53.1.el8_10] +- net/mlx5: Always stop health timer during driver removal (Michal Schmidt) [RHEL-47712] {CVE-2024-40906} +- net/mlx5: Split function_setup() to enable and open functions (Michal Schmidt) [RHEL-47712] +- net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Michal Schmidt) [RHEL-57117] {CVE-2024-44970} +- net/mlx5e: SHAMPO, Fix incorrect page release (Michal Schmidt) [RHEL-57117] {CVE-2024-46717} +- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-88819] +- platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object parsing more robust (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Cleanup create_attributes_level_sysfs_files() (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Make sysman_init() return -ENODEV of the interfaces are not found (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Cleanup sysman_init() error-exit handling (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Fix release_attributes_data() getting called twice on init_bios_attributes() failure (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Make it safe to call exit_foo_attributes() multiple times (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Fix possible NULL pointer deref on exit (Jay Shin) [RHEL-88714] +- platform/x86: dell-wmi-sysman: Fix crash caused by calling kset_unregister twice (Jay Shin) [RHEL-88714] +- x86/kexec: Add EFI config table identity mapping for kexec kernel (Herton R. Krzesinski) [RHEL-71793] +- vsock: Orphan socket after transport release (Jay Shin) [RHEL-89099] {CVE-2025-21756} +- vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89099] {CVE-2025-21756} +- bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89099] {CVE-2025-21756} + * Thu May 01 2025 Denys Vlasenko [4.18.0-553.52.1.el8_10.gfd1b] - netfilter: ipset: add missing range check in bitmap_ip_uadt (Florian Westphal) [RHEL-70268] {CVE-2024-53141} - NFS: Extend rdirplus mount option with "force|none" (Benjamin Coddington) [RHEL-16285]