import CS kernel-4.18.0-553.76.1.el8

2025-09-23 08:53:51 +00:00 · 2025-09-23 08:53:51 +00:00 · 37821a94c6
commit 37821a94c6
parent d0b8bf1a5d
3 changed files with 15 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,7 +2,7 @@ SOURCES/centossecureboot201.cer
 SOURCES/centossecurebootca2.cer
 SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2
-SOURCES/linux-4.18.0-553.75.1.el8_10.tar.xz
+SOURCES/linux-4.18.0-553.76.1.el8_10.tar.xz
 SOURCES/redhatsecureboot302.cer
 SOURCES/redhatsecureboot303.cer
 SOURCES/redhatsecureboot501.cer
--- a/.kernel.metadata
+++ b/.kernel.metadata
@ -1,8 +1,8 @@
 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
-c33e2395f595838bf4053586856e64360c1ad3ca SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
+3b8f59efde5235edfd2294bf667ddd6497e0a08e SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
 2318474e4033305aa0461e29d5962ca0a5dc24cb SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2
-384986928451721c34b84382152a380a89b08389 SOURCES/linux-4.18.0-553.75.1.el8_10.tar.xz
+9e0a8c678228941f1e20762eb20f1b18f37c8bee SOURCES/linux-4.18.0-553.76.1.el8_10.tar.xz
 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
 e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
 ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@ -38,10 +38,10 @@
 # define buildid .local

 %define specversion 4.18.0
-%define pkgrelease 553.75.1.el8_10
+%define pkgrelease 553.76.1.el8_10

 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.75.1%{?dist}
+%define specrelease 553.76.1%{?dist}

 %define pkg_release %{specrelease}%{?buildid}

@ -2705,6 +2705,16 @@ fi
 #
 #
 %changelog
+* Sun Sep 14 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.76.1.el8_10]
+- HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- HID: simplify snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- HID: core: fix shift-out-of-bounds in hid_report_raw_event (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
+- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-107299] {CVE-2025-38498}
+- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-107299] {CVE-2025-38498}
+- xfs: make sure sb_fdblocks is non-negative (Pavel Reichl) [RHEL-104193]
+- vsock: Fix transport_* TOCTOU (CKI Backport Bot) [RHEL-105991] {CVE-2025-38461}
+
 * Tue Sep 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.75.1.el8_10]
 - Revert "module, async: async_synchronize_full() on module init iff async is used" (Herton R. Krzesinski) [RHEL-99812]
 - mm/page_alloc: make sure free_pcppages_bulk() bails when given count < 0 (Rafael Aquini) [RHEL-85453]