From d8ed705dfa256a637569ba6cf1b55f07f580af69 Mon Sep 17 00:00:00 2001
From: rockyautomation <rockyautomation@rockylinux.org>
Date: Tue, 28 Nov 2023 19:33:55 +0000
Subject: [PATCH] import kernel-4.18.0-513.9.1.el8_9

---
 .kernel.checksum  |  2 +-
 .kernel.metadata  |  6 ++---
 SPECS/kernel.spec | 60 ++++++++++++++++++++++++++++++++++++++++++++---
 3 files changed, 61 insertions(+), 7 deletions(-)

diff --git a/.kernel.checksum b/.kernel.checksum
index ce76f49..baa3402 100644
--- a/.kernel.checksum
+++ b/.kernel.checksum
@@ -1 +1 @@
-62b4ae0b13fd4096557ee80ab85c9fe9b6b97f13a78f58f8f13b2c87e06e217c
+d2fee252a5747284bafb24adbeb61075cd318ada68ffa0173e1d98e2d7177e50
diff --git a/.kernel.metadata b/.kernel.metadata
index 648d29a..acad9fc 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -2,11 +2,11 @@
 0309a22825c8c0ee7a5a98041ab403cb0e6f13e81ce4d725680d53335dbf10c8 SOURCES/centossecureboot201.cer
 f1fdf7ae3924a187e0f30a502271cb8369f5f26b8032f026aef6fce7a113d1c4 SOURCES/centossecurebootca2.cer
 9996c73616ee42f13396c9abfb4b646b538c3c80940474b710afdbe53bf17d32 SOURCES/redhatsecurebootca3.cer
-45837edbc23f5f00d21a4b34db47ea2ca73af49ae5ec91be908d3cba5a71bcd2 SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
+3e29414c16e54d7e00ed4b717d009171e7122ba81c3237a56ef8a3f618de1541 SOURCES/kernel-abi-stablelists-4.18.0-513.tar.bz2
 24b8e5e6e88dd9dcfb528ff45fe4e8fe7fb47f187dc7add66bc221b9212eb1d3 SOURCES/redhatsecurebootca7.cer
-db9a76f18da669d354be6601b7683eb88a478b2e7a14f391e01b20e68962a2ad SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
+16dc031f2d89ae341db79211495e0064780f1e5759ec1c6a0cc7d6dac3ea2a1d SOURCES/kernel-kabi-dw-4.18.0-513.tar.bz2
 af61197112f29a3a52f3825d363fe3103dc98cad269763071ee86eb2aedc139b SOURCES/rheldup3.x509
-6779fa7ddc901b6ec58cb89621f9b2b16395641e4a08519e985fb71cc9b3324f SOURCES/linux-4.18.0-513.5.1.el8_9.tar.xz
+145d4af5d390e07c3add218d73b8f0e641b4967a56a331af4c2f37559678e940 SOURCES/linux-4.18.0-513.9.1.el8_9.tar.xz
 00d357cd7b0372fbd1e54fcdbcf380d92ac9e698d0082cab486a177ae4cd34bd SOURCES/redhatsecureboot302.cer
 c6d43c94bcbc73c81df3026bc201a88886b8ceebe98188cdb69bdd61bd6be287 SOURCES/redhatsecureboot303.cer
 81ccee9747e67dd8c5e5d08ba5b336da9b9bcdbff89422f5a8cc2fa450b3f03e SOURCES/redhatsecureboot501.cer
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index bfe42e2..52b5f29 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define rpmversion 4.18.0
-%define pkgrelease 513.5.1.el8_9
+%define pkgrelease 513.9.1.el8_9
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 513.5.1%{?dist}
+%define specrelease 513.9.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2682,7 +2682,7 @@ fi
 #
 #
 %changelog
-* Wed Nov 15 2023 Release Engineering <releng@rockylinux.org> - 4.18.0-513.5.1
+* Tue Nov 28 2023 Release Engineering <releng@rockylinux.org> - 4.18.0-513.9.1
 - Adding prod certs and changed cert date to 20210620 (Sherif Nagy)
 - Adding Rocky secure boot certs (Sherif Nagy)
 - Fixing vmlinuz removal (Sherif Nagy)
@@ -2691,6 +2691,60 @@ fi
 - Fixing pesign_key_name values (Sherif Nagy)
 - Debrand the kernel (Louis Abel)
 
+* Thu Nov 16 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.9.1.el8_9]
+- ice: reset first in crash dump kernels (Petr Oros) [2244625 2139761]
+- nvmet-tcp: Fix a possible UAF in queue intialization setup (John Meneghini) [RHEL-11507 RHEL-11509] {CVE-2023-5178}
+- block: check_events: don't bother with events if unsupported (Ming Lei) [RHEL-15052 RHEL-2407]
+- Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (Ming Lei) [RHEL-15052 RHEL-2407]
+- Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (Ming Lei) [RHEL-15052 RHEL-2407]
+- block: disk_events: introduce event flags (Ming Lei) [RHEL-15052 RHEL-2407]
+- block: genhd: remove async_events field (Ming Lei) [RHEL-15052 RHEL-2407]
+- net: virtio_net_hdr_to_skb: count transport header in UFO (Cindy Lu) [RHEL-16332 RHEL-6030]
+- x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5764 RHEL-3656]
+
+* Thu Nov 09 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.8.1.el8_9]
+- cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15159 RHEL-7930] {CVE-2023-1192}
+- ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-12371 RHEL-5742]
+- sched/rt: Fix bad task migration for rt tasks (Valentin Schneider) [RHEL-11682 RHEL-3872]
+- bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-13049 RHEL-7534] {CVE-2023-2163}
+
+* Thu Nov 02 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.7.1.el8_9]
+- sched/fair: Block nohz tick_stop when cfs bandwidth in use (Phil Auld) [RHEL-12723 RHEL-2527]
+- sched, cgroup: Restore meaning to hierarchical_quota (Phil Auld) [RHEL-12723 RHEL-2527]
+- sched/fair: Hide unused init_cfs_bandwidth() stub (Phil Auld) [RHEL-12723 RHEL-2527]
+
+* Thu Oct 26 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.6.1.el8_9]
+- redhat: fix bug/zjira sort in the changelog (Patrick Talbert)
+- CI: Remove unused kpet_tree_family (Nikolai Kondrashov)
+- redhat: set default zstream brew target for 8.9 (Patrick Talbert)
+- rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12689 RHEL-11241]
+- rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12689 RHEL-11241]
+- rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12689 RHEL-11241]
+- rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12689 RHEL-11241]
+- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
+- media: dvb_ca_en50221: fix a size write bug (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
+- media: dvb_ca_en50221: avoid speculation from CA slot (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
+- media: dvb-core: fix epoll() by calling poll_wait first (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
+- media: dvb_ca_en50221: off by one in dvb_ca_en50221_io_do_ioctl() (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919}
+- iavf: schedule a request immediately after add/delete vlan (Petr Oros) [2240750 2231174]
+- iavf: add iavf_schedule_aq_request() helper (Petr Oros) [2240750 2231174]
+- bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) [RHEL-6123 2229965]
+- media: dvb-core: Fix use-after-free due on race condition at dvb_net (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886}
+- media: dvb_net: avoid speculation from net slot (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886}
+- mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() (Rafael Aquini) [RHEL-11588 RHEL-3652]
+- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10393 RHEL-3379]
+- net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-12295 RHEL-7185] {CVE-2023-3812}
+- ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-11331 RHEL-10997]
+- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- media: dvbdev: fix refcnt bug (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- media: dvbdev: adopts refcnt to avoid UAF (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- media: dvbdev: fix error logic at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- media: dvbdev: Fix memleak in dvb_register_device (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- media: media/dvb: Use kmemdup rather than duplicating its implementation (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- media: dvbdev: remove double-unlock (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884}
+- bpf: Adjust insufficient default bpf_jit_limit (Viktor Malik) [2243011 2219567]
+- bpf: Prevent increasing bpf_jit_limit above max (Viktor Malik) [2243011 2219567]
+
 * Fri Sep 29 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.5.1.el8_9]
 - redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski)
 - Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539]
-- 
GitLab